Author Topic: Annoying virus keeps reappearing (Read 1557 times)

Brenneka · « **on:** July 16, 2010, 04:17:38 PM »

Hi, I've recently found out that I'm infected with some kind of a virus. After realising that, I ran a scan with ESET Online Scanner (log below), and it found a few infected files and removed them, but every time I reboot my PC a new infected file appears to be running. All of the virus' files seem to be recreating in the folder C:\Documents and Settings\×¢×“×Ÿ\Local Settings\temp\ but I'm not completely sure that there is no other ones in other folders as well. The files were named 2.exe and 3.exe and they had an envelope icon. ESET removed the file when I ran the scan, and after I rebooted I deleted the file myself.

Here's the ESET Online Scanner Log:

# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=39bab8fa442c19429180bc8f8a36ea6d
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-07-16 09:53:07
# local_time=2010-07-16 12:53:07 )
# country="Israel"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 34955561 34955561 0 0
# compatibility_mode=8192 67108863 100 0 33152118 33152118 0 0
# scanned=71617
# found=8
# cleaned=7
# scan_time=3131
C:\Documents and Settings\×¢×“×Ÿ\Application Data\MaxKO.exe   Win32/PSW.Fignotok.B trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000   C
C:\Documents and Settings\×¢×“×Ÿ\Local Settings\temp\service.exe   a variant of Win32/Kryptik.FJP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000   C
C:\Documents and Settings\×¢×“×Ÿ\Local Settings\temp\svcnost.exe   Win32/TrojanDownloader.Delf.POH trojan (cleaned by deleting (after the next restart) - quarantined)   00000000000000000000000000000000   C
C:\Documents and Settings\×¢×“×Ÿ\Local Settings\temp\tmp77373732727.tmp   Win32/TrojanDownloader.Delf.POH trojan (cleaned by deleting - quarantined)   00000000000000000000000000000000   C
C:\Documents and Settings\×¢×“×Ÿ\My Documents\Matroska\Wizard-1.2\dll\libcharset.dll   probably a variant of Win32/Spy.Banker trojan (cleaned by deleting - quarantined)   00000000000000000000000000000000   C
C:\Program Files\VentriloMIX\Ventrilo 2.2.0.exe   probably a variant of Win32/Agent trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000   C
C:\WINDOWS\system32\userinit.exe   Win32/TrojanDownloader.Delf.POH trojan (unable to clean)   00000000000000000000000000000000   I
C:\WINDOWS\system32\Com\svchost.exe   a variant of Win32/Kryptik.FJP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000   C
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=39bab8fa442c19429180bc8f8a36ea6d
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-07-16 10:59:11
# local_time=2010-07-16 01:59:11 )
# country="Israel"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 34961357 34961357 0 0
# compatibility_mode=8192 67108863 100 0 33157914 33157914 0 0
# scanned=34584
# found=1
# cleaned=1
# scan_time=1302
C:\Documents and Settings\×¢×“×Ÿ\Local Settings\temp\NODBE.tmp   Win32/TrojanDownloader.Delf.POH trojan (cleaned by deleting - quarantined)   00000000000000000000000000000000   C
esets_scanner_update returned -1 esets_gle=53251

I also ran a scan with HijackThis, but nothing seemed suspicious so I won't bother with that.
I rebooted the PC to take a screenshot and show you how the files look like: http://i26.tinypic.com/25f1uoi.jpg

Any help is greatly appreciated! Thanks in advance.

guestolo · « **Reply #1 on:** July 16, 2010, 10:30:14 PM »

Download [color="#FF0000"]OTL.exe[/color][/url] by OldTimer to your Desktop.

Close all windows and double click on OTL.exe to run it
Click Run Scan and let the program run uninterrupted.
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
You may need to use two posts to get it all.

Brenneka · « **Reply #2 on:** July 17, 2010, 02:20:32 AM »

Both logs are attached to this reply. Thanks again!

#Edit: I ran a full complete scan with SuperAntiSpyware and it seems to have removed one of the reappearing files (there is another one still, 4.exe, which it didn't detect in the scan), and also two other trojans. Here's the log:

Memory items scanned : 448
Memory threats detected : 0
Registry items scanned : 7496
Registry threats detected : 0
File items scanned : 22438
File threats detected : 3

Trojan.Agent/Gen-MailPassView
   C:\DOCUMENTS AND SETTINGS\עדן\LOCAL SETTINGS\TEMP\3.EXE

Trojan.Agent/Gen-Krpytik
   C:\SYSTEM VOLUME INFORMATION\_RESTORE{0D1368F3-4705-4684-A322-DC445637B4F1}\RP640\A1162847.EXE

Trojan.Agent/Gen
   C:\SYSTEM VOLUME INFORMATION\_RESTORE{0D1368F3-4705-4684-A322-DC445637B4F1}\RP644\A1163187.EXE

OTL logfile created on: 17/07/2010 10:11:45 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\עדן\שולחן העבודה
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040D | Country: ישראל | Language: HEB | Date Format: dd/MM/yyyy

511.00 Mb Total Physical Memory | 266.00 Mb Available Physical Memory | 52.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 1.57 Gb Free Space | 1.40% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TAP-7409E23BDD
Current User Name: עדן
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/17 10:10:14 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\עדן\שולחן העבודה\OTL.exe
PRC - [2010/07/17 09:50:31 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\44371c0f-58c5-4c7b-9bd4-12ac96b5e9ba.com
PRC - [2010/06/27 19:08:29 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Documents and Settings\עדן\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe
PRC - [2008/04/14 05:17:44 | 001,429,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 20:39:20 | 000,049,152 | ---- | M] (artArmin) -- C:\Program Files\Vista Drive Icon\DrvIcon.exe
PRC - [2004/09/16 15:39:44 | 000,069,632 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE

========== Modules (SafeList) ==========

MOD - [2010/07/17 10:10:14 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\עדן\שולחן העבודה\OTL.exe
MOD - [2008/04/14 05:16:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XTrapD12.sys -- (XTrapD12)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva136.sys -- (XDva136)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva090.sys -- (XDva090)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva089.sys -- (XDva089)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva078.sys -- (XDva078)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva062.sys -- (XDva062)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva054.sys -- (XDva054)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva049.sys -- (XDva049)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva041.sys -- (XDva041)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva039.sys -- (XDva039)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva033.sys -- (XDva033)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva032.sys -- (XDva032)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva031.sys -- (XDva031)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva025.sys -- (XDva025)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva020.sys -- (XDva020)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva010.sys -- (XDva010)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva009.sys -- (XDva009)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva007.sys -- (XDva007)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva002.sys -- (XDva002)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys -- (SABKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Gravity\SpiritusRO\npkcrypt.sys -- (npkcrypt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\9E2D~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/05/10 21:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 21:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/10/27 13:26:38 | 000,077,608 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NEOFLTR_640_14811.sys -- (NEOFLTR_640_14811) Juniper Networks TDI Filter Driver (NEOFLTR_640_14811)
DRV - [2008/04/13 21:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 21:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/01 16:53:43 | 000,715,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2004/09/30 08:35:00 | 002,743,840 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/09/21 14:53:18 | 002,278,784 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2002/12/18 19:13:34 | 000,122,121 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw)
DRV - [2002/11/18 15:29:26 | 000,399,700 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dumant.sys -- (DumaNT)
DRV - [2002/10/11 11:19:00 | 000,046,551 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys)
DRV - [2001/09/18 15:26:38 | 000,153,631 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xnd5.sys -- (EL90X)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/06/19 11:44:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/17 09:18:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/16 20:18:27 | 000,000,000 | ---D | M]

[2009/06/13 12:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\עדן\Application Data\Mozilla\Extensions
[2009/11/08 21:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\עדן\Application Data\Mozilla\Firefox\Profiles\sx612zxc.default\extensions
[2009/07/13 17:12:02 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\עדן\Application Data\Mozilla\Firefox\Profiles\sx612zxc.default\searchplugins\icqplugin.xml
[2010/07/16 20:18:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/16 20:18:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/16 20:17:54 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/01/04 18:36:50 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2008/01/04 18:36:50 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2008/09/22 22:14:04 | 000,000,759 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2008/01/04 18:36:50 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/01/04 23:40:48 | 000,000,849 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &יצא ל- Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {03EC4525-6918-4674-9EFF-738EEB3E189F} http://maxshein10.cctvuser.com/plusviewer.cab (PlusViewer Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1202306177953 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} http://www.crucial.com/controls/cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://ssl.sonol.co.il/dana-cached/setup/JuniperSetupSP1.cab (JuniperSetupSP1 Control)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://ssl.sonol.co.il/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\http - No CLSID value found
O18 - Protocol\Handler\https - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (sevenui.exe) - C:\WINDOWS\System32\sevenui.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (דף הבית הנוכחי שלי) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\עדן\My Documents\My Pictures\2.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\עדן\My Documents\My Pictures\2.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 19:13:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a1aca993-c3bb-11de-8dbc-00104b360a8e}\Shell\AutoRun\command - "" = G:\RECYCLER\usbassist.exe -- File not found
O33 - MountPoints2\{a1aca993-c3bb-11de-8dbc-00104b360a8e}\Shell\opEN\CoMmanD - "" = G:\RECYCLER\usbassist.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/17 10:10:14 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\עדן\שולחן העבודה\OTL.exe
[2010/07/16 22:47:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\עדן\Application Data\SUPERAntiSpyware.com
[2010/07/16 22:47:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
[2010/07/16 22:46:59 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/07/16 22:42:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\עדן\שולחן העבודה\SAP.v4.36.1006
[2010/07/16 22:41:31 | 009,070,944 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\עדן\שולחן העבודה\SUPERAntiSpywarePro.exe
[2010/07/16 22:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/07/16 20:19:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sun
[2010/07/16 20:18:27 | 000,073,728 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/16 20:18:26 | 000,423,656 | ---- | C] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/16 20:18:26 | 000,153,376 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010/07/16 20:18:26 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010/07/16 20:18:26 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010/07/16 16:48:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\עדן\Application Data\Uniblue
[2010/07/14 13:58:52 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/07/11 23:37:36 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2010/06/19 22:31:38 | 000,000,000 | ---D | C] -- C:\Program Files\SexyKO
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/17 10:13:06 | 000,000,960 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-261903793-1801674531-1004UA.job
[2010/07/17 10:10:14 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\עדן\שולחן העבודה\OTL.exe
[2010/07/17 10:03:28 | 000,000,854 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/17 10:03:28 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/17 10:03:28 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/07/17 09:05:44 | 000,007,883 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/07/17 09:05:39 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/17 09:05:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/17 09:05:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/17 09:04:59 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/17 00:20:41 | 012,582,912 | ---- | M] () -- C:\Documents and Settings\עדן\ntuser.dat
[2010/07/17 00:20:41 | 000,000,306 | -HS- | M] () -- C:\Documents and Settings\עדן\ntuser.ini
[2010/07/16 23:11:15 | 000,013,205 | ---- | M] () -- C:\Documents and Settings\עדן\שולחן העבודה\asd.JPG
[2010/07/16 22:47:04 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\שולחן העבודה\SUPERAntiSpyware Professional.lnk
[2010/07/16 22:41:46 | 000,277,459 | ---- | M] () -- C:\Documents and Settings\עדן\שולחן העבודה\SAP.v4.36.1006.rar
[2010/07/16 22:41:31 | 009,070,944 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\עדן\שולחן העבודה\SUPERAntiSpywarePro.exe
[2010/07/16 20:17:53 | 000,423,656 | ---- | M] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/16 20:17:53 | 000,153,376 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010/07/16 20:17:53 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010/07/16 20:17:53 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010/07/16 20:17:53 | 000,073,728 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/16 19:13:01 | 000,000,908 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-261903793-1801674531-1004Core.job
[2010/07/16 14:32:33 | 003,147,656 | -H-- | M] () -- C:\Documents and Settings\עדן\Local Settings\Application Data\IconCache.db
[2010/07/15 18:20:26 | 000,000,372 | ---- | M] () -- C:\Documents and Settings\עדן\My Documents\spider.sav
[2010/07/15 15:31:48 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\עדן\Application Data\Microsoft\Internet Explorer\Quick Launch\הפעל את Microsoft Outlook.lnk
[2010/07/14 13:16:57 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/07/13 21:56:57 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\שולחן העבודה\Mp3tag.lnk
[2010/07/11 23:37:42 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\שולחן העבודה\TeamSpeak 3 Client.lnk
[2010/07/06 17:43:33 | 106,954,753 | ---- | M] () -- C:\Documents and Settings\עדן\שולחן העבודה\VDay.2010.720p.700MB.ShAaNiG.part1.rar
[2010/06/24 00:15:29 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/24 00:15:29 | 000,345,584 | ---- | M] () -- C:\WINDOWS\System32\perfh00d.dat
[2010/06/24 00:15:29 | 000,067,296 | ---- | M] () -- C:\WINDOWS\System32\perfc00d.dat
[2010/06/24 00:15:28 | 000,888,296 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/24 00:15:28 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/24 00:12:25 | 000,001,776 | ---- | M] () -- C:\Documents and Settings\עדן\שולחן העבודה\Adobe Photoshop CS2.lnk
[2010/06/20 09:38:55 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\עדן\שולחן העבודה\קיצור דרך אל ‎Launcher.exe.lnk
[2010/06/19 23:43:51 | 000,182,272 | ---- | M] () -- C:\Documents and Settings\עדן\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/16 23:11:15 | 000,013,205 | ---- | C] () -- C:\Documents and Settings\עדן\שולחן העבודה\asd.JPG
[2010/07/16 22:47:04 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\שולחן העבודה\SUPERAntiSpyware Professional.lnk
[2010/07/16 22:41:46 | 000,277,459 | ---- | C] () -- C:\Documents and Settings\עדן\שולחן העבודה\SAP.v4.36.1006.rar
[2010/07/15 18:20:26 | 000,000,372 | ---- | C] () -- C:\Documents and Settings\עדן\My Documents\spider.sav
[2010/07/11 23:37:42 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\שולחן העבודה\TeamSpeak 3 Client.lnk
[2010/07/06 17:43:09 | 106,954,753 | ---- | C] () -- C:\Documents and Settings\עדן\שולחן העבודה\VDay.2010.720p.700MB.ShAaNiG.part1.rar
[2010/06/24 00:12:25 | 000,001,776 | ---- | C] () -- C:\Documents and Settings\עדן\שולחן העבודה\Adobe Photoshop CS2.lnk
[2010/06/20 09:38:55 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\עדן\שולחן העבודה\קיצור דרך אל ‎Launcher.exe.lnk
[2009/11/30 22:33:46 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009/11/26 22:41:03 | 000,258,048 | ---- | C] () -- C:\WINDOWS\libFLAC.dll
[2009/09/07 12:40:20 | 000,070,236 | ---- | C] () -- C:\WINDOWS\System32\rus_lang_plusviewer.ini
[2009/09/07 12:40:20 | 000,033,899 | ---- | C] () -- C:\WINDOWS\System32\rus_lang_setupmng.ini
[2009/07/28 12:37:46 | 000,072,342 | ---- | C] () -- C:\WINDOWS\System32\spn_lang_plusviewer.ini
[2009/07/10 13:43:46 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\spn_lang_setupmng.ini
[2009/07/10 13:43:40 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\prt_lang_setupmng.ini
[2009/07/10 13:43:34 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\pol_lang_setupmng.ini
[2009/07/10 13:43:28 | 000,033,110 | ---- | C] () -- C:\WINDOWS\System32\kor_lang_setupmng.ini
[2009/07/10 13:43:24 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\jpn_lang_setupmng.ini
[2009/07/10 13:43:18 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\heb_lang_setupmng.ini
[2009/07/10 13:43:12 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\eng_lang_setupmng.ini
[2009/07/10 13:43:06 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\chat_lang_setupmng.ini
[2009/07/10 13:43:00 | 000,033,761 | ---- | C] () -- C:\WINDOWS\System32\chas_lang_setupmng.ini
[2009/07/06 15:19:10 | 000,054,028 | ---- | C] () -- C:\WINDOWS\System32\chas_lang_plusviewer.ini
[2009/07/02 18:20:40 | 000,054,080 | ---- | C] () -- C:\WINDOWS\System32\chat_lang_plusviewer.ini
[2009/06/29 15:24:20 | 000,033,357 | ---- | C] () -- C:\WINDOWS\System32\eng_lang_plusviewer.ini
[2009/06/19 11:30:40 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009/06/18 15:27:28 | 000,032,762 | ---- | C] () -- C:\WINDOWS\System32\kor_lang_plusviewer.ini
[2009/06/18 15:27:06 | 000,033,285 | ---- | C] () -- C:\WINDOWS\System32\jpn_lang_plusviewer.ini
[2009/06/16 17:52:50 | 000,066,734 | ---- | C] () -- C:\WINDOWS\System32\prt_lang_plusviewer.ini
[2009/03/12 19:13:50 | 000,064,436 | ---- | C] () -- C:\WINDOWS\System32\heb_lang_plusviewer.ini
[2009/03/11 12:08:48 | 000,033,234 | ---- | C] () -- C:\WINDOWS\System32\pol_lang_plusviewer.ini
[2008/06/16 18:17:50 | 000,098,892 | ---- | C] () -- C:\WINDOWS\System32\PPPoEWin.sys
[2008/06/16 18:17:50 | 000,098,892 | ---- | C] () -- C:\WINDOWS\System32\drivers\PPPoEWin.sys
[2007/05/12 12:01:25 | 000,715,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/03/21 17:30:52 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\mp4dec2avi.dll
[2006/12/02 21:50:05 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/11/19 20:14:09 | 000,000,072 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2006/10/30 21:28:05 | 000,000,068 | ---- | C] () -- C:\WINDOWS\rootcracker.ini
[2006/02/23 21:00:26 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2006/02/21 15:18:59 | 000,000,139 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2006/01/28 18:19:35 | 000,000,039 | ---- | C] () -- C:\WINDOWS\ideq32.ini
[2006/01/26 20:19:42 | 000,000,026 | ---- | C] () -- C:\WINDOWS\NeoSetup.INI
[2006/01/26 16:08:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2006/01/12 19:53:18 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\memtest.dll
[2006/01/12 19:53:17 | 000,039,208 | R--- | C] () -- C:\WINDOWS\System32\drivers\vgauti.sys
[2006/01/12 19:53:17 | 000,039,208 | R--- | C] () -- C:\WINDOWS\System32\drivers\msicpl.sys
[2006/01/02 21:21:44 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\cwsmaf40.dll
[2006/01/02 21:21:43 | 001,097,728 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2006/01/02 21:21:43 | 001,003,520 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2006/01/02 21:21:43 | 000,511,488 | ---- | C] () -- C:\WINDOWS\System32\pwmdtl40.dll
[2006/01/02 21:21:43 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/01/02 21:21:43 | 000,182,784 | ---- | C] () -- C:\WINDOWS\System32\DGVorbis.dll
[2006/01/02 21:21:43 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\Mp3dec.dll
[2006/01/02 21:21:43 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\cwpwmd10.dll
[2006/01/02 21:21:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\MP3enc.dll
[2006/01/02 21:21:43 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll
[2006/01/02 21:21:43 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005/12/08 13:52:38 | 000,000,651 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/08 12:57:41 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2005/12/08 12:57:37 | 000,000,331 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2005/12/08 12:57:33 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL
[2005/03/10 21:47:18 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\rfmp4dec.dll
[2004/12/14 14:04:48 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/14 14:02:49 | 001,175,552 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/09/16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/09/16 14:26:40 | 000,012,634 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2004/05/31 15:39:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\rfg726.dll
[2004/01/19 18:17:58 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\mwmp4dec.dll
[2002/11/18 15:29:28 | 000,368,640 | ---- | C] () -- C:\WINDOWS\System32\nvimage.dll
[2002/11/18 15:29:28 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\stereoi.dll
[2002/03/21 14:51:52 | 000,503,808 | R--- | C] () -- C:\WINDOWS\System32\lt_xtrans.dll
[2002/03/21 14:51:52 | 000,286,720 | R--- | C] () -- C:\WINDOWS\System32\MrSIDD.dll
[2002/03/21 14:51:52 | 000,163,840 | R--- | C] () -- C:\WINDOWS\System32\lt_common.dll
[2002/03/21 14:51:52 | 000,126,976 | R--- | C] () -- C:\WINDOWS\System32\lt_trans.dll
[2002/03/21 14:51:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\lt_meta.dll
[2002/03/21 14:51:52 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\lt_encrypt.dll
[2002/03/21 14:51:52 | 000,020,480 | R--- | C] () -- C:\WINDOWS\System32\lt_messagetext.dll
[2002/03/20 23:01:06 | 000,006,688 | R--- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002/03/20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002/03/20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002/03/20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002/03/20 23:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll
[2002/03/13 17:46:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[1996/04/03 22:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 219 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:0F8F5844
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:4295826C
< End of report >

OTL Extras logfile created on: 17/07/2010 10:11:45 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\עדן\שולחן העבודה
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040D | Country: ישראל | Language: HEB | Date Format: dd/MM/yyyy

511.00 Mb Total Physical Memory | 266.00 Mb Available Physical Memory | 52.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.78 Gb Total Space | 1.57 Gb Free Space | 1.40% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TAP-7409E23BDD
Current User Name: עדן
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\5.0\ACDSee5.exe" "%1" (ACD Systems, Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Scan with Ad-aware...] -- "C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe" "%1" "+SD" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 1
"UpdatesDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\FlashFXP\FlashFXP.exe" = C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Tactical Ops\TacticalOps 3\System\TacticalOps.exe" = C:\Program Files\Tactical Ops\TacticalOps 3\System\TacticalOps.exe:*:Enabled:TacticalOps -- ()
"C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Documents and Settings\עדן\Application Data\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe" = C:\Documents and Settings\עדן\Application Data\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe:*:Enabled:Juniper Terminal Services Client -- (Juniper Networks)
"C:\Program Files\Juniper Networks\Secure Application Manager\dsSamProxy.exe" = C:\Program Files\Juniper Networks\Secure Application Manager\dsSamProxy.exe:*:Enabled:Secure Application Manager Proxy -- (Juniper Networks)
"C:\Program Files\Tactical Ops\TacticalOps 4\System\TacticalOps.exe" = C:\Program Files\Tactical Ops\TacticalOps 4\System\TacticalOps.exe:*:Enabled:TacticalOps -- ()
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Xfire\Xfire.exe" = C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"C:\UnrealTournament\System\UnrealTournament.exe" = C:\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament -- File not found
"C:\Program Files\eMule.co.il\Fire eMule 7\eMule.exe" = C:\Program Files\eMule.co.il\Fire eMule 7\eMule.exe:*:Enabled:eMule -- File not found
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\Teamspeak2_RC2_Server\server_windows.exe" = C:\Program Files\Teamspeak2_RC2_Server\server_windows.exe:*:Enabled:Server -- File not found
"C:\Documents and Settings\עדן\שולחן העבודה\wormsarm\WA.exe" = C:\Documents and Settings\עדן\שולחן העבודה\wormsarm\WA.exe:*:Disabled:Worms Armageddon -- File not found
"C:\Documents and Settings\עדן\Application Data\GameRanger\GameRanger\GameRanger.exe" = C:\Documents and Settings\עדן\Application Data\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger -- File not found
"C:\Documents and Settings\עדן\שולחן העבודה\WWPBy FeuoZz For HorAdoT.nEt\wwp.exe" = C:\Documents and Settings\עדן\שולחן העבודה\WWPBy FeuoZz For HorAdoT.nEt\wwp.exe:*:Enabled:Worms World Party -- File not found
"C:\Program Files\UT2004\System\UT2004.exe" = C:\Program Files\UT2004\System\UT2004.exe:*:Enabled:UT2004 -- ()
"C:\Program Files\FlashFXP\FlashFXP.exe" = C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\UnisonPlay\UniFS.exe" = C:\Program Files\UnisonPlay\UniFS.exe:*:Enabled:UniFS Media - UniFS.exe -- File not found
"" = :*:Enabled:ldrsoft
"C:\Documents and Settings\עדן\Local Settings\temp\957822.exe" = C:\Documents and Settings\עדן\Local Settings\temp\957822.exe:*:Disabled:957822 -- File not found

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{035D48BB-503E-4F09-9D52-EC57D3411DDC}" = Windows Live Essentials
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = כלי ההעלאה של Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{350C97B4-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38E0C491-5230-4373-B62E-F1A6E94B1033}" = Nero 7 Ultra Edition
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CEA4CA8-CDD4-451C-B673-E8F17BE01B15}" = Ulead COOL 360 1.0
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = ECI USB ADSL
"{4B719A70-F14A-4f5c-90B5-346B24B7FFF1}" = Windows 7 Upgrade Advisor
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{634328D0-C948-4C4D-BDE9-58015B941648}" = Windows Live Messenger
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.8.0.193j
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7784A172-61F1-445E-8368-601607E0DD22}" = MP3 Player Utilities 3.73
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{885A5214-9CDD-40E0-A89D-7672588748E1}" = Windows Live Call
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0020-040D-0000-0000000FF1CE}" = חבילת תאימות עבור מהדורת 2007 של מערכת Office
"{9028040D-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional עם FrontPage
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95774351-6087-3A3B-8CA8-70BEE49D2BD5}" = Google Gears
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0D6AA15-66B9-41BE-BA85-17EB8C84A685}" = Knight Online
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A34386F8-7655-4E3B-9F51-D3064F607C89}" = blaxxun Contact
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF5E8D43-49AD-4BE7-A941-2BB0A8CACA62}" = ACDSee 5.0 Standard
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BCBA462D-3E1B-416C-89F8-492020D4BBF4}" = מסייע הכניסה של Windows Live
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D271DAE0-8D68-4C97-8356-A126D48A1D8C}" = Ulead Photo Explorer 8.0 SE Basic
"{DF3E37E0-06D5-4A1B-A264-BD2B7E30B458}" = Knight Online
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"7-Zip" = 7-Zip 9.10 beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"dBpoweramp AAC Encoder" = dBpoweramp AAC Encoder
"dBpoweramp CD Writer" = dBpoweramp CD Writer
"dBpoweramp DirectShow Decoder" = dBpoweramp DirectShow Decoder
"dBpoweramp DSP Effects" = dBpoweramp DSP Effects
"dBpoweramp FLAC Codec" = dBpoweramp FLAC Codec
"dBpoweramp m4a Codec" = dBpoweramp m4a Codec
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ESE_Registration" = ESE Account Manager (remove only)
"ESET Online Scanner" = ESET Online Scanner v3
"Fraps" = Fraps (remove only)
"getPlus(R)_ocx" = getPlus(R)_ocx
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"MKVtoolnix" = MKVtoolnix 2.9.8
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"Mp3 Audio Editor" = Mp3 Audio Editor
"Mp3tag" = Mp3tag v2.46a
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Windows 95/98/ME/2000/XP Stereo Drivers
"Ogg Codecs" = Ogg Codecs 0.81.15562
"Seven Transformation Pack" = Seven Transformation Pack 3.0
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"ST6UNST #1" = RonlightSync
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 2 Server_is1" = TeamSpeak 2 Server RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnrealTournament" = Unreal Tournament G.O.T.Y. Edition
"uTorrent" = µTorrent
"VentriloMIX" = VentriloMIX
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Winamp Essentials Pack" = Winamp Essentials Pack
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WOW" = WOW
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XviD" = XviD MPEG-4 Codec
"YouTubeGet_is1" = YouTubeGet 5.2.3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Juniper_Networks_Cache_Cleaner 6.0.0" = Juniper Networks Cache Cleaner 6.0.0
"Juniper_Networks_Cache_Cleaner 6.4.0" = Juniper Networks Cache Cleaner 6.4.0
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Juniper_Term_Services" = Juniper Terminal Services Client
"MaxKO" = MaxKO
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"NoNameScript" = NoNameScript

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 02/07/2010 03:42:59 | Computer Name = TAP-7409E23BDD | Source = Application Error | ID = 1000
Description = ‏‏תקלה ביישום maxkoc.exe, גירסה 2.3.11.1718, תקלה במודול maxkoc.exe,
גירסה 2.3.11.1718, כתובת התקלה 0x000dac5e‏.

Error - 08/07/2010 03:22:48 | Computer Name = TAP-7409E23BDD | Source = SecurityCenter | ID = 1802
Description = ‏‏לשירות מרכז האבטחה של Windows לא היתה אפשרות ליצור שאילתות אירוע
ב- WMI כדי לפקח על תוכניות אנטי-וירוס וחומת אש של יצרנים אחרים.

Error - 08/07/2010 04:57:57 | Computer Name = TAP-7409E23BDD | Source = Application Error | ID = 1000
Description = ‏‏תקלה ביישום chrome.exe, גירסה 0.0.0.0, תקלה במודול unknown, גירסה
0.0.0.0, כתובת התקלה 0x806fff43‏.

Error - 09/07/2010 16:19:58 | Computer Name = TAP-7409E23BDD | Source = Application Error | ID = 1000
Description = ‏‏תקלה ביישום explorer.exe, גירסה 6.0.2900.5512, תקלה במודול unknown,
גירסה 0.0.0.0, כתובת התקלה 0x0b2fd6b0‏.

Error - 10/07/2010 23:13:34 | Computer Name = TAP-7409E23BDD | Source = Google Update | ID = 20
Description =

Error - 12/07/2010 16:42:13 | Computer Name = TAP-7409E23BDD | Source = Application Hang | ID = 1002
Description = ‏‏יישום לא מגיב MaxKOC.exe, גירסה 2.3.11.1718, מודול חוסר תגובה hungapp,
גירסה 0.0.0.0, כתובת חוסר תגובה 0x00000000‏.

Error - 15/07/2010 07:13:34 | Computer Name = TAP-7409E23BDD | Source = Google Update | ID = 20
Description =

Error - 15/07/2010 08:13:34 | Computer Name = TAP-7409E23BDD | Source = Google Update | ID = 20
Description =

Error - 16/07/2010 04:10:39 | Computer Name = TAP-7409E23BDD | Source = Google Update | ID = 20
Description =

Error - 16/07/2010 04:13:34 | Computer Name = TAP-7409E23BDD | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 16/07/2010 13:10:56 | Computer Name = TAP-7409E23BDD | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 16/07/2010 13:10:56 | Computer Name = TAP-7409E23BDD | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 16/07/2010 13:10:56 | Computer Name = TAP-7409E23BDD | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 16/07/2010 13:10:56 | Computer Name = TAP-7409E23BDD | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 16/07/2010 13:10:56 | Computer Name = TAP-7409E23BDD | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 16/07/2010 15:45:31 | Computer Name = TAP-7409E23BDD | Source = Service Control Manager | ID = 7000
Description = The General Purpose USB Driver (adildr.sys) service failed to start
due to the following error: %%1058

Error - 16/07/2010 15:50:56 | Computer Name = TAP-7409E23BDD | Source = Service Control Manager | ID = 7000
Description = The SABKUTIL service failed to star

guestolo · « **Reply #3 on:** July 17, 2010, 11:46:42 AM »

Download ComboFix from ONLY this location:
[color="#0000FF"]Link [/color]
[color="#FF0000"]Save it ONLY to your Desktop[/color]

--------------------------------------------------------------------
[color="#2E8B57"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]

Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

[color="#2e8b57"]**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
[/color]

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please

Brenneka · « **Reply #4 on:** July 17, 2010, 12:27:39 PM »

Alright, done. Right after I ran ComboFix.exe my PC rebooted and after the reboot I didn't see my desktop so I couldn't connect to the internet to download the recovery console, so I just skipped it and let it scan. The log is just enormous, here it is:

ComboFix 10-07-15.05 - עדן 07/17/2010 20:03:26.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1255.972.1037.18.511.317 [GMT 3:00]
Running from: c:\documents and settings\עדן\שולחן העבודה\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\עדן\Application Data\inst.exe
c:\documents and settings\All Users.WINDOWS\Application Data\mazuki.dll
c:\windows\system32\swdir.dll

.
((((((((((((((((((((((((( Files Created from 2010-06-17 to 2010-07-17 )))))))))))))))))))))))))))))))
.

2010-07-16 19:47 . 2010-07-16 19:47   --------   d-----w-   c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2010-07-16 19:47 . 2010-07-16 19:47   --------   d-----w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com
2010-07-16 19:46 . 2010-07-17 06:50   --------   d-----w-   c:\program files\SUPERAntiSpyware
2010-07-16 19:17 . 2010-07-16 19:17   --------   d-----w-   c:\program files\Uniblue
2010-07-16 17:18 . 2010-07-16 17:17   423656   ----a-w-   c:\windows\system32\deployJava1.dll
2010-07-16 13:48 . 2010-07-16 13:48   --------   d-----w-   c:\documents and settings\עדן\Application Data\Uniblue
2010-07-14 10:58 . 2010-06-14 14:31   744448   -c----w-   c:\windows\system32\dllcache\helpsvc.exe
2010-07-11 20:37 . 2010-07-11 20:37   --------   d-----w-   c:\program files\TeamSpeak 3 Client
2010-06-19 19:31 . 2010-06-21 09:29   --------   d-----w-   c:\program files\SexyKO

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-17 13:09 . 2010-02-16 13:03   --------   d-----w-   c:\program files\MaxKO
2010-07-16 19:54 . 2010-07-16 19:47   63488   ----a-w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-07-16 19:54 . 2010-07-16 19:47   117760   ----a-w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-07-16 19:47 . 2010-07-16 19:47   52224   ----a-w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-07-16 19:30 . 2009-11-08 14:55   --------   d-----w-   c:\documents and settings\עדן\Application Data\uTorrent
2010-07-16 17:19 . 2010-07-16 17:19   503808   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-57e29002-n\msvcp71.dll
2010-07-16 17:19 . 2010-07-16 17:19   499712   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-57e29002-n\jmc.dll
2010-07-16 17:19 . 2010-07-16 17:19   348160   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-57e29002-n\msvcr71.dll
2010-07-16 17:19 . 2010-07-16 17:19   61440   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5c395654-n\decora-sse.dll
2010-07-16 17:19 . 2010-07-16 17:19   12800   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5c395654-n\decora-d3d.dll
2010-07-16 17:19 . 2005-01-03 13:06   --------   d-----w-   c:\program files\Common Files\Java
2010-07-16 17:09 . 2004-06-04 23:04   --------   d-----w-   c:\program files\Java
2010-07-16 09:30 . 2007-08-26 16:57   --------   d-----w-   c:\program files\VentriloMIX
2010-07-13 18:56 . 2009-11-27 18:33   --------   d-----w-   c:\program files\Mp3tag
2010-07-01 12:16 . 2009-05-26 17:55   --------   d-----w-   c:\documents and settings\עדן\Application Data\NoNameScript-May26
2010-07-01 12:15 . 2009-06-19 08:14   --------   d-----w-   c:\program files\mIRC
2010-06-23 21:15 . 2004-08-27 12:00   67296   ----a-w-   c:\windows\system32\perfc00d.dat
2010-06-23 21:15 . 2004-08-27 12:00   345584   ----a-w-   c:\windows\system32\perfh00d.dat
2010-06-16 18:27 . 2005-12-08 08:39   98304   ----a-w-   c:\windows\DUMPb219.tmp
2010-06-15 19:33 . 2009-12-15 14:49   --------   d-----w-   c:\documents and settings\עדן\Application Data\Mp3 Audio Editor
2010-06-14 18:47 . 2005-12-08 08:39   98304   ----a-w-   c:\windows\DUMPb517.tmp
2010-06-14 14:39 . 2009-11-08 14:56   --------   d-----w-   c:\program files\uTorrent
2010-06-14 14:31 . 2005-12-08 07:22   744448   ----a-w-   c:\windows\PCHEALTH\HELPCTR\Binaries\helpsvc.exe
2010-06-12 13:22 . 2010-06-12 13:22   --------   d-----w-   c:\program files\SystemRequirementsLab
2010-05-19 18:01 . 2007-04-05 06:37   --------   d---a-w-   c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2010-05-14 15:47 . 2010-05-14 15:47   286720   ------w-   c:\windows\Setup1.exe
2010-05-14 15:47 . 2010-05-14 15:47   73216   ----a-w-   c:\windows\ST6UNST.EXE
2010-05-10 11:33 . 2009-06-07 20:30   56816   ----a-w-   c:\windows\system32\drivers\avgntflt.sys
2010-05-06 10:35 . 2004-08-27 12:00   916480   ----a-w-   c:\windows\system32\wininet.dll
2010-05-04 09:01 . 2005-12-08 08:13   60576   ----a-w-   c:\documents and settings\עדן\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-02 08:08 . 2004-08-27 12:00   1851136   ----a-w-   c:\windows\system32\win32k.sys
2010-04-29 12:39 . 2009-06-06 18:06   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 12:39 . 2009-06-06 18:06   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-04-20 05:30 . 2004-08-27 12:00   285696   ----a-w-   c:\windows\system32\atmfd.dll
2005-01-29 12:14 . 2005-01-29 12:14   48640   --sha-w-   c:\program files\Thumbs.db
2003-01-13 09:20 . 2004-09-12 12:48   278528   ----a-w-   c:\program files\internet explorer\plugins\PanoViewer.dll
1999-04-30 14:00 . 2004-09-12 12:48   98304   ----a-w-   c:\program files\internet explorer\plugins\UPjpeg.dll
.

------- Sigcheck -------

[-] 2008-04-14 . CD194374A5A584E32346297DE305F77B . 1429504 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . 468D2A8B5F62E25F81C3150263D8E558 . 1202176 . . [6.00.2900.5512] . . c:\windows\system32\VITrans\explorer.exe
[7] 2008-04-14 . 468D2A8B5F62E25F81C3150263D8E558 . 1202176 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . 7C66CE267EDD66607B2275FE44235A31 . 1201664 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 1FB3EE7C4D70AACE3063A1E1E0FF7FCF . 1201664 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[7] 2004-08-27 . A275BB2B4CF43625B9F38AD312F5C5A6 . 1200640 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-06-06_20.36.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-14 02:14 . 2008-04-14 02:14   57344 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19   54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 03:07 . 2008-07-29 03:07   59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 03:07 . 2008-07-29 03:07   59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2009-07-11 17:41 . 2009-07-11 17:41   97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2008-04-14 02:14 . 2008-04-14 02:14   74802 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2007-02-17 17:04 . 2007-01-19 12:51   74802 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   50688 c:\windows\twain_32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   50688 c:\windows\twain_32.dll
+ 2002-03-13 14:46 . 2002-03-13 14:46   53248 c:\windows\system32\zlib.dll
- 2005-12-08 07:20 . 2006-03-01 19:43   11776 c:\windows\system32\xolehlp.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   11776 c:\windows\system32\xolehlp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   50176 c:\windows\system32\xmlprovi.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   50176 c:\windows\system32\xmlprovi.dll
+ 2009-11-30 19:33 . 2009-11-30 19:33   41872 c:\windows\system32\xfcodec.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   30720 c:\windows\system32\xcopy.exe
+ 2004-08-27 12:00 . 2008-04-14 02:18   30720 c:\windows\system32\xcopy.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   91648 c:\windows\system32\xactsrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   91648 c:\windows\system32\xactsrv.dll
+ 2004-08-26 17:53 . 2008-04-14 02:17   52736 c:\windows\system32\wzcsapi.dll
+ 2005-05-26 02:16 . 2009-08-06 17:24   44768 c:\windows\system32\wups2.dll
+ 2005-12-08 07:22 . 2009-08-06 17:24   35552 c:\windows\system32\wups.dll
+ 2005-12-08 07:22 . 2009-08-06 17:24   53472 c:\windows\system32\wuauclt.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   18432 c:\windows\system32\wtsapi32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   18432 c:\windows\system32\wtsapi32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   51200 c:\windows\system32\wstdecod.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   51200 c:\windows\system32\wstdecod.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   22528 c:\windows\system32\wsock32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   22528 c:\windows\system32\wsock32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   41984 c:\windows\system32\wsnmp32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   19456 c:\windows\system32\wshtcpip.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   11264 c:\windows\system32\wshrm.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   14336 c:\windows\system32\wship6.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   14336 c:\windows\system32\wship6.dll
+ 2004-08-27 12:00 . 2008-05-09 10:56   90112 c:\windows\system32\wshext.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   36864 c:\windows\system32\wshcon.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   80896 c:\windows\system32\wscsvc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   13824 c:\windows\system32\wscntfy.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   13824 c:\windows\system32\wscntfy.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   19968 c:\windows\system32\ws2help.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   19968 c:\windows\system32\ws2help.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   82432 c:\windows\system32\ws2_32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   11264 c:\windows\system32\wpnpinst.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   32256 c:\windows\system32\wpabaln.exe
+ 2004-08-27 12:00 . 2008-04-14 02:18   32256 c:\windows\system32\wpabaln.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   20480 c:\windows\system32\wmpui.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20480 c:\windows\system32\wmpui.dll
- 2004-08-27 12:00 . 2006-12-01 09:16   99840 c:\windows\system32\wmpshell.dll
+ 2004-08-27 12:00 . 2006-10-18 19:47   99840 c:\windows\system32\wmpshell.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20480 c:\windows\system32\wmpcore.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20480 c:\windows\system32\wmpcore.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20480 c:\windows\system32\wmpcd.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20480 c:\windows\system32\wmpcd.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   91648 c:\windows\system32\wlnotify.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   91648 c:\windows\system32\wlnotify.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   69120 c:\windows\system32\wlanapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   53760 c:\windows\system32\winsta.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   53760 c:\windows\system32\winsta.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   17408 c:\windows\system32\winshfhc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   17408 c:\windows\system32\winshfhc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   97792 c:\windows\system32\winscard.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   97792 c:\windows\system32\winscard.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   16896 c:\windows\system32\winrnr.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   16896 c:\windows\system32\winrnr.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   32256 c:\windows\system32\winipsec.dll
+ 1997-08-10 21:00 . 1997-08-10 21:00   30720 c:\windows\system32\WINDBVER.EXE
- 2004-08-27 12:00 . 2004-08-27 12:00   75776 c:\windows\system32\wiascr.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   75776 c:\windows\system32\wiascr.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   64512 c:\windows\system32\wextract.exe
+ 2004-08-27 12:00 . 2008-04-14 02:18   64512 c:\windows\system32\wextract.exe
- 2004-08-27 12:00 . 2006-01-04 03:35   68096 c:\windows\system32\webclnt.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   68096 c:\windows\system32\webclnt.dll
+ 2004-08-26 17:53 . 2008-04-14 02:18   23552 c:\windows\system32\wdmaud.drv
- 2004-08-26 17:53 . 2004-08-27 12:00   23552 c:\windows\system32\wdmaud.drv
+ 2004-08-27 12:00 . 2009-06-25 08:26   54272 c:\windows\system32\wdigest.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   94208 c:\windows\system32\wbem\wmiutils.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   41472 c:\windows\system32\wbem\wmipsess.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   41472 c:\windows\system32\wbem\wmipsess.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   62464 c:\windows\system32\wbem\wmipjobj.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   61952 c:\windows\system32\wbem\wmipiprt.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   60928 c:\windows\system32\wbem\wmicookr.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   60928 c:\windows\system32\wbem\wmicookr.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   88576 c:\windows\system32\wbem\wmiaprpl.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   43520 c:\windows\system32\wbem\wbemsvc.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   43520 c:\windows\system32\wbem\wbemsvc.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   18944 c:\windows\system32\wbem\wbemprox.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   18944 c:\windows\system32\wbem\wbemprox.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   41984 c:\windows\system32\wbem\wbemperf.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   41984 c:\windows\system32\wbem\wbemperf.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   71680 c:\windows\system32\wbem\wbemcons.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   71680 c:\windows\system32\wbem\wbemcons.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   86528 c:\windows\system32\wbem\stdprov.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   86528 c:\windows\system32\wbem\stdprov.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   36352 c:\windows\system32\wbem\scrcons.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   47104 c:\windows\system32\wbem\ncprov.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   47104 c:\windows\system32\wbem\ncprov.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   16384 c:\windows\system32\wbem\mofcomp.exe
+ 2005-12-08 07:20 . 2008-04-14 02:17   16384 c:\windows\system32\wbem\mofcomp.exe
+ 2005-12-08 07:20 . 2008-04-14 02:17   24576 c:\windows\system32\wbem\krnlprov.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   24576 c:\windows\system32\wbem\krnlprov.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   21504 c:\windows\system32\wbem\evntrprv.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   17664 c:\windows\system32\watchdog.sys
+ 2004-08-27 12:00 . 2008-04-13 18:44   17664 c:\windows\system32\watchdog.sys
- 2004-08-27 12:00 . 2004-08-27 12:00   15872 c:\windows\system32\w3ssl.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   15872 c:\windows\system32\w3ssl.dll
+ 2006-05-16 03:58 . 2009-04-28 20:20   96752 c:\windows\system32\vxblock.dll
+ 2009-11-12 18:19 . 2006-12-01 10:05   63488 c:\windows\system32\VITrans\wmplayer.exe
+ 2009-11-12 18:19 . 2004-08-27 12:00   56832 c:\windows\system32\VITrans\sol.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   69120 c:\windows\system32\VITrans\notepad.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   90112 c:\windows\system32\VITrans\mydocs.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   59904 c:\windows\system32\VITrans\msimn.exe
+ 2009-11-12 18:19 . 2004-08-27 12:00   55296 c:\windows\system32\VITrans\freecell.exe
+ 2009-11-12 18:19 . 2004-08-27 12:00   80384 c:\windows\system32\VITrans\charmap.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   28672 c:\windows\system32\VITrans\batmeter.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   18944 c:\windows\system32\version.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   18944 c:\windows\system32\version.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   26624 c:\windows\system32\verifier.dll
+ 2006-03-17 00:38 . 2008-04-14 02:18   28672 c:\windows\system32\verclsid.exe
- 2006-03-17 00:38 . 2006-03-17 00:38   28672 c:\windows\system32\verclsid.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   51712 c:\windows\system32\vdmredir.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   51712 c:\windows\system32\vdmredir.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   26112 c:\windows\system32\vdmdbg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   26112 c:\windows\system32\vdmdbg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   30749 c:\windows\system32\vbajet32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   30749 c:\windows\system32\vbajet32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   50176 c:\windows\system32\utilman.exe
- 2004-08-27 12:00 . 2006-10-04 13:32   50176 c:\windows\system32\utilman.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   19968 c:\windows\system32\usmt\log.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   19968 c:\windows\system32\usmt\log.dll
+ 2008-04-13 16:44 . 2008-04-13 16:44   17920 c:\windows\system32\usmt\cobramsg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   26112 c:\windows\system32\userinit.exe
- 2005-12-08 08:51 . 2004-08-26 15:53   72704 c:\windows\system32\usbui.dll
+ 2005-12-08 08:51 . 2008-04-14 02:17   72704 c:\windows\system32\usbui.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   16896 c:\windows\system32\usbmon.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   16896 c:\windows\system32\usbmon.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   18432 c:\windows\system32\ups.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   18432 c:\windows\system32\ups.exe
+ 2004-08-27 12:00 . 2008-04-14 02:18   16896 c:\windows\system32\upnpcont.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   16896 c:\windows\system32\upnpcont.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   13824 c:\windows\system32\uniplat.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   13824 c:\windows\system32\uniplat.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   73216 c:\windows\system32\unimdmat.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   73216 c:\windows\system32\unimdmat.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   76288 c:\windows\system32\uniime.dll
+ 2005-12-08 08:47 . 2008-04-14 02:16   76288 c:\windows\system32\uniime.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   35840 c:\windows\system32\umandlg.dll
- 2004-08-27 12:00 . 2006-10-04 13:38   35840 c:\windows\system32\umandlg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   26624 c:\windows\system32\udhisapi.dll
+ 2007-01-29 08:58 . 2010-04-21 13:28   46080 c:\windows\system32\tzchange.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   57856 c:\windows\system32\twext.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   50688 c:\windows\system32\tspkg.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   53248 c:\windows\system32\tsgqec.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   12168 c:\windows\system32\tsddd.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   12168 c:\windows\system32\tsddd.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   93696 c:\windows\system32\tscfgwmi.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   93696 c:\windows\system32\tscfgwmi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   90112 c:\windows\system32\trkwks.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   12800 c:\windows\system32\tree.com
- 2004-08-27 12:00 . 2004-08-27 12:00   12288 c:\windows\system32\tracert.exe
+ 2004-08-27 12:00 . 2008-04-14 02:18   12288 c:\windows\system32\tracert.exe
+ 2004-08-27 12:00 . 2009-06-12 12:31   76288 c:\windows\system32\telnet.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   45056 c:\windows\system32\tcpmonui.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   45056 c:\windows\system32\tcpmonui.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   45568 c:\windows\system32\tcpmon.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   14848 c:\windows\system32\tcpmib.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   14848 c:\windows\system32\tcpmib.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   57856 c:\windows\system32\synceng.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   57856 c:\windows\system32\synceng.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   14336 c:\windows\system32\svchost.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   14336 c:\windows\system32\svchost.exe
+ 2004-08-27 12:00 . 2009-10-21 05:39   75776 c:\windows\system32\strmfilt.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   75776 c:\windows\system32\strmfilt.dll
+ 2005-12-08 08:46 . 2008-04-14 02:17   73216 c:\windows\system32\storprop.dll
- 2005-12-08 08:46 . 2004-08-26 17:53   73216 c:\windows\system32\storprop.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   14848 c:\windows\system32\stimon.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   14848 c:\windows\system32\stimon.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   68096 c:\windows\system32\sti.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   59392 c:\windows\system32\stclient.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   14336 c:\windows\system32\ssstars.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   14336 c:\windows\system32\ssstars.scr
+ 2004-08-27 12:00 . 2008-04-14 02:18   18944 c:\windows\system32\ssmyst.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   18944 c:\windows\system32\ssmyst.scr
+ 2004-08-27 12:00 . 2008-04-14 02:18   47104 c:\windows\system32\ssmypics.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   47104 c:\windows\system32\ssmypics.scr
+ 2004-08-27 12:00 . 2008-04-14 02:18   20992 c:\windows\system32\ssmarque.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   20992 c:\windows\system32\ssmarque.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   71680 c:\windows\system32\ssdpsrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   71680 c:\windows\system32\ssdpsrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   34816 c:\windows\system32\ssdpapi.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   34816 c:\windows\system32\ssdpapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   19968 c:\windows\system32\ssbezier.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   19968 c:\windows\system32\ssbezier.scr
+ 2004-08-27 12:00 . 2008-04-14 02:17   96768 c:\windows\system32\srvsvc.dll
- 2004-08-27 12:00 . 2004-12-07 19:34   96768 c:\windows\system32\srvsvc.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   67584 c:\windows\system32\srclient.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   67584 c:\windows\system32\srclient.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   20992 c:\windows\system32\spupdwxp.exe
+ 2005-12-09 10:11 . 2009-01-07 16:21   26144 c:\windows\system32\spupdsvc.exe
+ 2009-11-17 19:02 . 2009-11-21 09:57   15607 c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
+ 2009-11-21 09:57 . 2009-11-21 09:57   11024 c:\windows\system32\SpoonUninstall-dBpoweramp DSP Effects.dat
+ 2004-08-27 12:00 . 2008-04-14 02:17   57856 c:\windows\system32\spoolsv.exe
- 2004-08-27 12:00 . 2005-06-10 23:53   57856 c:\windows\system32\spoolsv.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   75264 c:\windows\system32\spoolss.dll
+ 2008-01-30 06:19 . 2008-07-06 12:06   89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2004-08-27 12:00 . 2008-04-13 17:18   11264 c:\windows\system32\spnpinst.exe
- 2007-11-17 18:16 . 2007-11-30 11:19   16760 c:\windows\system32\spmsg.dll
+ 2009-12-17 06:43 . 2009-05-26 11:41   16760 c:\windows\system32\spmsg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   24576 c:\windows\system32\sort.exe
+ 2005-12-08 07:20 . 2004-08-27 12:00   59904 c:\windows\system32\sol.exe
+ 2009-10-20 10:33 . 2009-08-06 17:24   44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-10-20 10:33 . 2009-08-06 17:24   35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   18944 c:\windows\system32\snmpapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   18944 c:\windows\system32\snmpapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   50688 c:\windows\system32\smss.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   50688 c:\windows\system32\smss.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   88064 c:\windows\system32\smlogsvc.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   88064 c:\windows\system32\smlogsvc.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   73796 c:\windows\system32\slserv.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   32866 c:\windows\system32\slrundll.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   73832 c:\windows\system32\slcoinst.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   98304 c:\windows\system32\slbiop.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   98304 c:\windows\system32\slbiop.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   25088 c:\windows\system32\slayerxp.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   25088 c:\windows\system32\slayerxp.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   26112 c:\windows\system32\skeys.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   26112 c:\windows\system32\skeys.exe
+ 2009-07-26 14:44 . 2009-07-26 14:44   48448 c:\windows\system32\sirenacm.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   70144 c:\windows\system32\sigverif.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   70144 c:\windows\system32\sigverif.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   12800 c:\windows\system32\sigtab.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   12800 c:\windows\system32\sigtab.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   19456 c:\windows\system32\shutdown.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   19456 c:\windows\system32\shutdown.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   27648 c:\windows\system32\shscrap.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   27648 c:\windows\system32\shscrap.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   77312 c:\windows\system32\shrpubw.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   77312 c:\windows\system32\shrpubw.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   45056 c:\windows\system32\shmgrate.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   65024 c:\windows\system32\shimeng.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   68096 c:\windows\system32\shgina.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   68096 c:\windows\system32\shgina.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   25088 c:\windows\system32\shfolder.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   25088 c:\windows\system32\shfolder.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   32768 c:\windows\system32\setupn.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   26624 c:\windows\system32\Setup\startoc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   17408 c:\windows\system32\Setup\ocmsn.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   17408 c:\windows\system32\Setup\ocmsn.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   15872 c:\windows\system32\Setup\ocgen.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   15872 c:\windows\system32\Setup\ocgen.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   62464 c:\windows\system32\Setup\ntoc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   62464 c:\windows\system32\Setup\ntoc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   76288 c:\windows\system32\Setup\netoc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   76288 c:\windows\system32\Setup\netoc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   15360 c:\windows\system32\Setup\msgrocm.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   15360 c:\windows\system32\Setup\msgrocm.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   90112 c:\windows\system32\Setup\msdtcstp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   32828 c:\windows\system32\Setup\fp40ext.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   32828 c:\windows\system32\Setup\fp40ext.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   23040 c:\windows\system32\setup.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   23040 c:\windows\system32\setup.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   31744 c:\windows\system32\sethc.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   31744 c:\windows\system32\sethc.exe
+ 2005-12-08 07:20 . 2008-04-14 02:17   55808 c:\windows\system32\servdeps.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   55808 c:\windows\system32\servdeps.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   39424 c:\windows\system32\sens.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   55296 c:\windows\system32\sendmail.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   55296 c:\windows\system32\sendmail.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   29184 c:\windows\system32\sendcmsg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   29184 c:\windows\system32\sendcmsg.dll
+ 2004-08-27 12:00 . 2009-06-25 08:26   56832 c:\windows\system32\secur32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   18432 c:\windows\system32\seclogon.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   18432 c:\windows\system32\seclogon.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   29184 c:\windows\system32\sdhcinst.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   29184 c:\windows\system32\sdhcinst.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   77312 c:\windows\system32\sdbinst.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   77312 c:\windows\system32\sdbinst.exe
+ 2009-11-12 18:19 . 2009-03-23 15:39   20480 c:\windows\system32\scrnrdr.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   20992 c:\windows\system32\sclgntfy.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20992 c:\windows\system32\sclgntfy.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   95744 c:\windows\system32\scardsvr.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   95744 c:\windows\system32\scardsvr.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   69120 c:\windows\system32\scarddlg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   69120 c:\windows\system32\scarddlg.dll
+ 2004-08-27 12:00 . 2009-02-06 10:39   35328 c:\windows\system32\sc.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   13312 c:\windows\system32\savedump.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   13312 c:\windows\system32\savedump.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   64000 c:\windows\system32\samlib.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   64000 c:\windows\system32\samlib.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   45568 c:\windows\system32\safrslv.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   45568 c:\windows\system32\safrslv.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   29696 c:\windows\system32\safrdm.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   29696 c:\windows\system32\safrdm.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   43520 c:\windows\system32\safrcdlg.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   43520 c:\windows\system32\safrcdlg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   14336 c:\windows\system32\runonce.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   14336 c:\windows\system32\runonce.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   33280 c:\windows\system32\rundll32.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   33280 c:\windows\system32\rundll32.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   44032 c:\windows\system32\rtutils.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   44032 c:\windows\system32\rtutils.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   31744 c:\windows\system32\rtipxmib.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   31744 c:\windows\system32\rtipxmib.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   76288 c:\windows\system32\rtcshare.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   76288 c:\windows\system32\rtcshare.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   92672 c:\windows\system32\rsvpsp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   18944 c:\windows\system32\rsmps.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   18944 c:\windows\system32\rsmps.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   39424 c:\windows\system32\rshx32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   39424 c:\windows\system32\rshx32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   14848 c:\windows\system32\rsh.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   14848 c:\windows\system32\rsh.exe
+ 2004-05-31 12:39 . 2004-05-31 12:39   45056 c:\windows\system32\rfg726.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   13824 c:\windows\system32\rexec.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   13824 c:\windows\system32\rexec.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   58880 c:\windows\system32\resutils.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   58880 c:\windows\system32\resutils.dll
+ 2007-02-12 12:41 . 2009-11-12 18:16   46212 c:\windows\system32\Restore\rstrlog.dat
+ 2005-12-08 07:20 . 2008-04-14 02:17   59904 c:\windows\system32\remotepg.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   59904 c:\windows\system32\remotepg.dll
+ 2009-10-04 11:17 . 2004-08-03 23:07   42368 c:\windows\system32\ReinstallBackups\0020\DriverFiles\i386\AGP440.SYS
+ 2009-10-04 11:17 . 2004-08-27 12:00   39680 c:\windows\system32\ReinstallBackups\0017\DriverFiles\i386\intelppm.sys
+ 2009-10-04 11:17 . 2004-08-27 12:00   39680 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\intelppm.sys
+ 2009-10-04 11:17 . 2004-08-03 21:10   38016 c:\windows\system32\ReinstallBackups\0015\DriverFiles\i386\bthmodem.sys
+ 2009-10-04 11:17 . 2004-08-03 21:10   38016 c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\bthmodem.sys
+ 2009-10-04 11:17 . 2004-08-03 21:10   38016 c:\windows\system32\ReinstallBackups\0013\DriverFiles\i386\bthmodem.sys
+ 2009-10-04 11:16 . 2004-08-03 21:10   59648 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\rfcomm.sys
+ 2009-10-04 11:16 . 2004-08-26 15:53   26112 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\irmon.dll
+ 2009-10-04 11:16 . 2004-08-03 21:10   17024 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\BthEnum.sys
+ 2009-10-04 11:16 . 2004-08-03 21:10   38016 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\bthmodem.sys
+ 2009-10-04 11:16 . 2004-08-03 21:10   18944 c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\BTHUSB.SYS
+ 2009-10-04 11:16 . 2004-08-03 21:10   17024 c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\bthenum.sys
+ 2009-11-12 18:19 . 2006-12-03 15:15   19968 c:\windows\system32\reico.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   11264 c:\windows\system32\regsvr32.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   11264 c:\windows\system32\regsvr32.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   59904 c:\windows\system32\regsvc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   59904 c:\windows\system32\regsvc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   49664 c:\windows\system32\regapi.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   49664 c:\windows\system32\regapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   50176 c:\windows\system32\reg.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   50176 c:\windows\system32\reg.exe
+ 2005-12-08 07:20 . 2008-04-14 02:17   67072 c:\windows\system32\rdshost.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   67072 c:\windows\system32\rdshost.exe
+ 2005-12-08 07:20 . 2008-04-14 02:17   13824 c:\windows\system32\rdsaddin.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   13824 c:\windows\system32\rdsaddin.exe
+ 2005-12-08 07:20 . 2008-04-14 02:18   87176 c:\windows\system32\rdpwsx.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   87176 c:\windows\system32\rdpwsx.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   19968 c:\windows\system32\rdpsnd.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   19968 c:\windows\system32\rdpsnd.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   92424 c:\windows\system32\rdpdd.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   62976 c:\windows\system32\rdpclip.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   21504 c:\windows\system32\rcp.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   21504 c:\windows\system32\rcp.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   35840 c:\windows\system32\rcimlby.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   35840 c:\windows\system32\rcimlby.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   58368 c:\windows\system32\rastapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   16384 c:\windows\system32\rassapi.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   61952 c:\windows\system32\rasqec.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   56320 c:\windows\system32\rasphone.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   56320 c:\windows\system32\rasphone.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   61440 c:\windows\system32\rasman.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   61440 c:\windows\system32\rasman.dll
+ 2004-08-27 12:00 . 2009-10-12 13:39   79872 c:\windows\system32\raschap.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   88576 c:\windows\system32\rasauto.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   43520 c:\windows\system32\racpldlg.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   43520 c:\windows\system32\racpldlg.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   76800 c:\windows\system32\qutil.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   19968 c:\windows\system32\qprocess.exe
+ 2005-12-08 07:22 . 2008-04-14 02:17   18944 c:\windows\system32\qmgrprxy.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   18944 c:\windows\system32\qmgrprxy.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   62464 c:\windows\system32\qcliprov.dll
+ 2006-05-16 03:58 . 2009-04-28 20:20   66032 c:\windows\system32\pxinsa64.exe
+ 2006-05-16 03:58 . 2009-04-28 20:20   72176 c:\windows\system32\pxhpinst.exe
+ 2006-05-16 03:58 . 2009-04-28 20:20   66544 c:\windows\system32\pxcpya64.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   33792 c:\windows\system32\pstorsvc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   33792 c:\windows\system32\pstorsvc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   43520 c:\windows\system32\pstorec.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   43520 c:\windows\system32\pstorec.dll
+ 2009-11-12 18:19 . 2004-11-27 17:00   94208 c:\windows\system32\pskill.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   95744 c:\windows\system32\psbase.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   95744 c:\windows\system32\psbase.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   23040 c:\windows\system32\psapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   23040 c:\windows\system32\psapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   50176 c:\windows\system32\proquota.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   50176 c:\windows\system32\proquota.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   27648 c:\windows\system32\profmap.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   27648 c:\windows\system32\profmap.dll
+ 2010-03-30 21:16 . 2010-03-30 21:16   99176 c:\windows\system32\PresentationHostProxy.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   17408 c:\windows\system32\powrprof.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   17408 c:\windows\system32\powrprof.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   49152 c:\windows\system32\powercfg.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   49152 c:\windows\system32\powercfg.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   58880 c:\windows\system32\pnrpnsp.dll
+ 2004-08-27 12:00 . 2009-03-08 02:31   46592 c:\windows\system32\pngfilt.dll
+ 2004-08-26 17:53 . 2008-04-14 02:17   15360 c:\windows\system32\pjlmon.dll
- 2004-08-26 17:53 . 2004-08-27 12:00   15360 c:\windows\system32\pjlmon.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   17920 c:\windows\system32\ping.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   17920 c:\windows\system32\ping.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   24064 c:\windows\system32\pidgen.dll
+ 2004-08-27 12:00 . 2008-04-13 18:35   24064 c:\windows\system32\pidgen.dll
+ 2004-08-26 17:53 . 2008-04-14 02:17   35328 c:\windows\system32\pid.dll
- 2004-08-26 17:53 . 2004-08-27 12:00   35328 c:\windows\system32\pid.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   34816 c:\windows\system32\perfproc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   34816 c:\windows\system32\perfproc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   25088 c:\windows\system32\perfos.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   25088 c:\windows\system32\perfos.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   17408 c:\windows\system32\perfnet.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   15872 c:\windows\system32\perfmon.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   15872 c:\windows\system32\perfmon.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   26624 c:\windows\system32\perfdisk.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   26624 c:\windows\system32\perfdisk.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   38400 c:\windows\system32\perfctrs.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   38400 c:\windows\system32\perfctrs.dll
+ 2004-08-27 12:00 . 2010-06-23 21:15   67312 c:\windows\system32\perfc009.dat
+ 2004-08-27 12:00 . 2008-04-14 02:17   64512 c:\windows\system32\pautoenr.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   57344 c:\windows\system32\packager.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   57344 c:\windows\system32\packager.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   67072 c:\windows\system32\osuninst.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   67072 c:\windows\system32\osuninst.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   51200 c:\windows\system32\oobe\oobebaln.exe
- 2005-12-08 07:22 . 2004-08-27 12:00   51200 c:\windows\system32\oobe\oobebaln.exe
+ 2005-12-08 07:22 . 2008-04-14 02:17   29184 c:\windows\system32\oobe\msoobe.exe
+ 2005-12-08 07:22 . 2008-04-14 02:17   19456 c:\windows\system32\oobe\msobweb.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   30720 c:\windows\system32\oobe\msobshel.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   30720 c:\windows\system32\oobe\msobshel.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   16384 c:\windows\system32\oobe\msobdl.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   16384 c:\windows\system32\oobe\msobdl.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   84992 c:\windows\system32\olepro32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   37376 c:\windows\system32\olecnv32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   74752 c:\windows\system32\olecli32.dll
- 2004-08-27 12:00 . 2005-07-26 04:40   74752 c:\windows\system32\olecli32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20511 c:\windows\system32\odtext32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20511 c:\windows\system32\odtext32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20510 c:\windows\system32\odpdx32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20510 c:\windows\system32\odpdx32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20510 c:\windows\system32\odfox32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20510 c:\windows\system32\odfox32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20510 c:\windows\system32\odexl32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20510 c:\windows\system32\odexl32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   20511 c:\windows\system32\oddbse32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   20511 c:\windows\system32\oddbse32.dll
+ 1998-05-13 21:00 . 1998-05-13 21:00   72704 c:\windows\system32\ODBCTL32.DLL
- 2004-08-27 12:00 . 2004-08-27 12:00   12288 c:\windows\system32\odbcp32r.dll
+ 2004-08-27 12:00 . 2008-04-13 17:26   12288 c:\windows\system32\odbcp32r.dll
+ 2004-08-27 12:00 . 2008-04-14 02:16   53279 c:\windows\system32\odbcji32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   94208 c:\windows\system32\odbcint.dll
+ 2004-08-27 12:00 . 2008-04-13 15:40   94208 c:\windows\system32\odbcint.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   65536 c:\windows\system32\odbccu32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   65536 c:\windows\system32\odbccu32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   65536 c:\windows\system32\odbccr32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   65536 c:\windows\system32\odbccr32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   69632 c:\windows\system32\odbcconf.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   69632 c:\windows\system32\odbcconf.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   24576 c:\windows\system32\odbcbcp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   24576 c:\windows\system32\odbcbcp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   32768 c:\windows\system32\odbcad32.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   32768 c:\windows\system32\odbcad32.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   16384 c:\windows\system32\odbc32gt.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   16384 c:\windows\system32\odbc32gt.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   66560 c:\windows\system32\ocmanage.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   15360 c:\windows\system32\ntvdmd.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   90112 c:\windows\system32\ntprint.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   90112 c:\windows\system32\ntprint.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   40960 c:\windows\system32\ntmsapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   40960 c:\windows\system32\ntmsapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   44032 c:\windows\system32\ntlanman.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   67072 c:\windows\system32\ntdsapi.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   67072 c:\windows\system32\ntdsapi.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   76800 c:\windows\system32\nslookup.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   76800 c:\windows\system32\nslookup.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   54784 c:\windows\system32\npptools.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   54784 c:\windows\system32\npptools.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   15360 c:\windows\system32\npp\nppagent.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   15360 c:\windows\system32\npp\nppagent.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   57344 c:\windows\system32\npp\ndisnpp.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   57344 c:\windows\system32\npp\ndisnpp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   70144 c:\windows\system32\notepad.exe
- 2006-06-29 06:05 . 2006-06-29 06:05   23552 c:\windows\system32\normaliz.dll
+ 2006-06-29 06:05 . 2009-01-07 16:20   23552 c:\windows\system32\normaliz.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   28672 c:\windows\system32\nmmkcert.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   28672 c:\windows\system32\nmmkcert.dll
- 2006-06-28 15:59 . 2006-06-28 15:59   24576 c:\windows\system32\nlsdl.dll
+ 2006-06-28 15:59 . 2009-01-07 16:20   24576 c:\windows\system32\nlsdl.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   98304 c:\windows\system32\nlhtml.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   77824 c:\windows\system32\netui0.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   77824 c:\windows\system32\netui0.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   36864 c:\windows\system32\netstat.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   36864 c:\windows\system32\netstat.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   86016 c:\windows\system32\netsh.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   86016 c:\windows\system32\netsh.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   11776 c:\windows\system32\netrap.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   49488 c:\windows\system32\netfxperf.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   42496 c:\windows\system32\net.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   42496 c:\windows\system32\net.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   18432 c:\windows\system32\nddenb32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   18432 c:\windows\system32\nddenb32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   17920 c:\windows\system32\nddeapi.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   17920 c:\windows\system32\nddeapi.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   36352 c:\windows\system32\ncobjapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   36352 c:\windows\system32\ncobjapi.dll
- 2004-08-27 12:00 . 2006-10-04 13:32   53760 c:\windows\system32\narrator.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   53760 c:\windows\system32\narrator.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   30208 c:\windows\system32\napipsec.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2005-12-08 07:20 . 2008-06-12 14:22   91648 c:\windows\system32\mtxoci.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   34304 c:\windows\system32\mtxlegih.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   30720 c:\windows\system32\mtxdm.dll
+ 2004-08-27 12:00 . 2008-06-12 14:22   66560 c:\windows\system32\mtxclu.dll
- 2004-08-27 12:00 . 2006-03-01 19:43   66560 c:\windows\system32\mtxclu.dll
+ 2004-08-26 17:53 . 2009-11-27 17:13   17920 c:\windows\system32\msyuv.dll
+ 2008-04-14 01:57 . 2008-04-14 01:57   67584 c:\windows\system32\msxml6r.dll
+ 2004-08-27 12:00 . 2008-04-14 0

Brenneka · « **Reply #5 on:** July 17, 2010, 12:29:48 PM »

+ 2005-12-08 08:46 . 2007-04-02 18:25   19456 c:\windows\msagent\intl\agt0405.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   19456 c:\windows\msagent\intl\agt0404.dll
+ 2005-12-08 08:47 . 2007-04-02 18:25   19456 c:\windows\msagent\intl\agt0404.dll
+ 2005-12-08 08:46 . 2007-04-02 18:25   19456 c:\windows\msagent\intl\agt0401.dll
- 2005-12-08 08:46 . 2004-08-27 12:00   19456 c:\windows\msagent\intl\agt0401.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   24064 c:\windows\msagent\agtintl.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   24064 c:\windows\msagent\agtintl.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   44032 c:\windows\msagent\agentsr.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   44032 c:\windows\msagent\agentsr.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   24064 c:\windows\msagent\agentpsh.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   24064 c:\windows\msagent\agentpsh.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   49152 c:\windows\msagent\agentmpx.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   49152 c:\windows\msagent\agentmpx.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   57344 c:\windows\msagent\agentdpv.dll
- 2004-08-27 12:00 . 2007-03-09 13:59   57344 c:\windows\msagent\agentdpv.dll
- 2004-08-27 12:00 . 2006-10-12 14:03   42496 c:\windows\msagent\agentdp2.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   42496 c:\windows\msagent\agentdp2.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   24064 c:\windows\msagent\agentanm.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   24064 c:\windows\msagent\agentanm.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40   70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40   91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40   40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-29 19:10 . 2008-07-29 19:10   46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-29 17:59 . 2008-07-29 17:59   32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
- 2007-10-09 10:58 . 2007-10-09 10:58   32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-29 19:10 . 2008-07-29 19:10   71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-29 17:32 . 2008-07-29 17:32   17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2010-04-07 20:48 . 2010-04-07 20:48   32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
- 2007-10-11 07:55 . 2007-10-11 07:55   32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16   73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16   20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16   11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 09:17 . 2008-07-25 09:17   81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 09:17 . 2008-07-25 09:17   77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16   80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2010-03-23 02:31 . 2010-03-23 02:31   30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16   34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16   33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16   24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16   98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-06 22:07 . 2009-11-06 22:07   86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2009-11-26 19:47 . 2007-11-25 10:09   17920 c:\windows\InstallFilter.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   25600 c:\windows\Installer\tsclientmsitrans\tscupdc.dll
+ 2007-10-30 10:06 . 2007-10-30 10:06   13801 c:\windows\Installer\tsclientmsitrans\tscuinst.vbs
+ 2007-12-12 10:33 . 2007-12-12 10:33   18917 c:\windows\Installer\tsclientmsitrans\tscinst.vbs
+ 2006-01-07 14:48 . 2006-01-07 14:48   20480 c:\windows\Installer\d980e.msi
+ 2005-11-14 14:40 . 2005-11-14 14:40   65024 c:\windows\Installer\90a04.msp
+ 2009-04-01 07:26 . 2009-04-01 07:26   83456 c:\windows\Installer\4c018.msi
+ 2009-04-01 07:26 . 2009-04-01 07:26   59904 c:\windows\Installer\4c013.msi
+ 2008-07-29 19:07 . 2008-07-29 19:07   23040 c:\windows\Installer\3d5419.msp
+ 2009-10-04 12:31 . 2009-10-04 12:31   88576 c:\windows\Installer\371391.msi
+ 2008-12-16 12:47 . 2008-12-16 12:47   16896 c:\windows\Installer\26d6f2.msi
+ 2009-10-03 15:18 . 2009-10-03 15:18   27136 c:\windows\Installer\1aa4555.msi
- 2005-12-08 10:52 . 2008-05-17 16:42   90112 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   90112 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   45056 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   45056 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   22528 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   22528 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   30720 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   30720 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   16384 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   16384 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   34304 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   34304 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   81920 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   81920 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2010-06-10 14:24 . 2010-06-10 14:24   34632 c:\windows\Installer\{90120000-0020-040D-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2010-02-05 20:11 . 2010-02-05 20:11   27136 c:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
+ 2009-10-03 15:18 . 2009-10-03 15:18   80395 c:\windows\Installer\{634328D0-C948-4C4D-BDE9-58015B941648}\MsblIco.Exe
- 2004-08-27 12:00 . 2004-08-27 12:00   62976 c:\windows\ime\SPGRMR.dll
+ 2004-08-27 12:00 . 2008-04-13 16:43   62976 c:\windows\ime\spgrmr.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   15360 c:\windows\ime\shared\res\padrs804.dll
+ 2005-12-08 08:47 . 2008-04-14 02:16   15360 c:\windows\ime\shared\res\padrs804.dll
+ 2005-12-08 08:47 . 2008-04-14 02:16   15872 c:\windows\ime\shared\res\padrs404.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   15872 c:\windows\ime\shared\res\PADRS404.DLL
+ 2005-12-08 08:47 . 2008-04-14 02:15   86016 c:\windows\ime\imkr6_1\applets\imekrmbx.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   86016 c:\windows\ime\imkr6_1\applets\imekrmbx.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   81976 c:\windows\ime\imjp8_1\imjpdct.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   81976 c:\windows\ime\imjp8_1\imjpdct.dll
+ 2005-12-08 08:47 . 2008-04-14 02:16   86073 c:\windows\ime\imjp8_1\applets\voicesub.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   86073 c:\windows\ime\imjp8_1\applets\voicesub.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   56320 c:\windows\ime\CHTIME\Applets\chtskdic.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   56320 c:\windows\ime\CHTIME\Applets\CHTSKDIC.DLL
- 2005-12-08 08:47 . 2004-08-27 12:00   97792 c:\windows\ime\CHTIME\Applets\CHTMBX.DLL
+ 2005-12-08 08:47 . 2008-04-14 02:15   97792 c:\windows\ime\CHTIME\Applets\chtmbx.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   53760 c:\windows\ime\chsime\applets\PINTLCSD.DLL
+ 2005-12-08 08:47 . 2008-04-14 02:16   53760 c:\windows\ime\chsime\applets\pintlcsd.dll
+ 2010-06-10 14:24 . 2010-02-25 06:18   12800 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2010-06-10 14:23 . 2010-02-25 06:18   55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2010-06-10 14:23 . 2010-02-25 06:18   25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2010-03-31 09:13 . 2009-12-21 19:08   12800 c:\windows\ie8updates\KB980182-IE8\xpshims.dll
+ 2010-03-31 09:13 . 2009-12-21 19:08   55296 c:\windows\ie8updates\KB980182-IE8\msfeedsbs.dll
+ 2010-03-31 09:13 . 2009-12-21 19:08   25600 c:\windows\ie8updates\KB980182-IE8\jsproxy.dll
+ 2010-01-22 09:16 . 2009-10-29 07:42   12800 c:\windows\ie8updates\KB978207-IE8\xpshims.dll
+ 2010-01-22 09:16 . 2009-10-29 07:42   55296 c:\windows\ie8updates\KB978207-IE8\msfeedsbs.dll
+ 2010-01-22 09:16 . 2009-10-29 07:42   25600 c:\windows\ie8updates\KB978207-IE8\jsproxy.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   12800 c:\windows\ie8updates\KB976325-IE8\xpshims.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   55296 c:\windows\ie8updates\KB976325-IE8\msfeedsbs.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   25600 c:\windows\ie8updates\KB976325-IE8\jsproxy.dll
+ 2009-10-14 15:05 . 2009-07-03 16:57   12800 c:\windows\ie8updates\KB974455-IE8\xpshims.dll
+ 2009-10-14 15:05 . 2009-07-03 16:57   55296 c:\windows\ie8updates\KB974455-IE8\msfeedsbs.dll
+ 2009-10-14 15:05 . 2009-07-03 16:57   25600 c:\windows\ie8updates\KB974455-IE8\jsproxy.dll
+ 2009-10-05 13:15 . 2009-03-08 02:33   12288 c:\windows\ie8updates\KB972260-IE8\xpshims.dll
+ 2009-10-05 13:15 . 2009-03-08 02:31   55296 c:\windows\ie8updates\KB972260-IE8\msfeedsbs.dll
+ 2009-10-05 13:15 . 2009-03-08 02:33   25600 c:\windows\ie8updates\KB972260-IE8\jsproxy.dll
+ 2009-10-04 12:57 . 2009-03-08 17:22   58448 c:\windows\ie8\spuninst\iecustom.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   44544 c:\windows\ie8\pngfilt.dll
+ 2009-10-04 12:55 . 2006-10-17 09:28   48128 c:\windows\ie8\mshtmler.dll
+ 2009-10-04 12:55 . 2006-10-17 09:56   45568 c:\windows\ie8\mshta.exe
+ 2009-10-04 12:55 . 2006-10-17 09:58   12288 c:\windows\ie8\msfeedssync.exe
+ 2009-10-04 12:55 . 2009-06-29 15:58   52224 c:\windows\ie8\msfeedsbs.dll
+ 2009-10-04 12:55 . 2006-10-17 10:05   40960 c:\windows\ie8\licmgr10.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   27648 c:\windows\ie8\jsproxy.dll
+ 2009-10-04 12:55 . 2006-11-07 01:26   92672 c:\windows\ie8\inseng.dll
+ 2009-10-04 12:55 . 2006-10-17 09:57   36352 c:\windows\ie8\imgutil.dll
+ 2009-10-04 12:55 . 2006-11-07 01:26   55296 c:\windows\ie8\iesetup.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   44544 c:\windows\ie8\iernonce.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   78336 c:\windows\ie8\ieencode.dll
+ 2009-10-04 12:55 . 2009-06-29 11:07   70656 c:\windows\ie8\ie4uinit.exe
+ 2009-10-04 12:55 . 2009-06-29 15:58   63488 c:\windows\ie8\icardie.dll
+ 2009-10-04 12:55 . 2006-10-17 09:44   60416 c:\windows\ie8\hmmapi.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   17408 c:\windows\ie8\corpol.dll
+ 2009-10-04 12:55 . 2006-11-07 01:26   71680 c:\windows\ie8\admparse.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   44544 c:\windows\ie7updates\KB972260-IE7\pngfilt.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   52224 c:\windows\ie7updates\KB972260-IE7\msfeedsbs.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   27648 c:\windows\ie7updates\KB972260-IE7\jsproxy.dll
+ 2009-10-04 12:45 . 2008-04-22 07:39   13824 c:\windows\ie7updates\KB972260-IE7\ieudinit.exe
+ 2009-10-04 12:45 . 2008-04-23 04:16   44544 c:\windows\ie7updates\KB972260-IE7\iernonce.dll
+ 2009-10-04 12:45 . 2008-04-14 02:17   81920 c:\windows\ie7updates\KB972260-IE7\ieencode.dll
+ 2009-10-04 12:45 . 2008-04-22 07:41   70656 c:\windows\ie7updates\KB972260-IE7\ie4uinit.exe
+ 2009-10-04 12:45 . 2008-04-23 04:16   63488 c:\windows\ie7updates\KB972260-IE7\icardie.dll
+ 2009-10-04 12:45 . 2008-04-14 02:17   35328 c:\windows\ie7updates\KB972260-IE7\corpol.dll
- 2004-08-27 12:00 . 2005-05-26 23:22   10752 c:\windows\hh.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   10752 c:\windows\hh.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   33280 c:\windows\Help\sstub.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   33280 c:\windows\Help\sstub.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   34816 c:\windows\Help\sniffpol.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   34816 c:\windows\Help\sniffpol.dll
+ 2009-11-27 17:13 . 2009-11-27 17:13   17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08   48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2009-10-04 12:33 . 2008-07-06 12:06   89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
+ 2010-06-23 21:19 . 2010-06-23 21:19   60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ea1b4fbde0e772748c6ac42d627cf684\UIAutomationProvider.ni.dll
+ 2009-10-04 12:44 . 2009-10-04 12:44   47104 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP47B.tmp\PresentationFontCache.exe
+ 2010-06-24 06:12 . 2010-06-24 06:12   37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\f46915dfc57bc7e49c5402e9b8f7ec18\System.Windows.Presentation.ni.dll
+ 2010-06-10 15:57 . 2010-06-10 15:57   36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\1464c662c302ea6372a885161b983732\System.Web.DynamicData.Design.ni.dll
+ 2010-06-10 15:54 . 2010-06-10 15:54   94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\5d535ecadf77ac2d9278a1661beb2855\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-10-14 15:42 . 2009-10-14 15:42   82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
+ 2010-06-23 21:18 . 2010-06-23 21:18   47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\18729514178d458aa1225dd068718d4e\PresentationFontCache.ni.exe
+ 2010-06-23 21:19 . 2010-06-23 21:19   39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\0375dfa28e2f6ef7e89df9edede4b83d\PresentationCFFRasterizer.ni.dll
+ 2010-06-10 15:56 . 2010-06-10 15:56   55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\4a52287444c36c89310856b38ff52fe0\Microsoft.Vsa.ni.dll
+ 2009-10-14 15:05 . 2009-10-14 15:05   15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\1ded203bd27031c3a5e3441f94b528c0\Microsoft.VisualC.ni.dll
+ 2009-10-14 15:06 . 2009-10-14 15:06   65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f\Microsoft.Build.Framework.ni.dll
+ 2009-10-14 15:42 . 2009-10-14 15:42   74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll
+ 2009-10-14 15:42 . 2009-10-14 15:42   14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe
+ 2009-10-14 15:05 . 2009-10-14 15:05   25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
+ 2009-10-04 12:34 . 2009-10-04 12:34   94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2009-10-04 12:34 . 2009-10-04 12:34   98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2009-10-04 12:34 . 2009-10-04 12:34   40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2010-06-23 21:12 . 2010-06-23 21:12   77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2010-06-10 14:14 . 2010-06-10 14:14   32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2008-02-08 21:41 . 2008-02-08 21:41   32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-10-04 12:34 . 2009-10-04 12:34   73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2010-06-23 21:12 . 2010-06-23 21:12   81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-06-23 21:14 . 2010-06-23 21:14   81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-10-04 12:34 . 2009-10-04 12:34   46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2009-10-04 12:34 . 2009-10-04 12:34   32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
- 2008-02-08 21:41 . 2008-02-08 21:41   32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-06-23 21:12 . 2010-06-23 21:12   13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-06-23 21:12 . 2010-06-23 21:13   69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2007-11-17 18:16 . 2008-04-14 02:17   39424 c:\windows\AppPatch\acadproc.dll
- 2007-11-17 18:16 . 2006-10-04 14:05   39424 c:\windows\AppPatch\acadproc.dll
- 2007-11-17 18:15 . 2004-08-27 12:00   73728 c:\windows\$NtUninstallwmp11$\wmplayer.exe
+ 2009-12-17 06:41 . 2004-08-27 12:00   73728 c:\windows\$NtUninstallwmp11$\wmplayer.exe
- 2007-11-17 18:15 . 2004-09-22 16:46   28672 c:\windows\$NtUninstallwmp11$\wmpenc.exe
+ 2009-12-17 06:41 . 2004-09-22 16:46   28672 c:\windows\$NtUninstallwmp11$\wmpenc.exe
+ 2009-12-17 06:41 . 2004-08-27 12:00   98304 c:\windows\$NtUninstallwmp11$\wmpband.dll
- 2007-11-17 18:15 . 2004-08-27 12:00   98304 c:\windows\$NtUninstallwmp11$\wmpband.dll
+ 2010-05-27 02:57 . 2010-01-23 08:11   46080 c:\windows\$NtUninstallKB981793$\tzchange.exe
+ 2010-05-27 02:57 . 2010-04-22 22:23   16896 c:\windows\$NtUninstallKB981793$\spuninst\tzchange.dll
+ 2010-06-10 14:19 . 2008-04-14 02:17   65024 c:\windows\$NtUninstallKB979482$\asycfilt.dll
+ 2010-04-14 20:07 . 2008-04-14 02:17   83968 c:\windows\$NtUninstallKB979309$\cabview.dll
+ 2010-02-24 07:00 . 2009-10-28 15:07   46080 c:\windows\$NtUninstallKB979306$\tzchange.exe
+ 2010-02-24 07:00 . 2010-01-23 10:41   16896 c:\windows\$NtUninstallKB979306$\spuninst\tzchange.dll
+ 2010-02-10 15:16 . 2008-04-14 02:17   32256 c:\windows\$NtUninstallKB978037$\csrsrv.dll
+ 2010-02-10 15:14 . 2004-08-27 12:00   25600 c:\windows\$NtUninstallKB977914$\msvidc32.dll
+ 2010-02-10 15:14 . 2008-04-14 02:17   11264 c:\windows\$NtUninstallKB977914$\msrle32.dll
+ 2010-02-10 15:14 . 2008-04-14 02:17   47616 c:\windows\$NtUninstallKB977914$\iyuv_32.dll
+ 2010-02-10 15:14 . 2009-06-10 14:14   84992 c:\windows\$NtUninstallKB977914$\avifil32.dll
+ 2009-11-25 10:06 . 2009-07-14 11:03   46080 c:\windows\$NtUninstallKB976098-v2$\tzchange.exe
+ 2009-11-25 10:06 . 2009-10-29 02:04   16896 c:\windows\$NtUninstallKB976098-v2$\spuninst\tzchange.dll
+ 2010-02-10 15:15 . 2008-04-14 02:17   16896 c:\windows\$NtUninstallKB975560$\msyuv.dll
+ 2009-10-14 15:07 . 2008-04-14 02:17   57344 c:\windows\$NtUninstallKB974571$\msasn1.dll
+ 2009-12-09 20:33 . 2008-04-14 02:17   79872 c:\windows\$NtUninstallKB974318$\raschap.dll
+ 2009-10-04 12:47 . 2008-04-14 02:17   58880 c:\windows\$NtUninstallKB973507$\atl.dll
+ 2010-01-13 05:39 . 2009-07-29 04:36   81920 c:\windows\$NtUninstallKB972270$\fontsub.dll
+ 2009-10-04 12:46 . 2008-04-14 02:17   84992 c:\windows\$NtUninstallKB971557$\avifil32.dll
+ 2009-10-04 12:49 . 2008-04-14 02:18   60416 c:\windows\$NtUninstallKB970653-v3$\tzchange.exe
+ 2009-10-04 12:49 . 2009-07-16 04:16   14336 c:\windows\$NtUninstallKB970653-v3$\spuninst\tzchange.dll
+ 2009-12-09 20:33 . 2008-04-14 02:17   75776 c:\windows\$NtUninstallKB970430$\strmfilt.dll
+ 2009-12-09 20:33 . 2008-04-14 02:17   24576 c:\windows\$NtUninstallKB970430$\httpapi.dll
+ 2009-10-04 12:46 . 2008-04-14 02:17   49152 c:\windows\$NtUninstallKB968389$\wdigest.dll
+ 2009-10-04 12:46 . 2009-02-03 19:58   56832 c:\windows\$NtUninstallKB968389$\secur32.dll
+ 2009-10-04 12:46 . 2008-04-13 18:31   92288 c:\windows\$NtUninstallKB968389$\ksecdd.sys
+ 2009-10-04 12:49 . 2008-04-14 02:17   80896 c:\windows\$NtUninstallKB961371-v2$\fontsub.dll
+ 2009-10-04 12:47 . 2008-04-14 02:17   75776 c:\windows\$NtUninstallKB960859$\telnet.exe
+ 2009-10-04 12:23 . 2008-04-14 02:17   56320 c:\windows\$NtUninstallKB959426$\secur32.dll
+ 2009-10-04 12:23 . 2004-08-27 12:00   31232 c:\windows\$NtUninstallKB956572$\sc.exe
+ 2009-10-04 12:19 . 2008-04-14 02:17   73728 c:\windows\$NtUninstallKB952954$\mscms.dll
+ 2009-10-04 12:23 . 2008-04-14 02:17   91648 c:\windows\$NtUninstallKB952004$\mtxoci.dll
+ 2009-10-04 12:23 . 2008-04-14 02:17   66560 c:\windows\$NtUninstallKB952004$\mtxclu.dll
+ 2009-10-04 12:23 . 2008-04-14 02:17   58880 c:\windows\$NtUninstallKB952004$\msdtclog.dll
+ 2009-10-04 12:18 . 2008-04-14 02:17   90112 c:\windows\$NtUninstallKB951978$\wshext.dll
+ 2009-10-04 12:19 . 2008-04-14 02:17   82944 c:\windows\$NtUninstallKB946648$\msgsc.dll
+ 2009-07-17 11:50 . 2004-08-27 12:00   12672 c:\windows\$NtUninstallKB909394$\usb8023.sys
+ 2009-07-17 11:50 . 2004-08-27 12:00   30080 c:\windows\$NtUninstallKB909394$\rndismp.sys
+ 2009-10-04 11:14 . 2006-03-01 19:43   11776 c:\windows\$NtServicePackUninstall$\xolehlp.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   50176 c:\windows\$NtServicePackUninstall$\xmlprovi.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   30720 c:\windows\$NtServicePackUninstall$\xcopy.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   91648 c:\windows\$NtServicePackUninstall$\xactsrv.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   51712 c:\windows\$NtServicePackUninstall$\wzcsapi.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   18432 c:\windows\$NtServicePackUninstall$\wtsapi32.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   51200 c:\windows\$NtServicePackUninstall$\wstdecod.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   22528 c:\windows\$NtServicePackUninstall$\wsock32.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   42496 c:\windows\$NtServicePackUninstall$\wsnmp32.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   19968 c:\windows\$NtServicePackUninstall$\wshtcpip.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   11776 c:\windows\$NtServicePackUninstall$\wshrm.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   14336 c:\windows\$NtServicePackUninstall$\wship6.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   65536 c:\windows\$NtServicePackUninstall$\wshext.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   28672 c:\windows\$NtServicePackUninstall$\wshcon.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   81408 c:\windows\$NtServicePackUninstall$\wscsvc.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   13824 c:\windows\$NtServicePackUninstall$\wscntfy.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   19968 c:\windows\$NtServicePackUninstall$\ws2help.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   82944 c:\windows\$NtServicePackUninstall$\ws2_32.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   32256 c:\windows\$NtServicePackUninstall$\wpnpinst.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   32256 c:\windows\$NtServicePackUninstall$\wpabaln.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   20480 c:\windows\$NtServicePackUninstall$\wmpui.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   20480 c:\windows\$NtServicePackUninstall$\wmpcore.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   20480 c:\windows\$NtServicePackUninstall$\wmpcd.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   94720 c:\windows\$NtServicePackUninstall$\wmiutils.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   41472 c:\windows\$NtServicePackUninstall$\wmipsess.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   62976 c:\windows\$NtServicePackUninstall$\wmipjobj.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   62464 c:\windows\$NtServicePackUninstall$\wmipiprt.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   60928 c:\windows\$NtServicePackUninstall$\wmicookr.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   89088 c:\windows\$NtServicePackUninstall$\wmiaprpl.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   91648 c:\windows\$NtServicePackUninstall$\wlnotify.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   53760 c:\windows\$NtServicePackUninstall$\winsta.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   17408 c:\windows\$NtServicePackUninstall$\winshfhc.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   97792 c:\windows\$NtServicePackUninstall$\winscard.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   16896 c:\windows\$NtServicePackUninstall$\winrnr.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   32768 c:\windows\$NtServicePackUninstall$\winipsec.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   75776 c:\windows\$NtServicePackUninstall$\wiascr.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   64512 c:\windows\$NtServicePackUninstall$\wextract.exe
+ 2009-10-04 11:14 . 2006-01-04 03:35   68096 c:\windows\$NtServicePackUninstall$\webclnt.dll
+ 2009-10-04 11:13 . 2006-06-14 09:00   82944 c:\windows\$NtServicePackUninstall$\wdmaud.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   23552 c:\windows\$NtServicePackUninstall$\wdmaud.drv
+ 2009-10-04 11:14 . 2006-03-24 04:37   49152 c:\windows\$NtServicePackUninstall$\wdigest.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   43520 c:\windows\$NtServicePackUninstall$\wbemsvc.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   18944 c:\windows\$NtServicePackUninstall$\wbemprox.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   41984 c:\windows\$NtServicePackUninstall$\wbemperf.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   71680 c:\windows\$NtServicePackUninstall$\wbemcons.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   17664 c:\windows\$NtServicePackUninstall$\watchdog.sys
+ 2009-10-04 11:13 . 2004-08-27 12:00   34560 c:\windows\$NtServicePackUninstall$\wanarp.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   30208 c:\windows\$NtServicePackUninstall$\wabmig.exe
+ 2009-10-04 11:14 . 2007-05-16 15:12   85504 c:\windows\$NtServicePackUninstall$\wabimp.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   32768 c:\windows\$NtServicePackUninstall$\wabfind.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   46080 c:\windows\$NtServicePackUninstall$\wab.exe
+ 2009-10-04 11:15 . 2004-08-27 12:00   15872 c:\windows\$NtServicePackUninstall$\w3ssl.dll
+ 2009-10-04 11:13 . 2004-08-27 12:00   52224 c:\windows\$NtServicePackUninstall$\volsnap.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   86073 c:\windows\$NtServicePackUninstall$\voicesub.dll
+ 2009-10-04 11:13 . 2004-08-27 12:00   79744 c:\windows\$NtServicePackUninstall$\videoprt.sys
+ 2009-10-04 11:13 . 2004-08-27 12:00   20992 c:\windows\$NtServicePackUninstall$\vga.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   18944 c:\windows\$NtServicePackUninstall$\version.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   13312 c:\windows\$NtServicePackUninstall$\verifier.dll
+ 2009-10-04 11:15 . 2006-03-17 00:38   28672 c:\windows\$NtServicePackUninstall$\verclsid.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   51712 c:\windows\$NtServicePackUninstall$\vdmredir.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   26112 c:\windows\$NtServicePackUninstall$\vdmdbg.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   30749 c:\windows\$NtServicePackUninstall$\vbajet32.dll
+ 2009-10-04 11:14 . 2006-10-04 13:32   50176 c:\windows\$NtServicePackUninstall$\utilman.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   24576 c:\windows\$NtServicePackUninstall$\userinit.exe
+ 2009-10-04 11:14 . 2004-08-26 15:53   72704 c:\windows\$NtServicePackUninstall$\usbui.dll
+ 2009-10-04 11:13 . 2004-08-03 21:08   20480 c:\windows\$NtServicePackUninstall$\usbuhci.sys
+ 2009-10-04 11:13 . 2004-08-03 21:08   26496 c:\windows\$NtServicePackUninstall$\usbstor.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   16896 c:\windows\$NtServicePackUninstall$\usbmon.dll
+ 2009-10-04 11:13 . 2004-08-27 12:00   16000 c:\windows\$NtServicePackUninstall$\usbintel.sys
+ 2009-10-04 11:13 . 2004-08-03 21:08   57600 c:\windows\$NtServicePackUninstall$\usbhub.sys
+ 2009-10-04 11:15 . 2004-08-27 12:00   26624 c:\windows\$NtServicePackUninstall$\usbehci.sys
+ 2009-10-04 11:13 . 2004-08-27 12:00   31616 c:\windows\$NtServicePackUninstall$\usbccgp.sys
+ 2009-10-04 11:13 . 2004-08-27 12:00   23936 c:\windows\$NtServicePackUninstall$\usbcamd2.sys
+ 2009-10-04 11:13 . 2004-08-27 12:00   23808 c:\windows\$NtServicePackUninstall$\usbcamd.sys
+ 2009-10-04 11:13 . 2004-08-03 23:07   59264 c:\windows\$NtServicePackUninstall$\usbaudio.sys
+ 2009-10-04 11:15 . 2005-10-21 01:47   12800 c:\windows\$NtServicePackUninstall$\usb8023x.sys
+ 2009-10-04 11:13 . 2005-10-21 01:47   12800 c:\windows\$NtServicePackUninstall$\usb8023.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   18432 c:\windows\$NtServicePackUninstall$\ups.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   16896 c:\windows\$NtServicePackUninstall$\upnpcont.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   13824 c:\windows\$NtServicePackUninstall$\uniplat.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   73216 c:\windows\$NtServicePackUninstall$\unimdmat.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   76288 c:\windows\$NtServicePackUninstall$\uniime.dll
+ 2009-10-04 11:14 . 2006-10-04 13:38   35840 c:\windows\$NtServicePackUninstall$\umandlg.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   25600 c:\windows\$NtServicePackUninstall$\udhisapi.dll
+ 2009-10-04 11:13 . 2004-08-27 12:00   66176 c:\windows\$NtServicePackUninstall$\udfs.sys
+ 2009-10-04 11:15 . 2007-11-13 11:31   60416 c:\windows\$NtServicePackUninstall$\tzchange.exe
+ 2009-10-04 11:15 . 2004-08-27 12:00   44032 c:\windows\$NtServicePackUninstall$\twext.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   50688 c:\windows\$NtServicePackUninstall$\twain_32.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   12416 c:\windows\$NtServicePackUninstall$\tunmp.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   12168 c:\windows\$NtServicePackUninstall$\tsddd.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   93696 c:\windows\$NtServicePackUninstall$\tscfgwmi.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   90624 c:\windows\$NtServicePackUninstall$\trkwks.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   11264 c:\windows\$NtServicePackUninstall$\tree.com
+ 2009-10-04 11:14 . 2004-08-27 12:00   12288 c:\windows\$NtServicePackUninstall$\tracert.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   10240 c:\windows\$NtServicePackUninstall$\tmigrate.dll
+ 2009-10-04 11:13 . 2004-08-26 15:53   40840 c:\windows\$NtServicePackUninstall$\termdd.sys
+ 2009-10-04 11:14 . 2005-05-10 23:45   75776 c:\windows\$NtServicePackUninstall$\telnet.exe
+ 2009-10-04 11:13 . 2004-08-27 12:00   21896 c:\windows\$NtServicePackUninstall$\tdtcp.sys
+ 2009-10-04 11:13 . 2004-08-27 12:00   12040 c:\windows\$NtServicePackUninstall$\tdpipe.sys
+ 2009-10-04 11:13 . 2004-08-27 12:00   18560 c:\windows\$NtServicePackUninstall$\tdi.sys
+ 2009-10-04 11:14 . 2003-03-24 14:52   16384 c:\windows\$NtServicePackUninstall$\tcptsat.dll
+ 2009-10-04 11:14 . 2003-03-24 14:52   32827 c:\windows\$NtServicePackUninstall$\tcptest.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   45056 c:\windows\$NtServicePackUninstall$\tcpmonui.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   46080 c:\windows\$NtServicePackUninstall$\tcpmon.dll
+ 2009

Brenneka · « **Reply #6 on:** July 17, 2010, 12:31:18 PM »

+ 2008-04-14 02:17 . 2008-04-14 02:17   4096 c:\windows\ServicePackFiles\i386\msdaenum.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   4096 c:\windows\ServicePackFiles\i386\msdadc.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   3584 c:\windows\ServicePackFiles\i386\msafd.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   5120 c:\windows\ServicePackFiles\i386\mmcfxcr.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   7680 c:\windows\ServicePackFiles\i386\migregdb.exe
+ 2008-04-13 18:40 . 2008-04-13 18:40   7040 c:\windows\ServicePackFiles\i386\ltotape.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   4096 c:\windows\ServicePackFiles\i386\ksuser.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   8192 c:\windows\ServicePackFiles\i386\koc.dll
+ 2008-04-13 18:31 . 2008-04-13 18:31   7424 c:\windows\ServicePackFiles\i386\kd1394.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   7168 c:\windows\ServicePackFiles\i386\kbdukx.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   7680 c:\windows\ServicePackFiles\i386\kbdsmsno.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   7680 c:\windows\ServicePackFiles\i386\kbdsmsfi.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdpash.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   7168 c:\windows\ServicePackFiles\i386\kbdno1.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdnepr.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   7168 c:\windows\ServicePackFiles\i386\kbdnec.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdmlt48.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdmlt47.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   5632 c:\windows\ServicePackFiles\i386\kbdmaori.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdlk41j.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6656 c:\windows\ServicePackFiles\i386\kbdlk41a.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdiultn.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6656 c:\windows\ServicePackFiles\i386\kbdinmal.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdinben.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdinbe1.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   7168 c:\windows\ServicePackFiles\i386\kbdibm02.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   7168 c:\windows\ServicePackFiles\i386\kbdfi1.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdbhc.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbdax2.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbd106n.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbd106.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   6144 c:\windows\ServicePackFiles\i386\kbd101.dll
+ 2008-04-14 01:56 . 2008-04-14 01:56   5504 c:\windows\ServicePackFiles\i386\intelide.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   8192 c:\windows\ServicePackFiles\i386\igmpagnt.dll
+ 2008-04-13 16:44 . 2008-04-13 16:44   2560 c:\windows\ServicePackFiles\i386\iconlib.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   3584 c:\windows\ServicePackFiles\i386\icmp.dll
+ 2008-04-13 18:41 . 2008-04-13 18:41   8576 c:\windows\ServicePackFiles\i386\i2omgmt.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   7168 c:\windows\ServicePackFiles\i386\hccoin.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   5632 c:\windows\ServicePackFiles\i386\fxsres.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   8704 c:\windows\ServicePackFiles\i386\fxsperf.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   9344 c:\windows\ServicePackFiles\i386\framebuf.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   7680 c:\windows\ServicePackFiles\i386\forcedos.exe
+ 2008-04-14 02:15 . 2008-04-14 02:15   7168 c:\windows\ServicePackFiles\i386\f3ahvoas.dll
+ 2008-04-14 01:57 . 2008-04-14 01:57   3584 c:\windows\ServicePackFiles\i386\dsprpres.dll
+ 2009-10-04 11:07 . 2004-08-27 12:00   4656 c:\windows\ServicePackFiles\i386\ds16gt.dll
+ 2008-04-13 18:45 . 2008-04-13 18:45   2944 c:\windows\ServicePackFiles\i386\drmkaud.sys
+ 2008-04-14 02:15 . 2008-04-14 02:15   3072 c:\windows\ServicePackFiles\i386\dpnlobby.dll
+ 2008-04-14 02:15 . 2008-04-14 02:15   3072 c:\windows\ServicePackFiles\i386\dpnaddr.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   9216 c:\windows\ServicePackFiles\i386\dot3dlg.dll
+ 2008-04-13 18:40 . 2008-04-13 18:40   8320 c:\windows\ServicePackFiles\i386\dlttape.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   5120 c:\windows\ServicePackFiles\i386\dllhost.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   6144 c:\windows\ServicePackFiles\i386\dcomcnfg.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   8704 c:\windows\ServicePackFiles\i386\dciman32.dll
+ 2008-04-14 02:33 . 2008-04-14 02:33   1804 c:\windows\ServicePackFiles\i386\dcache.bin
+ 2008-04-14 02:17 . 2008-04-14 02:17   8192 c:\windows\ServicePackFiles\i386\d3d8thk.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   6144 c:\windows\ServicePackFiles\i386\csrss.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   6144 c:\windows\ServicePackFiles\i386\comrereg.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   9728 c:\windows\ServicePackFiles\i386\comrepl.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   5632 c:\windows\ServicePackFiles\i386\cisvc.exe
+ 2008-04-13 18:40 . 2008-04-13 18:40   8192 c:\windows\ServicePackFiles\i386\changer.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   7168 c:\windows\ServicePackFiles\i386\bitsprx4.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   7168 c:\windows\ServicePackFiles\i386\bitsprx3.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   8192 c:\windows\ServicePackFiles\i386\bitsprx2.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   8704 c:\windows\ServicePackFiles\i386\batt.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   3775 c:\windows\ServicePackFiles\i386\adv11nt5.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   3711 c:\windows\ServicePackFiles\i386\adv09nt5.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   3135 c:\windows\ServicePackFiles\i386\adv08nt5.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   3647 c:\windows\ServicePackFiles\i386\adv07nt5.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   3615 c:\windows\ServicePackFiles\i386\adv05nt5.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   3967 c:\windows\ServicePackFiles\i386\adv02nt5.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   4255 c:\windows\ServicePackFiles\i386\adv01nt5.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   4096 c:\windows\ServicePackFiles\i386\actmovie.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16   5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2008-01-18 15:13 . 2008-01-18 15:13   2247 c:\windows\Installer\tsclientmsitrans\tscdsbl.bat
+ 2005-12-08 10:52 . 2010-07-14 11:03   3584 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   3584 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   8192 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   8192 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   2560 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   2560 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2009-10-04 12:58 . 2009-03-08 02:35   2048 c:\windows\ie8updates\KB973874-IE8\iecompat.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08   8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2008-02-08 21:37 . 2008-02-08 21:37   5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2008-02-08 21:38 . 2008-02-08 21:38   6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-11-17 18:15 . 2004-08-27 12:00   7168 c:\windows\$NtUninstallwmp11$\asferror.dll
+ 2009-12-17 06:41 . 2004-08-27 12:00   7168 c:\windows\$NtUninstallwmp11$\asferror.dll
+ 2010-02-10 15:14 . 2004-08-27 12:00   8192 c:\windows\$NtUninstallKB977914$\tsbyuv.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   6656 c:\windows\$NtServicePackUninstall$\wuauserv.dll
+ 2009-10-04 11:14 . 2004-08-26 15:53   8192 c:\windows\$NtServicePackUninstall$\wshirda.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   5632 c:\windows\$NtServicePackUninstall$\wmm2res2.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   7680 c:\windows\$NtServicePackUninstall$\wmm2ext.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\wmm2eres.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\wmiapres.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   5632 c:\windows\$NtServicePackUninstall$\wmi.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   5632 c:\windows\$NtServicePackUninstall$\winver.exe
+ 2009-10-04 11:13 . 2004-08-27 12:00   4352 c:\windows\$NtServicePackUninstall$\swenum.sys
+ 2009-10-04 11:13 . 2006-06-14 08:47   6400 c:\windows\$NtServicePackUninstall$\splitter.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   8704 c:\windows\$NtServicePackUninstall$\snmptrap.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\snmpmib.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   8192 c:\windows\$NtServicePackUninstall$\smbinst.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   5120 c:\windows\$NtServicePackUninstall$\sfc.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6656 c:\windows\$NtServicePackUninstall$\sensapi.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   5632 c:\windows\$NtServicePackUninstall$\security.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   9216 c:\windows\$NtServicePackUninstall$\scrnsave.scr
+ 2009-10-04 11:14 . 2006-06-26 17:41   8192 c:\windows\$NtServicePackUninstall$\rasadhlp.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   9216 c:\windows\$NtServicePackUninstall$\proxycfg.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   8192 c:\windows\$NtServicePackUninstall$\ntlsapi.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   9600 c:\windows\$NtServicePackUninstall$\ndistapi.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\nddeapir.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\mtxex.dll
+ 2009-10-04 11:14 . 2004-08-03 22:58   4992 c:\windows\$NtServicePackUninstall$\mspqm.sys
+ 2009-10-04 11:14 . 2004-08-03 22:58   5376 c:\windows\$NtServicePackUninstall$\mspclock.sys
+ 2009-10-04 11:14 . 2004-08-03 22:58   7552 c:\windows\$NtServicePackUninstall$\mskssrv.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   4608 c:\windows\$NtServicePackUninstall$\msimg32.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6656 c:\windows\$NtServicePackUninstall$\msidle.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4126 c:\windows\$NtServicePackUninstall$\msdxmlc.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\msdtc.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\msdaurl.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\msdasc.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\msdaer.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\msdaenum.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\msdadc.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   3584 c:\windows\$NtServicePackUninstall$\msafd.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4639 c:\windows\$NtServicePackUninstall$\mplayer2.exe
+ 2009-10-04 11:14 . 2005-07-25 23:46   7680 c:\windows\$NtServicePackUninstall$\migregdb.exe
+ 2009-10-04 11:14 . 2004-08-26 15:53   4096 c:\windows\$NtServicePackUninstall$\ksuser.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   7424 c:\windows\$NtServicePackUninstall$\kd1394.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\kbdukx.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   7680 c:\windows\$NtServicePackUninstall$\kbdsmsno.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   7680 c:\windows\$NtServicePackUninstall$\kbdsmsfi.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\kbdno1.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\kbdnec.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\kbdmlt48.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\kbdmlt47.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   5632 c:\windows\$NtServicePackUninstall$\kbdmaori.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\kbdlk41j.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6656 c:\windows\$NtServicePackUninstall$\kbdlk41a.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   6656 c:\windows\$NtServicePackUninstall$\kbdinmal.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   6656 c:\windows\$NtServicePackUninstall$\kbdinben.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\kbdinbe1.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\kbdibm02.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\kbdfi1.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\kbdax2.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\kbd106n.dll
+ 2009-10-04 11:14 . 2001-08-17 14:55   6144 c:\windows\$NtServicePackUninstall$\kbd106.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\kbd101.dll
+ 2009-10-04 11:14 . 2004-08-26 17:49   5504 c:\windows\$NtServicePackUninstall$\intelide.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   8192 c:\windows\$NtServicePackUninstall$\igmpagnt.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\iconlib.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   3584 c:\windows\$NtServicePackUninstall$\icmp.dll
+ 2009-10-04 11:14 . 2001-08-17 12:02   9600 c:\windows\$NtServicePackUninstall$\hidusb.sys
+ 2009-10-04 11:15 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\hccoin.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   5632 c:\windows\$NtServicePackUninstall$\fxsres.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   8704 c:\windows\$NtServicePackUninstall$\fxsperf.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   9344 c:\windows\$NtServicePackUninstall$\framebuf.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\forcedos.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\f3ahvoas.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   3584 c:\windows\$NtServicePackUninstall$\dsprpres.dll
+ 2009-10-04 11:14 . 2004-08-03 23:07   2944 c:\windows\$NtServicePackUninstall$\drmkaud.sys
+ 2009-10-04 11:14 . 2004-08-27 12:00   3584 c:\windows\$NtServicePackUninstall$\dpnlobby.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   3584 c:\windows\$NtServicePackUninstall$\dpnaddr.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   5120 c:\windows\$NtServicePackUninstall$\dllhost.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   5120 c:\windows\$NtServicePackUninstall$\dcomcnfg.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   8704 c:\windows\$NtServicePackUninstall$\dciman32.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   1788 c:\windows\$NtServicePackUninstall$\dcache.bin
+ 2009-10-04 11:14 . 2004-08-27 12:00   8192 c:\windows\$NtServicePackUninstall$\d3d8thk.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   6144 c:\windows\$NtServicePackUninstall$\csrss.exe
+ 2009-10-04 11:15 . 2004-08-27 12:00   5120 c:\windows\$NtServicePackUninstall$\comrereg.exe
+ 2009-10-04 11:15 . 2004-08-27 12:00   9728 c:\windows\$NtServicePackUninstall$\comrepl.exe
+ 2009-10-04 11:14 . 2004-08-27 12:00   5632 c:\windows\$NtServicePackUninstall$\cisvc.exe
+ 2009-10-04 11:15 . 2004-08-27 12:00   7168 c:\windows\$NtServicePackUninstall$\bitsprx3.dll
+ 2009-10-04 11:15 . 2004-08-27 12:00   8192 c:\windows\$NtServicePackUninstall$\bitsprx2.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   8704 c:\windows\$NtServicePackUninstall$\batt.dll
+ 2009-10-04 11:14 . 2004-08-27 12:00   4096 c:\windows\$NtServicePackUninstall$\actmovie.exe
+ 2009-11-27 16:29 . 2009-11-27 16:29   8704 c:\windows\$hf_mig$\KB977914\SP3QFE\tsbyuv.dll
+ 2009-06-09 07:49 . 2008-05-05 04:25   4608 c:\windows\$hf_mig$\KB923561\SP3QFE\sprv040d.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-06-23 21:13 . 2010-06-23 21:13   258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2008-02-08 21:38 . 2008-02-08 21:38   258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2005-12-08 08:45 . 2004-08-27 12:00   129536 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_he_d193ac0c\rtcres.dll
+ 2008-04-14 01:58 . 2008-04-14 01:58   129536 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_he_d193ac0c\rtcres.dll
- 2005-12-08 08:45 . 2004-08-27 12:00   989184 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
+ 2008-04-14 02:14 . 2008-04-14 02:14   989184 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
- 2005-12-08 08:45 . 2004-08-27 12:00   852992 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 02:14 . 2008-04-14 02:14   852992 c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 02:14 . 2008-04-14 02:14   343040 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 00:54 . 2008-07-29 00:54   225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02   159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2008-07-29 05:05 . 2008-07-29 05:05   161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2009-07-11 23:12 . 2009-07-11 23:12   632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-11 23:09 . 2009-07-11 23:09   554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-11 23:08 . 2009-07-11 23:08   479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
- 2007-02-17 17:04 . 2007-01-19 12:51   401462 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 02:14 . 2008-04-14 02:14   401462 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 02:14 . 2008-04-14 02:14   995383 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2007-02-17 17:04 . 2007-01-19 12:51   995383 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   282112 c:\windows\winhlp32.exe
+ 2004-08-27 12:00 . 2008-04-14 02:18   282112 c:\windows\winhlp32.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   474112 c:\windows\system32\zipfldr.dll
+ 2008-07-29 19:26 . 2008-07-29 19:26   301568 c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2006-10-14 18:21 . 2008-07-06 12:06   575488 c:\windows\system32\xpsshhdr.dll
+ 2004-08-27 12:00 . 2008-04-13 18:35   181760 c:\windows\system32\xpsp1res.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   181760 c:\windows\system32\xpsp1res.dll
+ 2004-08-27 12:00 . 2008-04-13 18:40   418304 c:\windows\system32\xpob2res.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   418304 c:\windows\system32\xpob2res.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   129024 c:\windows\system32\xmlprov.dll
- 2007-01-17 17:21 . 2006-07-14 15:51   121856 c:\windows\system32\xmllite.dll
+ 2007-01-17 17:21 . 2009-01-07 16:21   121856 c:\windows\system32\xmllite.dll
+ 2004-08-26 17:53 . 2008-04-14 02:17   483840 c:\windows\system32\wzcsvc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   382464 c:\windows\system32\wzcdlg.dll
+ 2005-12-08 07:22 . 2009-08-06 17:24   209632 c:\windows\system32\wuweb.dll
+ 2005-12-08 07:22 . 2009-08-06 17:24   327896 c:\windows\system32\wucltui.dll
+ 2005-12-08 07:22 . 2009-08-06 17:23   575704 c:\windows\system32\wuapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   108032 c:\windows\system32\wshbth.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   108032 c:\windows\system32\wshbth.dll
+ 2004-08-27 12:00 . 2008-05-08 11:24   155648 c:\windows\system32\wscript.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   263680 c:\windows\system32\wow32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   263680 c:\windows\system32\wow32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   303616 c:\windows\system32\wmstream.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   303616 c:\windows\system32\wmstream.dll
+ 2004-08-27 12:00 . 2009-04-01 21:02   604160 c:\windows\system32\wmspdmod.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   115200 c:\windows\system32\wmsdmoe.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   115200 c:\windows\system32\wmsdmoe.dll
+ 2009-10-04 11:28 . 2004-08-27 12:00   221184 c:\windows\system32\wmpns.dll
+ 2006-10-24 10:30 . 2008-04-14 02:17   276992 c:\windows\system32\wmphoto.dll
- 2006-10-24 10:30 . 2006-10-24 10:30   276992 c:\windows\system32\WMPhoto.dll
- 2006-10-18 19:47 . 2006-10-18 19:47   295936 c:\windows\system32\wmpeffects.dll
+ 2006-10-18 19:47 . 2008-06-24 16:12   295936 c:\windows\system32\wmpeffects.dll
+ 2004-08-27 12:00 . 2009-07-13 21:43   286208 c:\windows\system32\wmpdxm.dll
+ 2004-08-27 12:00 . 2008-06-18 03:03   938496 c:\windows\system32\WMNetmgr.dll
+ 2004-08-27 12:00 . 2006-10-18 19:47   227328 c:\windows\system32\wmerror.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   172032 c:\windows\system32\wldap32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   172032 c:\windows\system32\wldap32.dll
- 2004-08-27 12:00 . 2006-08-17 12:28   132096 c:\windows\system32\wkssvc.dll
+ 2004-08-27 12:00 . 2009-06-10 06:15   132096 c:\windows\system32\wkssvc.dll
+ 2004-08-27 12:00 . 2009-12-24 07:00   177664 c:\windows\system32\wintrust.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   331264 c:\windows\system32\winsrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   146432 c:\windows\system32\winspool.drv
- 2004-08-27 12:00 . 2004-08-27 12:00   146432 c:\windows\system32\winspool.drv
+ 2004-08-27 12:00 . 2008-04-14 02:17   172544 c:\windows\system32\winmm.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   172544 c:\windows\system32\winmm.dll
+ 2005-12-08 07:20 . 2004-08-27 12:00   122880 c:\windows\system32\WINmine.exe
+ 2004-08-27 12:00 . 2008-04-14 02:18   504320 c:\windows\system32\winlogon.exe
+ 2004-08-27 12:00 . 2009-08-25 09:18   354816 c:\windows\system32\winhttp.dll
+ 2006-10-17 10:05 . 2009-03-08 02:34   208384 c:\windows\system32\WinFXDocObj.exe
+ 2006-10-24 10:29 . 2008-04-14 02:17   346112 c:\windows\system32\windowscodecsext.dll
+ 2006-10-24 10:30 . 2008-04-14 02:17   712704 c:\windows\system32\windowscodecs.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   102400 c:\windows\system32\win32spl.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   111104 c:\windows\system32\wiavideo.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   111104 c:\windows\system32\wiavideo.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   758272 c:\windows\system32\wiashext.dll
- 2004-08-27 12:00 . 2006-12-19 18:17   333312 c:\windows\system32\wiaservc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   333312 c:\windows\system32\wiaservc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   124416 c:\windows\system32\wiadss.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   124416 c:\windows\system32\wiadss.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   462336 c:\windows\system32\wiadefui.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   462336 c:\windows\system32\wiadefui.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   486400 c:\windows\system32\wiaacmgr.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   135168 c:\windows\system32\webvw.dll
+ 2004-08-27 12:00 . 2009-03-08 02:34   236544 c:\windows\system32\webcheck.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   144896 c:\windows\system32\wbem\wmisvc.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   144896 c:\windows\system32\wbem\wmisvc.dll
+ 2005-12-08 07:20 . 2009-02-06 10:10   227840 c:\windows\system32\wbem\wmiprvse.exe
+ 2005-12-08 07:20 . 2009-02-09 10:53   453120 c:\windows\system32\wbem\wmiprvsd.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   144896 c:\windows\system32\wbem\wmiprov.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   144896 c:\windows\system32\wbem\wmiprov.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   132096 c:\windows\system32\wbem\wmipdskq.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   132096 c:\windows\system32\wbem\wmipdskq.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   156672 c:\windows\system32\wbem\wmipcima.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   156672 c:\windows\system32\wbem\wmipcima.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   140800 c:\windows\system32\wbem\wmidcprv.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   140800 c:\windows\system32\wbem\wmidcprv.dll
+ 2005-12-08 07:20 . 2008-04-14 02:18   126464 c:\windows\system32\wbem\wmiapsrv.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   126464 c:\windows\system32\wbem\wmiapsrv.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   196608 c:\windows\system32\wbem\wmiadap.exe
+ 2005-12-08 07:20 . 2008-04-14 02:18   196608 c:\windows\system32\wbem\wmiadap.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   197120 c:\windows\system32\wbem\wbemupgd.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   197120 c:\windows\system32\wbem\wbemupgd.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   116736 c:\windows\system32\wbem\wbemtest.exe
+ 2005-12-08 07:20 . 2008-04-14 02:18   116736 c:\windows\system32\wbem\wbemtest.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   273920 c:\windows\system32\wbem\wbemess.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   273920 c:\windows\system32\wbem\wbemess.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   178176 c:\windows\system32\wbem\wbemdisp.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   178176 c:\windows\system32\wbem\wbemdisp.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   531456 c:\windows\system32\wbem\wbemcore.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   214528 c:\windows\system32\wbem\wbemcomn.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   214528 c:\windows\system32\wbem\wbemcomn.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   195072 c:\windows\system32\wbem\wbemcntl.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   195072 c:\windows\system32\wbem\wbemcntl.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   131584 c:\windows\system32\wbem\viewprov.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   131584 c:\windows\system32\wbem\viewprov.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   178176 c:\windows\system32\wbem\repdrvfs.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   237056 c:\windows\system32\wbem\provthrd.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   237056 c:\windows\system32\wbem\provthrd.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   212992 c:\windows\system32\wbem\ntevt.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   212992 c:\windows\system32\wbem\ntevt.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   123904 c:\windows\system32\wbem\mofd.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   123904 c:\windows\system32\wbem\mofd.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   185344 c:\windows\system32\wbem\framedyn.dll
+ 2005-12-08 07:20 . 2009-02-09 10:53   473600 c:\windows\system32\wbem\fastprox.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   247808 c:\windows\system32\wbem\esscli.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   247808 c:\windows\system32\wbem\esscli.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   215552 c:\windows\system32\wavemsp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   175104 c:\windows\system32\w32time.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   289792 c:\windows\system32\vssvc.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   289792 c:\windows\system32\vssvc.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   430592 c:\windows\system32\vssapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   430592 c:\windows\system32\vssapi.dll
+ 2009-11-16 06:08 . 2006-05-11 18:21   626688 c:\windows\system32\vp7vfw.dll
+ 2009-11-12 18:24 . 2009-09-09 23:18   350830 c:\windows\system32\viwc.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   336384 c:\windows\system32\VITrans\zipfldr.dll
+ 2009-11-12 18:19 . 2009-08-06 17:23   575704 c:\windows\system32\VITrans\wuapi.dll
+ 2009-11-12 18:19 . 2008-05-08 11:24   155648 c:\windows\system32\VITrans\wscript.exe
+ 2009-11-12 18:19 . 2008-04-21 21:15   214016 c:\windows\system32\VITrans\wordpad.exe
+ 2009-11-12 18:19 . 2004-08-27 12:00   119808 c:\windows\system32\VITrans\WINmine.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   585728 c:\windows\system32\VITrans\wiashext.dll
+ 2009-11-12 18:19 . 2008-04-14 02:18   428032 c:\windows\system32\VITrans\wiaacmgr.exe
+ 2009-11-12 18:19 . 2009-03-08 02:34   236544 c:\windows\system32\VITrans\webcheck.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   218624 c:\windows\system32\VITrans\uxtheme.dll
+ 2009-11-12 18:19 . 2008-04-14 02:18   135168 c:\windows\system32\VITrans\taskmgr.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   121856 c:\windows\system32\VITrans\stobject.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   538624 c:\windows\system32\VITrans\spider.exe
+ 2009-11-12 18:19 . 2004-08-27 12:00   138752 c:\windows\system32\VITrans\sndvol32.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   437760 c:\windows\system32\VITrans\shimgvw.dll
+ 2009-11-12 18:19 . 2008-04-13 17:17   977920 c:\windows\system32\VITrans\setupapi.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   382464 c:\windows\system32\VITrans\rstrui.exe
+ 2009-11-12 18:24 . 2003-12-12 21:43   881664 c:\windows\system32\VITrans\ResHacker.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   144896 c:\windows\system32\VITrans\regedit.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   649216 c:\windows\system32\VITrans\rasdlg.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   170496 c:\windows\system32\VITrans\photowiz.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   677888 c:\windows\system32\VITrans\mstsc.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   272384 c:\windows\system32\VITrans\mstask.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   340992 c:\windows\system32\VITrans\mspaint.exe
+ 2009-11-12 18:19 . 2004-08-27 12:00   126976 c:\windows\system32\VITrans\mshearts.exe
+ 2009-11-12 18:19 . 2008-04-14 02:17   991232 c:\windows\system32\VITrans\msgina.dll
+ 2009-11-12 18:19 . 2008-04-13 16:45   216064 c:\windows\system32\VITrans\moricons.dll
+ 2009-11-12 18:19 . 2009-03-08 12:09   638816 c:\windows\system32\VITrans\IEXPLORE.EXE
+ 2009-11-12 18:19 . 2008-04-14 02:17   381440 c:\windows\system32\VITrans\fontext.dll
+ 2009-11-12 18:19 . 2008-04-14 02:17   342016 c:\windows\system32\VITrans\cmdial32.dll
+ 2009-11-12 18:19 . 2004-08-27 12:00   114688 c:\windows\system32\VITrans\calc.exe
+ 2009-11-12 18:24 . 2009-09-09 19:19   146412 c:\windows\system32\vilaunch.exe
+ 1998-06-15 21:00 . 1998-06-15 21:00   934672 c:\windows\system32\vfpodbc.dll
+ 2004-08-27 12:00 . 2010-03-10 06:16   420352 c:\windows\system32\vbscript.dll
+ 1998-06-17 22:00 . 1998-06-17 22:00   102912 c:\windows\system32\VB6STKIT.DLL
+ 2004-08-27 12:00 . 2008-04-25 17:41   218624 c:\windows\system32\uxtheme.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   218624 c:\windows\system32\uxtheme.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   406016 c:\windows\system32\usp10.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   173568 c:\windows\system32\usmt\sysmoda.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   193024 c:\windows\system32\usmt\sysmod.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   199680 c:\windows\system32\usmt\scripta.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   214016 c:\windows\system32\usmt\script.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   241152 c:\windows\system32\usmt\migwiza.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   238080 c:\windows\system32\usmt\migwiz.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   103936 c:\windows\system32\usmt\migload.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   261120 c:\windows\system32\usmt\migisma.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   274432 c:\windows\system32\usmt\migism.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   115200 c:\windows\system32\usmt\guitrna.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   133120 c:\windows\system32\usmt\guitrn.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   727040 c:\windows\system32\userenv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   576512 c:\windows\system32\user32.dll
- 2004-08-27 12:00 . 2008-04-23 04:16   105984 c:\windows\system32\url.dll
+ 2004-08-27 12:00 . 2009-03-08 02:34   105984 c:\windows\system32\url.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   239104 c:\windows\system32\upnpui.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   239104 c:\windows\system32\upnpui.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   185344 c:\windows\system32\upnphost.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   133632 c:\windows\system32\upnp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   316416 c:\windows\system32\untfs.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   316416 c:\windows\system32\untfs.dll
- 2004-08-27 12:00 . 2005-08-23 03:38   122880 c:\windows\system32\umpnpmgr.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   122880 c:\windows\system32\umpnpmgr.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   275456 c:\windows\system32\ulib.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   275456 c:\windows\system32\ulib.dll
+ 2009-11-12 18:19 . 2006-12-03 15:15   111104 c:\windows\system32\Uharc.exe
- 2004-08-27 12:00 . 2005-07-26 04:40   101376 c:\windows\system32\txflog.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   101376 c:\windows\system32\txflog.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   347136 c:\windows\system32\tourstart.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   347136 c:\windows\system32\tourstart.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   382976 c:\windows\system32\themeui.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   382976 c:\windows\system32\themeui.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   295424 c:\windows\system32\termsrv.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   295424 c:\windows\system32\termsrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   358400 c:\windows\system32\termmgr.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   358400 c:\windows\system32\termmgr.dll
+ 2004-08-27 12:00 . 2008-04-14 02:18   189952 c:\windows\system32\taskmgr.exe
- 2004-08-27 12:00 . 2005-07-08 16:29   248832 c:\windows\system32\tapisrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   248832 c:\windows\system32\tapisrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   181760 c:\windows\system32\tapi32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   181760 c:\windows\system32\tapi32.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   857088 c:\windows\system32\tapi3.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   857088 c:\windows\system32\tapi3.dll
+ 2004-08-27 12:00 . 2009-10-15 16:32   119808 c:\windows\system32\t2embed.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   983552 c:\windows\system32\syssetup.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   105984 c:\windows\system32\sysocmgr.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   105984 c:\windows\system32\sysocmgr.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   187904 c:\windows\system32\syncui.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   187904 c:\windows\system32\syncui.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   711168 c:\windows\system32\sxs.dll
- 2004-08-27 12:00 . 2006-10-20 01:38   711168 c:\windows\system32\sxs.dll
+ 2004-08-27 12:00 . 2009-08-26 08:01   247326 c:\windows\system32\strmdll.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   114688 c:\windows\system32\stobject.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   135680 c:\windows\system32\sti_ci.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   135680 c:\windows\system32\sti_ci.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   679936 c:\windows\system32\sstext3d.scr
+ 2004-08-27 12:00 . 2008-04-14 02:18   679936 c:\windows\system32\sstext3d.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   606208 c:\windows\system32\sspipes.scr
+ 2004-08-27 12:00 . 2008-04-14 02:18   606208 c:\windows\system32\sspipes.scr
+ 2004-08-27 12:00 . 2008-04-14 02:18   389120 c:\windows\system32\ssflwbox.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   389120 c:\windows\system32\ssflwbox.scr
- 2004-08-27 12:00 . 2004-08-27 12:00   704512 c:\windows\system32\ss3dfo.scr
+ 2004-08-27 12:00 . 2008-04-14 02:18   704512 c:\windows\system32\ss3dfo.scr
+ 2005-12-08 07:22 . 2008-04-14 02:17   170496 c:\windows\system32\srsvc.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   237568 c:\windows\system32\srrstr.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   237568 c:\windows\system32\srrstr.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   180800 c:\windows\system32\sqlunirl.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   180800 c:\windows\system32\sqlunirl.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   442368 c:\windows\system32\sqlsrv32.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   442368 c:\windows\system32\sqlsrv32.dll
+ 2009-11-17 19:02 . 2009-11-26 19:38   515760 c:\windows\system32\SpoonUninstall.exe
+ 2008-01-30 06:19 . 2008-07-06 12:06   765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2008-01-30 06:19 . 2008-07-06 12:06   765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2008-01-30 06:19 . 2008-07-06 12:06   748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2008-01-30 06:19 . 2008-07-06 12:06   748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2008-01-30 06:19 . 2008-07-06 12:06   147456 c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2006-10-14 14:44 . 2008-07-06 10:50   597504 c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
- 2006-10-14 14:40 . 2007-03-22 19:03   761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2006-10-14 14:40 . 2008-03-13 04:52   761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2006-10-14 14:42 . 2008-07-06 12:06   744960 c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2006-10-14 14:42 . 2008-07-06 12:06   373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2006-10-14 14:42 . 2008-07-06 12:06   198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2006-10-14 14:43 . 2008-07-06 12:06   765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   542720 c:\windows\system32\spider.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   181248 c:\windows\system32\snmpsnap.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   181248 c:\windows\system32\snmpsnap.dll
+ 2005-12-08 07:20 . 2004-08-27 12:00   141312 c:\windows\system32\sndvol32.exe
+ 2005-12-08 07:20 . 2008-04-14 02:17   130560 c:\windows\system32\sndrec32.exe
- 2005-12-08 07:20 . 2004-08-27 12:00   130560 c:\windows\system32\sndrec32.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   360960 c:\windows\system32\smlogcfg.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   188508 c:\windows\system32\slgen.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   286792 c:\windows\system32\slextspk.dll
+ 2009-11-16 06:08 . 2002-12-10 01:20   102439 c:\windows\system32\sipr3260.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   135168 c:\windows\system32\shsvcs.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   151040 c:\windows\system32\shmedia.dll
+ 2004-08-27 12:00 . 2009-12-08 09:24   474112 c:\windows\system32\shlwapi.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   492544 c:\windows\system32\shimgvw.dll
+ 2004-08-27 12:00 . 2008-04-14 01:55   540160 c:\windows\system32\shdoclc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   540160 c:\windows\system32\shdoclc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   138752 c:\windows\system32\sfc_os.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   138752 c:\windows\system32\sfc_os.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   130048 c:\windows\system32\Setup\tsoc.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   101376 c:\windows\system32\Setup\setupqry.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   101376 c:\windows\system32\Setup\setupqry.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   122880 c:\windows\system32\Setup\imsinsnt.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   503808 c:\windows\system32\Setup\iis.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   503808 c:\windows\system32\Setup\iis.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   132608 c:\windows\system32\Setup\fxsocm.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   132608 c:\windows\system32\Setup\fxsocm.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   274944 c:\windows\system32\Setup\comsetup.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   141312 c:\windows\system32\sessmgr.exe
+ 2004-08-27 12:00 . 2009-02-09 11:25   110592 c:\windows\system32\services.exe
+ 2004-08-27 12:00 . 2008-05-09 10:56   172032 c:\windows\system32\scrrun.dll
+ 2004-08-27 12:00 . 2008-05-09 10:56   180224 c:\windows\system32\scrobj.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   190976 c:\windows\system32\schedsvc.dll
+ 2004-08-27 12:00 . 2009-06-25 08:26   147456 c:\windows\system32\schannel.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   319488 c:\windows\system32\scesrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   183808 c:\windows\system32\scecli.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   170496 c:\windows\system32\sccsccp.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   170496 c:\windows\system32\sccsccp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   159232 c:\windows\system32\sbeio.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   159232 c:\windows\system32\sbeio.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   270848 c:\windows\system32\sbe.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   270848 c:\windows\system32\sbe.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   421376 c:\windows\system32\samsrv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   421376 c:\windows\system32\samsrv.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   397056 c:\windows\system32\s3gnb.dll
+ 2004-08-27 12:00 . 2008-04-13 17:37   208384 c:\windows\system32\rsaenh.dll
+ 2004-08-27 12:00 . 2009-02-09 10:53   401408 c:\windows\system32\rpcss.dll
+ 2004-08-27 12:00 . 2009-04-15 14:53   585216 c:\windows\system32\rpcrt4.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   433664 c:\windows\system32\riched20.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   290304 c:\windows\system32\rhttpaa.dll
+ 2005-03-10 18:47 . 2005-03-10 18:47   356352 c:\windows\system32\rfmp4dec.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   422400 c:\windows\system32\Restore\rstrui.exe
+ 2009-10-04 11:16 . 2004-08-27 12:00   108032 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\wshBth.dll
+ 2009-10-04 11:16 . 2004-08-26 15:53   151552 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\irftp.exe
+ 2009-10-04 11:16 . 2004-08-03 20:58   100992 c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\bthpan.sys
+ 2009-10-04 11:16 . 2004-08-27 12:00   193024 c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\fsquirt.exe
+ 2009-10-04 11:16 . 2008-06-14 17:59   271488 c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\bthport.sys
- 2004-08-27 12:00 . 2004-08-27 12:00   393728 c:\windows\system32\regwizc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   393728 c:\windows\system32\regwizc.dll
+ 2005-12-08 07:20 . 2008-04-14 02:17   147968 c:\windows\system32\rdchost.dll
- 2005-12-08 07:20 . 2004-08-27 12:00   147968 c:\windows\system32\rdchost.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   101888 c:\windows\system32\rcbdyctl.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   101888 c:\windows\system32\rcbdyctl.dll
+ 2004-08-27 12:00 . 2009-10-12 13:39   149504 c:\windows\system32\rastls.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   210944 c:\windows\system32\rasppp.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   186368 c:\windows\system32\rasmans.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   875520 c:\windows\system32\rasdlg.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   237056 c:\windows\system32\rasapi32.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   409088 c:\windows\system32\qmgr.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   733696 c:\windows\system32\qedwipes.dll
+ 2004-08-27 12:00 . 2008-04-13 17:21   733696 c:\windows\system32\qedwipes.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   562688 c:\windows\system32\qedit.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   562688 c:\windows\system32\qedit.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   386560 c:\windows\system32\qdvd.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   279040 c:\windows\system32\qdv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   279040 c:\windows\system32\qdv.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   192512 c:\windows\system32\qcap.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   192512 c:\windows\system32\qcap.dll
+ 2004-08-27 12:00 . 2006-10-18 19:47   211456 c:\windows\system32\qasf.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   287744 c:\windows\system32\qagentrt.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   150016 c:\windows\system32\qagent.dll
+ 2006-05-16 03:58 . 2009-04-28 20:20   436720 c:\windows\system32\pxwave.dll
+ 2006-05-16 03:58 . 2009-04-28 20:20   219632 c:\windows\system32\pxmas.dll
+ 2006-05-16 03:58 . 2009-04-28 20:20   551408 c:\windows\system32\pxdrv.dll
+ 2007-03-11 13:27 . 2009-04-28 20:20   129520 c:\windows\system32\pxafs.dll
+ 2006-05-16 03:58 . 2009-04-28 20:20   670192 c:\windows\system32\px.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   126976 c:\windows\system32\progman.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   126976 c:\windows\

Brenneka · « **Reply #7 on:** July 17, 2010, 12:32:48 PM »

+ 2008-04-14 02:17 . 2008-04-14 02:17   116736 c:\windows\ServicePackFiles\i386\dpvvox.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   211456 c:\windows\ServicePackFiles\i386\dpvoice.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   375296 c:\windows\ServicePackFiles\i386\dpnet.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   229888 c:\windows\ServicePackFiles\i386\dplayx.dll
+ 2008-04-14 01:50 . 2008-04-14 01:50   102912 c:\windows\ServicePackFiles\i386\dpcdll.dll
+ 2008-04-13 18:39 . 2008-04-13 18:39   206976 c:\windows\ServicePackFiles\i386\dot4.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   650752 c:\windows\ServicePackFiles\i386\dot3ui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   131072 c:\windows\ServicePackFiles\i386\dot3svc.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   147968 c:\windows\ServicePackFiles\i386\dnsapi.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   104448 c:\windows\ServicePackFiles\i386\dmusic.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   103424 c:\windows\ServicePackFiles\i386\dmsynth.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   105984 c:\windows\ServicePackFiles\i386\dmstyle.dll
+ 2008-04-14 01:56 . 2008-04-14 01:56   153472 c:\windows\ServicePackFiles\i386\dmio.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   181248 c:\windows\ServicePackFiles\i386\dmime.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   200704 c:\windows\ServicePackFiles\i386\dmdskmgr.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   285184 c:\windows\ServicePackFiles\i386\dmdlgs.dll
+ 2008-04-14 01:56 . 2008-04-14 01:56   799872 c:\windows\ServicePackFiles\i386\dmboot.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   224768 c:\windows\ServicePackFiles\i386\dmadmin.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   163840 c:\windows\ServicePackFiles\i386\diskpart.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   180224 c:\windows\ServicePackFiles\i386\dinput8.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   157696 c:\windows\ServicePackFiles\i386\dinput.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   535552 c:\windows\ServicePackFiles\i386\dialer.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   379904 c:\windows\ServicePackFiles\i386\dhcpmon.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   126976 c:\windows\ServicePackFiles\i386\dhcpcsvc.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   110080 c:\windows\ServicePackFiles\i386\dgnet.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   124416 c:\windows\ServicePackFiles\i386\dfrgui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   105472 c:\windows\ServicePackFiles\i386\dfrgntfs.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   279040 c:\windows\ServicePackFiles\i386\devmgr.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   279552 c:\windows\ServicePackFiles\i386\ddraw.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   110592 c:\windows\ServicePackFiles\i386\dbnetlib.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   640000 c:\windows\ServicePackFiles\i386\dbghelp.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   165376 c:\windows\ServicePackFiles\i386\datime.dll
+ 2009-10-04 11:07 . 2008-03-25 04:50   554008 c:\windows\ServicePackFiles\i386\dao360.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   824320 c:\windows\ServicePackFiles\i386\d3dim700.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   250368 c:\windows\ServicePackFiles\i386\ctmasetp.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   323072 c:\windows\ServicePackFiles\i386\cscui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   139264 c:\windows\ServicePackFiles\i386\cscript.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   101376 c:\windows\ServicePackFiles\i386\cscdll.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   494080 c:\windows\ServicePackFiles\i386\cryptui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   598528 c:\windows\ServicePackFiles\i386\crypt32.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   259584 c:\windows\ServicePackFiles\i386\credui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   357888 c:\windows\ServicePackFiles\i386\confmsp.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   539648 c:\windows\ServicePackFiles\i386\comuid.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   167424 c:\windows\ServicePackFiles\i386\comsnap.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   274944 c:\windows\ServicePackFiles\i386\comsetup.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   750592 c:\windows\ServicePackFiles\i386\comres.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   228352 c:\windows\ServicePackFiles\i386\compstui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   252928 c:\windows\ServicePackFiles\i386\compatui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   403456 c:\windows\ServicePackFiles\i386\comdlg32.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   617472 c:\windows\ServicePackFiles\i386\comctl32.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   195072 c:\windows\ServicePackFiles\i386\comadmin.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   182784 c:\windows\ServicePackFiles\i386\cmprops.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   342016 c:\windows\ServicePackFiles\i386\cmdial32.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   389120 c:\windows\ServicePackFiles\i386\cmd.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   100864 c:\windows\ServicePackFiles\i386\clipbrd.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   498688 c:\windows\ServicePackFiles\i386\clbcatq.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   110592 c:\windows\ServicePackFiles\i386\clbcatex.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   148480 c:\windows\ServicePackFiles\i386\cic.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   188480 c:\windows\ServicePackFiles\i386\cfgwiz.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   452096 c:\windows\ServicePackFiles\i386\certmgr.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   196608 c:\windows\ServicePackFiles\i386\certcli.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   151040 c:\windows\ServicePackFiles\i386\cdfview.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   625664 c:\windows\ServicePackFiles\i386\catsrvut.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   226304 c:\windows\ServicePackFiles\i386\catsrv.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   148480 c:\windows\ServicePackFiles\i386\capesnpn.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   121856 c:\windows\ServicePackFiles\i386\camext30.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   385024 c:\windows\ServicePackFiles\i386\callcont.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   218112 c:\windows\ServicePackFiles\i386\c_g18030.dll
+ 2008-04-14 01:52 . 2008-04-14 01:52   272384 c:\windows\ServicePackFiles\i386\bthport.sys
+ 2008-04-13 18:51 . 2008-04-13 18:51   101120 c:\windows\ServicePackFiles\i386\bthpan.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   233472 c:\windows\ServicePackFiles\i386\azroles.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   580608 c:\windows\ServicePackFiles\i386\autofmt.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   602624 c:\windows\ServicePackFiles\i386\autoconv.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   588800 c:\windows\ServicePackFiles\i386\autochk.exe
+ 2008-04-14 02:15 . 2008-04-14 02:15   285696 c:\windows\ServicePackFiles\i386\atmfd.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   516768 c:\windows\ServicePackFiles\i386\ativvaxx.dll
+ 2009-10-04 11:05 . 2004-08-03 20:29   104960 c:\windows\ServicePackFiles\i386\atinrvxx.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   870784 c:\windows\ServicePackFiles\i386\ati3d1ag.dll
+ 2009-10-04 11:05 . 2004-08-26 15:47   700928 c:\windows\ServicePackFiles\i386\ati2mtag.sys
+ 2009-10-04 11:05 . 2004-08-26 15:47   326912 c:\windows\ServicePackFiles\i386\ati2mtaa.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   201728 c:\windows\ServicePackFiles\i386\ati2dvag.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   377984 c:\windows\ServicePackFiles\i386\ati2dvaa.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   229376 c:\windows\ServicePackFiles\i386\ati2cqag.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   327680 c:\windows\ServicePackFiles\i386\aqueue.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   125952 c:\windows\ServicePackFiles\i386\apphelp.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   256512 c:\windows\ServicePackFiles\i386\agentsvr.exe
+ 2008-04-14 02:17 . 2008-04-14 02:17   214016 c:\windows\ServicePackFiles\i386\agentctl.dll
+ 2008-04-13 19:19 . 2008-04-13 19:19   138112 c:\windows\ServicePackFiles\i386\afd.sys
+ 2008-04-13 16:39 . 2008-04-13 16:39   142592 c:\windows\ServicePackFiles\i386\aec.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   679424 c:\windows\ServicePackFiles\i386\advapi32.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   263680 c:\windows\ServicePackFiles\i386\adsnt.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   143360 c:\windows\ServicePackFiles\i386\adsldpc.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   175616 c:\windows\ServicePackFiles\i386\adsldp.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   116224 c:\windows\ServicePackFiles\i386\acxtrnal.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   193024 c:\windows\ServicePackFiles\i386\activeds.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   245248 c:\windows\ServicePackFiles\i386\acspecfc.dll
+ 2008-04-14 01:49 . 2008-04-14 01:49   187264 c:\windows\ServicePackFiles\i386\acpi.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   111104 c:\windows\ServicePackFiles\i386\aclui.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   141312 c:\windows\ServicePackFiles\i386\aclua.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   451072 c:\windows\ServicePackFiles\i386\aclayers.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   182272 c:\windows\ServicePackFiles\i386\accwiz.exe
+ 2009-10-04 11:05 . 2004-08-03 20:32   231552 c:\windows\ServicePackFiles\i386\ac97ali.sys
+ 2008-04-14 02:17 . 2008-04-14 02:17   136192 c:\windows\ServicePackFiles\i386\aaclient.dll
+ 2008-04-14 02:17 . 2008-04-14 02:17   100352 c:\windows\ServicePackFiles\i386\6to4svc.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   228352 c:\windows\regedit.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   110592 c:\windows\PeerNet\sqlse20.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   110592 c:\windows\PeerNet\sqlse20.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   462848 c:\windows\PeerNet\sqlqp20.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   462848 c:\windows\PeerNet\sqlqp20.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   151552 c:\windows\PeerNet\sqldb20.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   151552 c:\windows\PeerNet\sqldb20.dll
- 2005-12-08 07:22 . 2004-08-27 12:00   150528 c:\windows\PCHEALTH\UploadLB\Binaries\UploadM.exe
+ 2005-12-08 07:22 . 2008-04-14 02:18   150528 c:\windows\PCHEALTH\UploadLB\Binaries\uploadm.exe
+ 2005-12-08 07:22 . 2008-04-14 02:17   102912 c:\windows\PCHEALTH\HELPCTR\Binaries\pchshell.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   374272 c:\windows\PCHEALTH\HELPCTR\Binaries\msinfo.dll
+ 2005-12-08 07:22 . 2008-04-14 02:17   168448 c:\windows\PCHEALTH\HELPCTR\Binaries\msconfig.exe
+ 2005-12-08 07:22 . 2008-04-14 02:17   769024 c:\windows\PCHEALTH\HELPCTR\Binaries\helpctr.exe
+ 2007-01-17 17:20 . 2008-04-13 18:53   558080 c:\windows\network diagnostic\xpnetdiag.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   256512 c:\windows\msagent\agentsvr.exe
- 2004-08-27 12:00 . 2006-10-12 11:09   256512 c:\windows\msagent\agentsvr.exe
+ 2004-08-27 12:00 . 2008-04-14 02:17   214016 c:\windows\msagent\agentctl.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   214016 c:\windows\msagent\agentctl.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40   196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-29 21:40 . 2008-07-29 21:40   802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2009-10-04 12:36 . 2009-10-04 12:36   652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2008-07-29 16:47 . 2008-07-29 16:47   110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 16:47 . 2008-07-29 16:47   177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 16:47 . 2008-07-29 16:47   276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-29 21:15 . 2008-07-29 21:15   225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-29 21:40 . 2008-07-29 21:40   233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-29 21:40 . 2008-07-29 21:40   168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-29 18:35 . 2008-07-29 18:35   864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2010-03-30 21:16 . 2010-03-30 21:16   130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16   152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2010-04-07 20:48 . 2010-04-07 20:48   970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16   132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2010-04-07 20:48 . 2010-04-07 20:48   110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16   156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16   163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-29 17:16 . 2008-07-29 17:16   397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
- 2007-10-11 07:55 . 2007-10-11 07:55   397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-29 17:24 . 2008-07-29 17:24   881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-29 17:16 . 2008-07-29 17:16   168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2010-03-23 02:31 . 2010-03-23 02:31   435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-02-09 09:22 . 2010-02-09 09:22   258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59   486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 02:59 . 2008-11-25 02:59   364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2009-08-07 21:51 . 2009-08-07 21:51   989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-10-23 23:47 . 2007-10-23 23:47   507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 09:16 . 2008-07-25 09:16   106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 09:17 . 2008-07-25 09:17   147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 09:17 . 2008-07-25 09:17   193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2007-10-23 23:47 . 2007-10-23 23:47   145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2008-07-25 09:16 . 2008-07-25 09:16   145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2009-11-26 19:41 . 2007-10-07 13:36   258048 c:\windows\libFLAC.dll
+ 2009-12-12 13:21 . 2009-12-12 13:21   724992 c:\windows\iun6002.exe
+ 2006-11-19 16:58 . 2006-11-19 16:58   131584 c:\windows\Installer\ef8dc1.msi
+ 2009-10-18 13:36 . 2009-10-18 13:36   169472 c:\windows\Installer\bdf3e4.msi
+ 2009-03-20 09:48 . 2009-03-20 09:48   183808 c:\windows\Installer\9dd5f9.msp
+ 2010-02-24 21:14 . 2010-02-24 21:14   543232 c:\windows\Installer\9dd3a.msp
+ 2006-06-12 13:24 . 2006-06-12 13:24   289792 c:\windows\Installer\90a2d.msp
+ 2004-08-25 09:13 . 2004-08-25 09:13   107008 c:\windows\Installer\909f0.msp
+ 2004-03-10 17:31 . 2004-03-10 17:31   764928 c:\windows\Installer\90932.msp
+ 2009-06-07 20:28 . 2009-06-07 20:28   228352 c:\windows\Installer\80887e.msi
+ 2008-02-03 03:50 . 2008-02-03 03:50   871424 c:\windows\Installer\6d75c.msi
+ 2009-04-01 07:27 . 2009-04-01 07:27   140288 c:\windows\Installer\4c02d.msi
+ 2009-04-01 07:27 . 2009-04-01 07:27   202752 c:\windows\Installer\4c022.msi
+ 2009-04-01 07:27 . 2009-04-01 07:27   152576 c:\windows\Installer\4c01d.msi
+ 2009-04-01 07:26 . 2009-04-01 07:26   107008 c:\windows\Installer\4c00e.msi
+ 2009-04-01 07:26 . 2009-04-01 07:26   301056 c:\windows\Installer\4c009.msi
+ 2009-10-04 12:46 . 2009-10-04 12:46   195584 c:\windows\Installer\3f79a7.msi
+ 2009-10-04 12:46 . 2009-10-04 12:46   248832 c:\windows\Installer\3f79a2.msi
+ 2008-12-13 07:58 . 2008-12-13 07:58   754688 c:\windows\Installer\3f799c.msp
+ 2009-10-04 12:36 . 2009-10-04 12:36   648192 c:\windows\Installer\3f7979.msi
+ 2008-03-13 11:15 . 2008-03-13 11:15   537600 c:\windows\Installer\3dda79.msi
+ 2008-07-29 19:23 . 2008-07-29 19:23   250880 c:\windows\Installer\3d5422.msp
+ 2008-07-29 19:28 . 2008-07-29 19:28   278016 c:\windows\Installer\3d5420.msp
+ 2008-07-29 17:40 . 2008-07-29 17:40   291840 c:\windows\Installer\3d541e.msp
+ 2009-10-04 12:34 . 2009-10-04 12:34   137728 c:\windows\Installer\3d5418.msi
+ 2008-07-29 15:35 . 2008-07-29 15:35   553472 c:\windows\Installer\371396.msp
+ 2008-07-29 15:33 . 2008-07-29 15:33   506368 c:\windows\Installer\371394.msp
+ 2008-07-29 15:37 . 2008-07-29 15:37   911360 c:\windows\Installer\371393.msp
+ 2010-04-07 19:34 . 2010-04-07 19:34   381952 c:\windows\Installer\36ebd5e.msi
+ 2009-04-20 13:18 . 2009-04-20 13:18   209408 c:\windows\Installer\305bf8.msp
+ 2009-02-10 08:10 . 2009-02-10 08:10   499712 c:\windows\Installer\305bbc.msp
+ 2008-07-22 23:40 . 2008-07-22 23:40   101376 c:\windows\Installer\305b7f.msp
+ 2008-05-12 09:06 . 2008-05-12 09:06   633856 c:\windows\Installer\305b6b.msp
+ 2008-03-06 19:57 . 2008-03-06 19:57   451584 c:\windows\Installer\2fab3e7.msi
+ 2009-11-05 12:43 . 2009-11-05 12:43   498176 c:\windows\Installer\2e535d2.msp
+ 2008-01-30 05:35 . 2008-01-30 05:35   331264 c:\windows\Installer\25150e.msi
+ 2008-02-08 21:16 . 2008-02-08 21:16   470528 c:\windows\Installer\1e3bc80.msi
+ 2009-10-03 15:18 . 2009-10-03 15:18   430080 c:\windows\Installer\1aa457d.msi
+ 2009-10-03 15:18 . 2009-10-03 15:18   155648 c:\windows\Installer\1aa4561.msi
+ 2009-10-31 06:22 . 2009-10-31 06:22   602624 c:\windows\Installer\1a9946.msi
+ 2005-12-08 07:54 . 2005-12-08 07:54   264704 c:\windows\Installer\184bde.msi
+ 2010-02-05 20:12 . 2010-02-05 20:12   796672 c:\windows\Installer\1671b9d.msi
+ 2010-07-16 17:19 . 2010-07-16 17:19   180224 c:\windows\Installer\127d70a.msi
+ 2010-07-16 17:17 . 2010-07-16 17:17   676352 c:\windows\Installer\127d705.msi
+ 2009-10-31 19:34 . 2009-12-02 06:56   295606 c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81300000003}\SC_Reader.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   114688 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   114688 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2005-12-08 10:52 . 2010-07-14 11:03   167936 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2005-12-08 10:52 . 2008-05-17 16:42   167936 c:\windows\Installer\{9028040D-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2004-08-27 12:00 . 2004-08-27 12:00   271872 c:\windows\ime\SPTIP.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   271872 c:\windows\ime\sptip.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   130048 c:\windows\ime\SOFTKBD.DLL
+ 2004-08-27 12:00 . 2008-04-14 02:17   130048 c:\windows\ime\softkbd.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   102456 c:\windows\ime\shared\imlang.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   102456 c:\windows\ime\shared\imlang.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   220160 c:\windows\ime\mscandui.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   220160 c:\windows\ime\mscandui.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   106496 c:\windows\ime\imkr6_1\imekrcic.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   106496 c:\windows\ime\imkr6_1\imekrcic.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   274489 c:\windows\ime\imjp8_1\imjputyc.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   274489 c:\windows\ime\imjp8_1\imjputyc.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   716856 c:\windows\ime\imjp8_1\imjpcus.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   716856 c:\windows\ime\imjp8_1\imjpcus.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   368696 c:\windows\ime\imjp8_1\imjpcic.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   368696 c:\windows\ime\imjp8_1\imjpcic.dll
+ 2005-12-08 08:47 . 2008-04-14 02:16   426041 c:\windows\ime\imjp8_1\applets\voicepad.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   426041 c:\windows\ime\imjp8_1\applets\voicepad.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   315455 c:\windows\ime\imjp8_1\applets\imskf.dll
+ 2005-12-08 08:47 . 2008-04-14 02:15   173568 c:\windows\ime\CHTIME\Applets\chtskf.dll
- 2005-12-08 08:47 . 2004-08-27 12:00   173568 c:\windows\ime\CHTIME\Applets\CHTSKF.DLL
- 2005-12-08 08:47 . 2004-08-27 12:00   175104 c:\windows\ime\chsime\applets\PINTLCSA.DLL
+ 2005-12-08 08:47 . 2008-04-14 02:16   175104 c:\windows\ime\chsime\applets\pintlcsa.dll
+ 2010-06-10 14:23 . 2010-02-25 06:18   916480 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2010-06-10 14:24 . 2010-02-22 14:26   374648 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2010-06-10 14:24 . 2008-07-08 13:04   230264 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2010-06-10 14:23 . 2010-02-25 06:18   206848 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2010-06-10 14:23 . 2010-02-25 06:18   611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2010-06-10 14:23 . 2010-02-25 06:18   594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2010-06-10 14:24 . 2010-02-25 06:18   247808 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2010-06-10 14:23 . 2010-02-25 06:18   184320 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2010-06-10 14:24 . 2009-03-08 02:35   742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2010-06-10 14:24 . 2010-02-25 06:18   387584 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2010-06-10 14:24 . 2010-02-24 09:55   173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2010-04-14 20:07 . 2009-03-08 02:33   420352 c:\windows\ie8updates\KB981332-IE8\vbscript.dll
+ 2010-04-14 20:07 . 2009-05-26 11:41   374648 c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll
+ 2010-04-14 20:07 . 2009-05-26 11:41   230264 c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe
+ 2010-03-31 09:13 . 2009-12-21 19:08   916480 c:\windows\ie8updates\KB980182-IE8\wininet.dll
+ 2010-03-31 09:13 . 2009-05-26 11:41   374648 c:\windows\ie8updates\KB980182-IE8\spuninst\updspapi.dll
+ 2010-03-31 09:13 . 2009-05-26 11:41   230264 c:\windows\ie8updates\KB980182-IE8\spuninst\spuninst.exe
+ 2010-03-31 09:13 . 2009-12-21 19:08   206848 c:\windows\ie8updates\KB980182-IE8\occache.dll
+ 2010-03-31 09:13 . 2009-03-08 02:32   611840 c:\windows\ie8updates\KB980182-IE8\mstime.dll
+ 2010-03-31 09:13 . 2009-12-21 19:08   594432 c:\windows\ie8updates\KB980182-IE8\msfeeds.dll
+ 2010-03-31 09:13 . 2009-12-21 19:08   246272 c:\windows\ie8updates\KB980182-IE8\ieproxy.dll
+ 2010-03-31 09:13 . 2009-12-21 19:08   184320 c:\windows\ie8updates\KB980182-IE8\iepeers.dll
+ 2010-03-31 09:13 . 2009-12-21 19:08   387584 c:\windows\ie8updates\KB980182-IE8\iedkcs32.dll
+ 2010-03-31 09:13 . 2009-12-21 13:20   173056 c:\windows\ie8updates\KB980182-IE8\ie4uinit.exe
+ 2010-01-22 09:16 . 2009-10-29 07:42   916480 c:\windows\ie8updates\KB978207-IE8\wininet.dll
+ 2010-01-22 09:16 . 2009-05-26 11:41   374648 c:\windows\ie8updates\KB978207-IE8\spuninst\updspapi.dll
+ 2010-01-22 09:16 . 2008-07-08 13:04   230264 c:\windows\ie8updates\KB978207-IE8\spuninst\spuninst.exe
+ 2010-01-22 09:16 . 2009-10-29 07:42   206848 c:\windows\ie8updates\KB978207-IE8\occache.dll
+ 2010-01-22 09:16 . 2009-10-29 07:42   594432 c:\windows\ie8updates\KB978207-IE8\msfeeds.dll
+ 2010-01-22 09:16 . 2009-10-29 07:42   246272 c:\windows\ie8updates\KB978207-IE8\ieproxy.dll
+ 2010-01-22 09:16 . 2009-10-29 07:42   184320 c:\windows\ie8updates\KB978207-IE8\iepeers.dll
+ 2010-01-22 09:16 . 2009-10-29 07:42   387584 c:\windows\ie8updates\KB978207-IE8\iedkcs32.dll
+ 2010-01-22 09:16 . 2009-10-28 14:40   173056 c:\windows\ie8updates\KB978207-IE8\ie4uinit.exe
+ 2009-11-04 13:10 . 2008-07-08 13:05   374648 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll
+ 2009-11-04 13:10 . 2008-07-08 13:04   230264 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe
+ 2010-02-24 07:01 . 2008-07-08 13:05   374648 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
+ 2010-02-24 07:01 . 2008-07-08 13:04   230264 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe
+ 2010-02-24 07:01 . 2009-06-22 06:47   726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   916480 c:\windows\ie8updates\KB976325-IE8\wininet.dll
+ 2009-12-09 20:33 . 2009-05-26 11:41   374648 c:\windows\ie8updates\KB976325-IE8\spuninst\updspapi.dll
+ 2009-12-09 20:33 . 2009-05-26 11:41   230264 c:\windows\ie8updates\KB976325-IE8\spuninst\spuninst.exe
+ 2009-12-09 20:33 . 2009-08-29 07:58   206848 c:\windows\ie8updates\KB976325-IE8\occache.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   594432 c:\windows\ie8updates\KB976325-IE8\msfeeds.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   246272 c:\windows\ie8updates\KB976325-IE8\ieproxy.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   184320 c:\windows\ie8updates\KB976325-IE8\iepeers.dll
+ 2009-12-09 20:33 . 2009-08-29 07:58   387584 c:\windows\ie8updates\KB976325-IE8\iedkcs32.dll
+ 2009-12-09 20:33 . 2009-08-28 10:36   173056 c:\windows\ie8updates\KB976325-IE8\ie4uinit.exe
+ 2009-10-14 15:05 . 2009-07-03 16:57   915456 c:\windows\ie8updates\KB974455-IE8\wininet.dll
+ 2009-10-14 15:05 . 2009-05-26 11:41   374648 c:\windows\ie8updates\KB974455-IE8\spuninst\updspapi.dll
+ 2009-10-14 15:05 . 2008-07-08 13:04   230264 c:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe
+ 2009-10-14 15:05 . 2009-07-03 16:57   206848 c:\windows\ie8updates\KB974455-IE8\occache.dll
+ 2009-10-14 15:05 . 2009-07-03 16:57   594432 c:\windows\ie8updates\KB974455-IE8\msfeeds.dll
+ 2009-10-14 15:05 . 2009-07-03 16:57   246272 c:\windows\ie8updates\KB974455-IE8\ieproxy.dll
+ 2009-10-14 15:05 . 2009-07-03 16:57   184320 c:\windows\ie8updates\KB974455-IE8\iepeers.dll
+ 2009-10-14 15:05 . 2009-07-03 16:57   386048 c:\windows\ie8updates\KB974455-IE8\iedkcs32.dll
+ 2009-10-14 15:05 . 2009-07-03 11:01   173056 c:\windows\ie8updates\KB974455-IE8\ie4uinit.exe
+ 2009-10-04 12:58 . 2008-07-08 13:05   374648 c:\windows\ie8updates\KB973874-IE8\spuninst\updspapi.dll
+ 2009-10-04 12:58 . 2008-07-08 13:04   230264 c:\windows\ie8updates\KB973874-IE8\spuninst\spuninst.exe
+ 2009-10-05 13:15 . 2009-03-08 02:34   914944 c:\windows\ie8updates\KB972260-IE8\wininet.dll
+ 2009-10-05 13:15 . 2009-05-26 11:41   374648 c:\windows\ie8updates\KB972260-IE8\spuninst\updspapi.dll
+ 2009-10-05 13:15 . 2009-05-26 11:41   230264 c:\windows\ie8updates\KB972260-IE8\spuninst\spuninst.exe
+ 2009-10-05 13:15 . 2009-03-08 02:34   109568 c:\windows\ie8updates\KB972260-IE8\occache.dll
+ 2009-10-05 13:15 . 2009-03-08 02:32   594432 c:\windows\ie8updates\KB972260-IE8\msfeeds.dll
+ 2009-10-05 13:15 . 2009-03-08 02:33   246784 c:\windows\ie8updates\KB972260-IE8\ieproxy.dll
+ 2009-10-05 13:15 . 2009-03-08 02:31   183808 c:\windows\ie8updates\KB972260-IE8\iepeers.dll
+ 2009-10-05 13:15 . 2009-03-08 12:09   391536 c:\windows\ie8updates\KB972260-IE8\iedkcs32.dll
+ 2009-10-05 13:15 . 2009-03-08 02:32   173056 c:\windows\ie8updates\KB972260-IE8\ie4uinit.exe
+ 2009-10-05 13:16 . 2008-07-08 13:05   374648 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2009-10-05 13:16 . 2008-07-08 13:04   230264 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2009-10-05 13:16 . 2009-03-08 02:33   726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   827392 c:\windows\ie8\wininet.dll
+ 2009-10-04 12:55 . 2006-10-17 10:05   206336 c:\windows\ie8\winfxdocobj.exe
+ 2009-10-04 12:55 . 2009-06-29 15:58   233472 c:\windows\ie8\webcheck.dll
+ 2009-10-04 12:55 . 2007-07-12 23:30   765952 c:\windows\ie8\vgx.dll
+ 2009-10-04 12:55 . 2008-05-09 10:56   430080 c:\windows\ie8\vbscript.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   105984 c:\windows\ie8\url.dll
+ 2009-10-04 12:57 . 2009-01-07 16:21   374304 c:\windows\ie8\spuninst\updspapi.dll
+ 2009-10-04 12:57 . 2009-01-07 16:21   230432 c:\windows\ie8\spuninst\spuninst.exe
+ 2009-10-04 12:55 . 2006-09-06 14:43   212192 c:\windows\ie8\spuninst.exe
+ 2009-10-04 12:55 . 2009-06-29 15:58   102912 c:\windows\ie8\occache.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   671232 c:\windows\ie8\mstime.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   193024 c:\windows\ie8\msrating.dll
+ 2009-10-04 12:55 . 2006-11-07 19:03   156160 c:\windows\ie8\msls31.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   477696 c:\windows\ie8\mshtmled.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   459264 c:\windows\ie8\msfeeds.dll
+ 2009-10-04 12:55 . 2008-05-09 10:56   512000 c:\windows\ie8\jscript.dll
+ 2009-10-04 12:55 . 2009-06-29 08:35   634632 c:\windows\ie8\iexplore.exe
+ 2009-10-04 12:55 . 2006-11-07 19:03   180736 c:\windows\ie8\ieui.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   268288 c:\windows\ie8\iertutil.dll
+ 2009-10-04 12:55 . 2006-11-07 19:03   287744 c:\windows\ie8\ieproxy.dll
+ 2009-10-04 12:55 . 2006-11-07 19:03   191488 c:\windows\ie8\iepeers.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   385024 c:\windows\ie8\iedkcs32.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   380928 c:\windows\ie8\ieapfltr.dll
+ 2009-10-04 12:55 . 2009-06-29 08:33   161792 c:\windows\ie8\ieakui.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   230400 c:\windows\ie8\ieaksie.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   153088 c:\windows\ie8\ieakeng.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   214528 c:\windows\ie8\dxtrans.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   347136 c:\windows\ie8\dxtmsft.dll
+ 2009-10-04 12:55 . 2009-06-29 15:58   124928 c:\windows\ie8\advpack.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   826368 c:\windows\ie7updates\KB972260-IE7\wininet.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   233472 c:\windows\ie7updates\KB972260-IE7\webcheck.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   105984 c:\windows\ie7updates\KB972260-IE7\url.dll
+ 2009-10-04 12:45 . 2009-05-26 11:41   374648 c:\windows\ie7updates\KB972260-IE7\spuninst\updspapi.dll
+ 2009-10-04 12:45 . 2008-07-08 13:04   230264 c:\windows\ie7updates\KB972260-IE7\spuninst\spuninst.exe
+ 2009-10-04 12:45 . 2008-04-23 04:16   102912 c:\windows\ie7updates\KB972260-IE7\occache.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   671232 c:\windows\ie7updates\KB972260-IE7\mstime.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   193024 c:\windows\ie7updates\KB972260-IE7\msrating.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   478208 c:\windows\ie7updates\KB972260-IE7\mshtmled.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   459264 c:\windows\ie7updates\KB972260-IE7\msfeeds.dll
+ 2009-10-04 12:45 . 2008-04-22 07:41   625664 c:\windows\ie7updates\KB972260-IE7\iexplore.exe
+ 2009-10-04 12:45 . 2008-04-23 04:16   267776 c:\windows\ie7updates\KB972260-IE7\iertutil.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   384512 c:\windows\ie7updates\KB972260-IE7\iedkcs32.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   383488 c:\windows\ie7updates\KB972260-IE7\ieapfltr.dll
+ 2009-10-04 12:45 . 2008-04-20 05:07   161792 c:\windows\ie7updates\KB972260-IE7\ieakui.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   230400 c:\windows\ie7updates\KB972260-IE7\ieaksie.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   153088 c:\windows\ie7updates\KB972260-IE7\ieakeng.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   133120 c:\windows\ie7updates\KB972260-IE7\extmgr.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   214528 c:\windows\ie7updates\KB972260-IE7\dxtrans.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   347136 c:\windows\ie7updates\KB972260-IE7\dxtmsft.dll
+ 2009-10-04 12:45 . 2008-04-23 04:16   124928 c:\windows\ie7updates\KB972260-IE7\advpack.dll
- 2004-08-27 12:00 . 2004-08-27 12:00   279040 c:\windows\Help\tshoot.dll
+ 2004-08-27 12:00 . 2008-04-14 02:17   279040 c:\windows\Help\tshoot.dll
+ 2009-10-04 12:33 . 2008-03-13 04:52   761344 c:\windows\Driver Cache\i386\unires.dll
+ 2009-10-04 12:33 . 2008-07-06 12:06   744960 c:\windows\Driver Cache\i386\unidrvui.dll
+ 2009-10-04 12:33 . 2008-07-06 12:06   373248 c:\windows\Driver Cache\i386\unidrv.dll
+ 2009-10-04 12:33 . 2008-07-06 12:06   198656 c:\windows\Driver Cache\i386\mxdwdui.dll
+ 2009-10-04 12:33 . 2008-07-06 12:06   765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
+ 2009-06-09 07:48 . 2010-02-24 13:11   455680 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2009-10-20 16:20 . 2009-10-20 16:20   265728 c:\windows\Driver Cache\i386\http.sys
- 2008-06-15 10:35 . 2008-06-14 17:59   271488 c:\windows\Driver Cache\i386\bthport.sys
+ 2008-06-15 10:35 . 2008-06-14 17:33   271488 c:\windows\Driver Cache\i386\bthport.sys
+ 2009-04-03 07:26 . 2009-04-03 07:26   354608 c:\windows\Downloaded Program Files\sysreqlab_nvd.dll
+ 2009-10-14 11:36 . 2009-10-14 11:36   398632 c:\windows\Downloaded Program Files\JuniperExt.exe
+ 2010-06-10 15:54 . 2010-06-10 15:54   321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\4d07b1ccecca66f320c1a0971dd614d1\WsatConfig.ni.exe
+ 2010-06-23 21:22 . 2010-06-23 21:22   240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\b3a9fac9aea3ad913781fafbdcbb0cae\WindowsFormsIntegration.ni.dll
+ 2009-10-14 15:06 . 2009-10-14 15:06   187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2010-06-23 21:21 . 2010-06-23 21:21   447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\4131a3627fec69291dbaed236f30dc65\UIAutomationClient.ni.dll
+ 2010-06-10 15:58 . 2010-06-10 15:58   400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\747e84d81d1de2041661f0f71b04734a\System.Xml.Linq.ni.dll
+ 2010-06-10 15:57 . 2010-06-10 15:57   129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d51dfbd8d5431eb89181baaa24863e15\System.Web.Routing.ni.dll
+ 2010-06-10 14:21 . 2010-06-10 14:21   202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\436dde9611932489da3dc8a1be170843\System.Web.RegularExpressions.ni.dll
+ 2010-06-10 15:57 . 2010-06-10 15:57   859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e8ef769b3e899e62b26daadee50b97ed\System.Web.Extensions.Design.ni.dll
+ 2010-06-10 15:57 . 2010-06-10 15:57   328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\ce3b446b7bee5c47949c994ec89b1649\System.Web.Entity.ni.dll
+ 2010-06-10 15:57 . 2010-06-10 15:57   301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\ad04fe1182e55e7c01066b62a4bee6b5\System.Web.Entity.Design.ni.dll
+ 2010-06-10 15:57 . 2010-06-10 15:57   547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\20ba0d4d182a1a9c1f54c00d3bc29a68\System.Web.DynamicData.ni.dll
+ 2010-06-10 15:57 . 2010-06-10 15:57   141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c97ecf9250c2f0794262534f27f98b72\System.Web.Abstractions.ni.dll
+ 2010-06-10 14:19 . 2010-06-10 14:19   627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9c56656c88979cf18de6cbcb6587ba8f\System.Transactions.ni.dll
+ 2010-06-10 14:14 . 2010-06-10 14:14   212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll
+ 2010-06-10 14:15 . 2010-06-10 14:15   679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\42b2ffb594dbd5652a576a0dce28722c\System.Security.ni.dll
+ 2010-06-10 14:15 . 2010-06-10 14:15   311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3231473e2ec4451c8f218930fda80d19\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-06-10 14:20 . 2010-06-10 14:20   771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2077ce69bd24a095dd54683ae26454d4\System.Runtime.Remoting.ni.dll
+ 2010-06-10 15:56 . 2010-06-10 15:56   621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\f90965b9d9a6a6604c9a66f57c37c026\System.Net.ni.dll
+ 2010-06-10 15:58 . 2010-06-10 15:58   593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\07da2b0e44d62f3c65d6516f4e2f94bb\System.Messaging

guestolo · « **Reply #8 on:** July 17, 2010, 01:08:49 PM »

I see you once had Norton's AV(Internet Security) installed, but have since removed it
What are you planning to use for AntiVirus software?
Do you need a free solution?

Brenneka · « **Reply #9 on:** July 17, 2010, 01:32:31 PM »

[quote name='guestolo' date='17 July 2010 - 09:08 PM' timestamp='1279390129' post='470753']
I see you once had Norton's AV(Internet Security) installed, but have since removed it
What are you planning to use for AntiVirus software?
Do you need a free solution?
[/quote]

I don't usually use any AV software as all it does is problems and a mess (from what I've experienced with Norton in the past). Instead, I'd rather run full scans with SAS, MBAM and ESET online scanner every once in a while. However, if you recommend that I do use one, I'm willing to try a free solution considering it's your recommendation

It's feeling a lot better now. I've noticed it's removed the temp folder that contained the virus completely, it really helped since it freed around 6 GB that I needed to use.

Thank you so very much for your help!!! This is not the first time you've helped me

You're the best! <3

guestolo · « **Reply #10 on:** July 18, 2010, 10:18:31 PM »

Ensure you still have a copy of ComboFix on your desktop, then do the following
Go to START>>RUN>>Copy and paste the next command then hit OK

[color="#FF0000"]ComboFix /uninstall[/color]

This will uninstall ComboFix and it's components

======================================

Let's get Adobe Reader updated, as to patch security holes in older versions
Close down all browser windows
Access your Add/Remove programs and uninstall Adobe Reader 8.1.4
We'll update it in a bit

Double click on OTL.exe and Run it

Under the [color="#0000FF"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
Quote
:OTL
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O33 - MountPoints2\{a1aca993-c3bb-11de-8dbc-00104b360a8e}\Shell\AutoRun\command - "" = G:\RECYCLER\usbassist.exe -- File not found
O33 - MountPoints2\{a1aca993-c3bb-11de-8dbc-00104b360a8e}\Shell\opEN\CoMmanD - "" = G:\RECYCLER\usbassist.exe -- File not found
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\עדן\Local Settings\temp\957822.exe"=-
:Files
:Commands
[EmptyTemp]
[Reboot]
Then click the [color="#FF0000"]Run Fix[/color] button at the top
Let the program run unhindered, reboot the PC when it is done

On startup, Allow OTL to run if prompted
A log should open, can you post it please
A copy of this log can also be found in
C:\_OTL\Moved Files folder

let's get Adobe Reader updated
Go to the following link
http://get.adobe.com/reader/

UNTICK the option to also install McAfee Security Scan and/or Google toolbar or similiar
Download and save to desktop the installer for the latest version of A. Reader
Double click on the installer to install
After successfully installing, you can delete the installer on desktop
Can you open Adobe Reader and click on HELP>>CHECK FOR UPDATES and install any update if found to ensure you are right up to date

Can you then go to the following link:
http://download.cnet.com/Avira-AntiVir-Per...cdlPid=11012914
Download and save the installer to Avira Antivir to your desktop>>>Link is Download Now (42.05mb)

Go ahead and run the installer for AVIRA AntiVirus that you downloaded
Ensure that you have it check for Updates
The first time it updates may take awhile, but allow it time

NOTE: Avira will display a single big Ad on your computer
Don't be alarmed, just click OK at the bottom of the Ad to close it

A scan of your System should then start
If a scan does not start after updating, double click on the Avira icon by the clock (the red/white umbrella)
and select "Scan system now"

Quarantine or delete everything it finds
When the scan is finished
Reboot the computer

Back in Windows
Can you post all the following back please

Please post the log from Avira
Open Avira again (Double click on the red Umbrella icon by the clock)
Click on REPORTS under Overview
Double click on the Scan report you just made
Then click on "Report File"

Brenneka · « **Reply #11 on:** July 19, 2010, 06:10:30 AM »

[size="2"]The ComboFix /uninstall command didn't work, it gave me an error saying something like "Cannot find 'ComboFix'...".

Also, I couldn't uninstall Adobe Reader, it gave me this error: http://i28.tinypic.com/s1sytv.jpg So I didn't download and install a newer version.[/size]

As you can see in the Avira AV log, I ignored most of the "infected" files since I know these are false positives, they are part of a game I'm playing and it's a known thing.

About Avira AV, it's pretty good, but I was looking for an option to skip folders on scans and I couldn't find it. I have a few folders that contain a lot of files and they are completely safe from being infected, it takes around 30-40 minutes to scan those files and it's a waste of time. That's the only thing I didn't like about Avira.

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1aca993-c3bb-11de-8dbc-00104b360a8e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1aca993-c3bb-11de-8dbc-00104b360a8e}\ not found.
File G:\RECYCLER\usbassist.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1aca993-c3bb-11de-8dbc-00104b360a8e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1aca993-c3bb-11de-8dbc-00104b360a8e}\ not found.
File G:\RECYCLER\usbassist.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"AntiVirusDisableNotify"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"UpdatesDisableNotify"|dword:00000000 /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\עדן\Local Settings\temp\957822.exe not found.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: All Users.WINDOWS

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Eden
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: עדן
->Temp folder emptied: 546047 bytes
->Temporary Internet Files folder emptied: 4741463 bytes
->Java cache emptied: 28360452 bytes
->FireFox cache emptied: 74705646 bytes
->Google Chrome cache emptied: 226282859 bytes
->Flash cache emptied: 88246 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2330417 bytes
%systemroot%\System32 .tmp files removed: 3648529 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 665 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 325.00 mb

OTL by OldTimer - Version 3.2.9.0 log created on 07192010_113955

Files\Folders moved on Reboot...
File move failed. C:\Documents and Settings\Eden\Local Settings\Temp\hsperfdata_Eden\1528 scheduled to be moved on reboot.

Registry entries deleted on Reboot...

----------------------------------------------------------------------------------------------------------------------

Avira AntiVir Personal
Report file date: יום שני 19 יולי 2010 12:10

Scanning for 2360894 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode    : Normally booted
Username : SYSTEM
Computer name : TAP-7409E23BDD

Version information:
BUILD.DAT    : 10.0.0.567    32097 Bytes 19/04/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 10:37:38
AVSCAN.DLL : 10.0.3.0    46440 Bytes 01/04/2010 10:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 16:33:04
LUKERES.DLL    : 10.0.0.1    12648 Bytes 10/02/2010 21:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 07:05:36
VBASE001.VDF : 7.10.1.0    1372672 Bytes 19/11/2009 17:27:49
VBASE002.VDF : 7.10.3.1    3143680 Bytes 20/01/2010 15:37:42
VBASE003.VDF : 7.10.3.75    996864 Bytes 26/01/2010 14:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 09:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 09:08:17
VBASE006.VDF : 7.10.7.218 2294784 Bytes 02/06/2010 09:08:18
VBASE007.VDF : 7.10.7.219 2048 Bytes 02/06/2010 09:08:18
VBASE008.VDF : 7.10.7.220 2048 Bytes 02/06/2010 09:08:18
VBASE009.VDF : 7.10.7.221 2048 Bytes 02/06/2010 09:08:18
VBASE010.VDF : 7.10.7.222 2048 Bytes 02/06/2010 09:08:18
VBASE011.VDF : 7.10.7.223 2048 Bytes 02/06/2010 09:08:18
VBASE012.VDF : 7.10.7.224 2048 Bytes 02/06/2010 09:08:18
VBASE013.VDF : 7.10.8.37    270336 Bytes 10/06/2010 09:08:18
VBASE014.VDF : 7.10.8.69    138752 Bytes 14/06/2010 09:08:18
VBASE015.VDF : 7.10.8.102 130560 Bytes 16/06/2010 09:08:18
VBASE016.VDF : 7.10.8.135 152064 Bytes 21/06/2010 09:08:18
VBASE017.VDF : 7.10.8.163 432128 Bytes 23/06/2010 09:08:18
VBASE018.VDF : 7.10.8.194 133632 Bytes 27/06/2010 09:08:18
VBASE019.VDF : 7.10.8.220 134656 Bytes 29/06/2010 09:08:22
VBASE020.VDF : 7.10.8.252 171520 Bytes 04/07/2010 09:08:33
VBASE021.VDF : 7.10.9.19    131072 Bytes 06/07/2010 09:08:38
VBASE022.VDF : 7.10.9.36    297472 Bytes 07/07/2010 09:08:42
VBASE023.VDF : 7.10.9.60    150016 Bytes 11/07/2010 09:08:44
VBASE024.VDF : 7.10.9.79    113152 Bytes 13/07/2010 09:08:46
VBASE025.VDF : 7.10.9.99    158720 Bytes 16/07/2010 09:08:48
VBASE026.VDF : 7.10.9.100 2048 Bytes 16/07/2010 09:08:48
VBASE027.VDF : 7.10.9.101 2048 Bytes 16/07/2010 09:08:48
VBASE028.VDF : 7.10.9.102 2048 Bytes 16/07/2010 09:08:49
VBASE029.VDF : 7.10.9.103 2048 Bytes 16/07/2010 09:08:49
VBASE030.VDF : 7.10.9.104 2048 Bytes 16/07/2010 09:08:49
VBASE031.VDF : 7.10.9.110 147456 Bytes 19/07/2010 09:08:50
Engineversion : 8.2.4.12
AEVDF.DLL    : 8.1.2.0    106868 Bytes 19/07/2010 09:09:16
AESCRIPT.DLL : 8.1.3.40    1360250 Bytes 19/07/2010 09:09:15
AESCN.DLL    : 8.1.6.1    127347 Bytes 19/07/2010 09:09:13
AESBX.DLL    : 8.1.3.1    254324 Bytes 19/07/2010 09:09:17
AERDL.DLL    : 8.1.4.6    541043 Bytes 19/07/2010 09:09:12
AEPACK.DLL : 8.2.2.6    430452 Bytes 19/07/2010 09:09:10
AEOFFICE.DLL : 8.1.1.6    201081 Bytes 19/07/2010 09:09:08
AEHEUR.DLL : 8.1.1.38    2724214 Bytes 19/07/2010 09:09:07
AEHELP.DLL : 8.1.11.6 242038 Bytes 19/07/2010 09:08:59
AEGEN.DLL    : 8.1.3.14 381299 Bytes 19/07/2010 09:08:58
AEEMU.DLL    : 8.1.2.0    393588 Bytes 19/07/2010 09:08:56
AECORE.DLL : 8.1.15.4 192886 Bytes 19/07/2010 09:08:55
AEBB.DLL : 8.1.1.0 53618 Bytes 19/07/2010 09:08:53
AVWINLL.DLL    : 10.0.0.0    19304 Bytes 14/01/2010 10:03:38
AVPREF.DLL : 10.0.0.0    44904 Bytes 14/01/2010 10:03:35
AVREP.DLL    : 10.0.0.8    62209 Bytes 18/02/2010 14:47:40
AVREG.DLL    : 10.0.3.0    53096 Bytes 01/04/2010 10:35:46
AVSCPLR.DLL    : 10.0.3.0    83816 Bytes 01/04/2010 10:39:51
AVARKT.DLL : 10.0.0.14    227176 Bytes 01/04/2010 10:22:13
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 07:53:30
SQLITE3.DLL    : 3.6.19.0 355688 Bytes 28/01/2010 10:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 13:38:56
NETNT.DLL    : 10.0.0.0    11624 Bytes 19/02/2010 12:41:00
RCIMAGE.DLL    : 10.0.0.26 2550120 Bytes 28/01/2010 11:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 12:14:29

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: יום שני 19 יולי 2010 12:10

Starting search for hidden objects.

The scan of running processes will be started
Scan process 'msdtc.exe' - '42' Module(s) have been scanned
Scan process 'dllhost.exe' - '63' Module(s) have been scanned
Scan process 'dllhost.exe' - '47' Module(s) have been scanned
Scan process 'vssvc.exe' - '50' Module(s) have been scanned
Scan process 'avscan.exe' - '69' Module(s) have been scanned
Scan process 'avcenter.exe' - '64' Module(s) have been scanned
Scan process 'avgnt.exe' - '55' Module(s) have been scanned
Scan process 'sched.exe' - '55' Module(s) have been scanned
Scan process 'avshadow.exe' - '28' Module(s) have been scanned
Scan process 'avguard.exe' - '58' Module(s) have been scanned
Scan process 'NOTEPAD.EXE' - '28' Module(s) have been scanned
Scan process 'GoogleCrashHandler.exe' - '23' Module(s) have been scanned
Scan process 'ctfmon.exe' - '27' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '37' Module(s) have been scanned
Scan process 'jusched.exe' - '23' Module(s) have been scanned
Scan process 'DrvIcon.exe' - '20' Module(s) have been scanned
Scan process 'rundll32.exe' - '36' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '27' Module(s) have been scanned
Scan process 'RUNDLL32.EXE' - '30' Module(s) have been scanned
Scan process 'notepad.exe' - '28' Module(s) have been scanned
Scan process 'alg.exe' - '35' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '33' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'Explorer.EXE' - '121' Module(s) have been scanned
Scan process 'spoolsv.exe' - '55' Module(s) have been scanned
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'svchost.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '166' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '55' Module(s) have been scanned
Scan process 'lsass.exe' - '60' Module(s) have been scanned
Scan process 'services.exe' - '38' Module(s) have been scanned
Scan process 'winlogon.exe' - '79' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '2256' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\Documents and Settings\עדן\שולחן העבודה\rofl\Matroska.rar

Archive type: RAR

Archive type: RAR

[WARNING] The file was ignored!
C:\Program Files\SexyKO\Packed\KnightOnLine.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[WARNING] The file was ignored!
C:\Program Files\SexyKO\s-shield.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[WARNING] The file was ignored!
C:\Program Files\SexyKO\KnightOnLine.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[WARNING] The file was ignored!
C:\Program Files\MaxKO\patch1565\MaxKOC.exe
[DETECTION] Is the TR/PSW.Dybalom.bkh.1 Trojan
[WARNING] The file was ignored!
C:\Program Files\MaxKO\patch1565\MaxKO.exe
[DETECTION] Is the TR/PSW.Dybalom.bkh.1 Trojan
[WARNING] The file was ignored!
C:\Program Files\MaxKO\Fantasy's 85 Patch\Data\MaxKOC.exe
[DETECTION] Is the TR/Crypt.TPM.Gen Trojan
[WARNING] The file was ignored!
C:\Program Files\MaxKO\Data\MaxKOC.exe
[DETECTION] Is the TR/Crypt.TPM.Gen Trojan
[WARNING] The file was ignored!
C:\Program Files\MaxKO\MaxKOC.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[WARNING] The file was ignored!
C:\Program Files\MaxKO\MaxKO.exe
[DETECTION] Is the TR/Black.Gen2 Trojan
[WARNING] The file was ignored!
C:\Program Files\ko4life\ko4life\dor.rar
[DETECTION] Is the TR/Crypt.TPM.Gen Trojan
[NOTE] The file was deleted!
C:\Program Files\ko4life\Launcher.exe
[DETECTION] Is the TR/Black.Gen2 Trojan
[NOTE] The file was deleted!
C:\Program Files\ko4life\Ko4life.exe
[DETECTION] Is the TR/Crypt.TPM.Gen Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\עדן\שולחן העבודה\rofl\Matroska.rar
[DETECTION] Is the TR/Banker.Bancos.nci Trojan
[NOTE] The file was deleted!

End of the scan: יום שני 19 יולי 2010 14:03
Used time: 1:31:39 Hour(s)

The scan has been done completely.

8728 Scanned directories
273218 Files were scanned
15 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
4 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
273203 Files not concerned
1324 Archives were scanned
10 Warnings
4 Notes
567455 Objects were scanned with rootkit scan
0 Hidden objects were found

Brenneka · « **Reply #12 on:** July 19, 2010, 02:58:04 PM »

About that Adobe error, I looked it up on google and tried everything to make it work so it would let me uninstall that bloody software, but nothing. I even tried setting special permissions on regedit for that specific folder (as instructed here: http://kb2.adobe.com/cps/329/329137.html) and it didn't work either, it said "Access Denied" or something like "Could not set permissions".

As for uninstalling ComboFix, I tried to navigate to my desktop on cmd and use that command, but it seemed to start up and just run the program instead of uninstall it, so I closed it.

guestolo · « **Reply #13 on:** July 19, 2010, 10:24:53 PM »

Please do the following
Download ComboFix from ONLY the following location
[color="#0000FF"]Link [/color]

[color="#FF0000"]Save it ONLY to your Desktop[/color]

--------------------------------------------------------------------
[color="#2E8B57"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]

Copy ALL the below in the Code box and paste to an empty notepad file
Don't use anything else than notepad or the script will not work
To open Notepad you can go to Start>Programs>> Accessories, and then clicking Notepad.

Code: [Select]

RegLock::
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]

Save this as txtfile on your desktop, with the exact name of
CFScript

Temporarily disable your AntiVirus software so it won't interfere with this next step

Drag CFScript.txt into ComboFix.exe
Combofix will start>>Follow the prompts
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

When finished, it shall produce a log for you with the same name C:\ComboFix.txt..
I'll need to see that log again

NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please

In addition: try uninstalling Adobe and installing the new version from the instructions I gave earlier

Brenneka · « **Reply #14 on:** July 20, 2010, 03:10:30 AM »

Thanks a lot, it worked! I've successfully uninstalled the old version of Reader and installed the newest one

That ComboFix thing really is something, ha?

Here's the log:

ComboFix 10-07-19.02 - עדן 07/20/2010 10:35:58.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1255.972.1037.18.511.169 [GMT 3:00]
Running from: c:\documents and settings\עדן\שולחן העבודה\ComboFix.exe
Command switches used :: c:\documents and settings\עדן\שולחן העבודה\CFScript.txt
.

((((((((((((((((((((((((( Files Created from 2010-06-20 to 2010-07-20 )))))))))))))))))))))))))))))))
.

2010-07-19 09:11 . 2010-07-19 10:41   --------   d-----w-   c:\windows\system32\NtmsData
2010-07-19 08:39 . 2010-07-19 08:39   --------   d-----w-   C:\_OTL
2010-07-16 19:47 . 2010-07-16 19:47   --------   d-----w-   c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2010-07-16 19:47 . 2010-07-16 19:47   --------   d-----w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com
2010-07-16 19:46 . 2010-07-17 06:50   --------   d-----w-   c:\program files\SUPERAntiSpyware
2010-07-16 19:17 . 2010-07-16 19:17   --------   d-----w-   c:\program files\Uniblue
2010-07-16 17:18 . 2010-07-16 17:17   423656   ----a-w-   c:\windows\system32\deployJava1.dll
2010-07-16 13:48 . 2010-07-16 13:48   --------   d-----w-   c:\documents and settings\עדן\Application Data\Uniblue
2010-07-14 10:58 . 2010-06-14 14:31   744448   -c----w-   c:\windows\system32\dllcache\helpsvc.exe
2010-07-11 20:37 . 2010-07-11 20:37   --------   d-----w-   c:\program files\TeamSpeak 3 Client

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-19 20:36 . 2009-11-08 14:55   --------   d-----w-   c:\documents and settings\עדן\Application Data\uTorrent
2010-07-19 19:08 . 2004-08-08 14:10   --------   d-----w-   c:\program files\Common Files\Adobe
2010-07-19 14:46 . 2010-02-16 13:03   --------   d-----w-   c:\program files\MaxKO
2010-07-19 11:24 . 2008-03-01 19:55   --------   d-----w-   c:\documents and settings\All Users.WINDOWS\Application Data\Avira
2010-07-19 11:03 . 2010-01-15 15:24   --------   d-----w-   c:\program files\ko4life
2010-07-16 19:54 . 2010-07-16 19:47   63488   ----a-w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-07-16 19:54 . 2010-07-16 19:47   117760   ----a-w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-07-16 19:47 . 2010-07-16 19:47   52224   ----a-w-   c:\documents and settings\עדן\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-07-16 17:19 . 2010-07-16 17:19   503808   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-57e29002-n\msvcp71.dll
2010-07-16 17:19 . 2010-07-16 17:19   499712   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-57e29002-n\jmc.dll
2010-07-16 17:19 . 2010-07-16 17:19   348160   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-57e29002-n\msvcr71.dll
2010-07-16 17:19 . 2010-07-16 17:19   61440   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5c395654-n\decora-sse.dll
2010-07-16 17:19 . 2010-07-16 17:19   12800   ----a-w-   c:\documents and settings\עדן\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5c395654-n\decora-d3d.dll
2010-07-16 17:19 . 2005-01-03 13:06   --------   d-----w-   c:\program files\Common Files\Java
2010-07-16 17:09 . 2004-06-04 23:04   --------   d-----w-   c:\program files\Java
2010-07-16 09:30 . 2007-08-26 16:57   --------   d-----w-   c:\program files\VentriloMIX
2010-07-13 18:56 . 2009-11-27 18:33   --------   d-----w-   c:\program files\Mp3tag
2010-07-01 12:16 . 2009-05-26 17:55   --------   d-----w-   c:\documents and settings\עדן\Application Data\NoNameScript-May26
2010-07-01 12:15 . 2009-06-19 08:14   --------   d-----w-   c:\program files\mIRC
2010-06-23 21:15 . 2004-08-27 12:00   67296   ----a-w-   c:\windows\system32\perfc00d.dat
2010-06-23 21:15 . 2004-08-27 12:00   345584   ----a-w-   c:\windows\system32\perfh00d.dat
2010-06-21 09:29 . 2010-06-19 19:31   --------   d-----w-   c:\program files\SexyKO
2010-06-15 19:33 . 2009-12-15 14:49   --------   d-----w-   c:\documents and settings\עדן\Application Data\Mp3 Audio Editor
2010-06-14 14:39 . 2009-11-08 14:56   --------   d-----w-   c:\program files\uTorrent
2010-06-14 14:31 . 2005-12-08 07:22   744448   ----a-w-   c:\windows\PCHEALTH\HELPCTR\Binaries\helpsvc.exe
2010-05-14 15:47 . 2010-05-14 15:47   286720   ------w-   c:\windows\Setup1.exe
2010-05-14 15:47 . 2010-05-14 15:47   73216   ----a-w-   c:\windows\ST6UNST.EXE
2010-05-06 10:35 . 2004-08-27 12:00   916480   ----a-w-   c:\windows\system32\wininet.dll
2010-05-04 09:01 . 2005-12-08 08:13   60576   ----a-w-   c:\documents and settings\עדן\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-02 08:08 . 2004-08-27 12:00   1851136   ----a-w-   c:\windows\system32\win32k.sys
2010-04-29 12:39 . 2009-06-06 18:06   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 12:39 . 2009-06-06 18:06   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2005-01-29 12:14 . 2005-01-29 12:14   48640   --sha-w-   c:\program files\Thumbs.db
2003-01-13 09:20 . 2004-09-12 12:48   278528   ----a-w-   c:\program files\internet explorer\plugins\PanoViewer.dll
1999-04-30 14:00 . 2004-09-12 12:48   98304   ----a-w-   c:\program files\internet explorer\plugins\UPjpeg.dll
.

------- Sigcheck -------

[-] 2008-04-14 . CD194374A5A584E32346297DE305F77B . 1429504 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . 468D2A8B5F62E25F81C3150263D8E558 . 1202176 . . [6.00.2900.5512] . . c:\windows\system32\VITrans\explorer.exe
[7] 2008-04-14 . 468D2A8B5F62E25F81C3150263D8E558 . 1202176 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . 7C66CE267EDD66607B2275FE44235A31 . 1201664 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 1FB3EE7C4D70AACE3063A1E1E0FF7FCF . 1201664 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[7] 2004-08-27 . A275BB2B4CF43625B9F38AD312F5C5A6 . 1200640 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-07-17_17.10.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 21:02 . 2009-07-11 21:02   51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2009-07-11 21:05 . 2009-07-11 21:05   59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-11 21:05 . 2009-07-11 21:05   59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2010-07-19 18:56 . 2010-07-19 18:56   87702 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
- 2008-06-23 16:05 . 2008-06-17 13:11   94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2010-05-05 14:05 . 2010-05-05 14:05   94208 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2010-04-29 10:11 . 2010-04-29 10:11   79488 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2010-05-05 14:38 . 2010-05-05 14:38   65816 c:\windows\system32\Adobe\Director\SWDNLD.EXE
- 2008-06-23 16:05 . 2008-06-17 13:13   9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2010-05-05 14:07 . 2010-05-05 14:07   9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-11 21:05 . 2009-07-11 21:05   225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2010-07-19 19:00 . 2010-07-19 19:00   231888 c:\windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
+ 2010-07-19 19:00 . 2010-07-19 19:00   311760 c:\windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.dll
+ 2010-04-29 10:11 . 2010-04-29 10:11   136568 c:\windows\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL
+ 2010-05-05 14:05 . 2010-05-05 14:05   114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
- 2008-06-23 16:05 . 2008-06-17 13:15   114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
+ 2010-05-05 14:36 . 2010-05-05 14:36   467224 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1157609.exe
+ 2010-05-05 14:08 . 2010-05-05 14:08   446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
- 2008-06-23 16:05 . 2008-06-17 13:15   446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2010-05-05 14:06 . 2010-05-05 14:06   372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
+ 2010-04-29 10:11 . 2010-04-29 10:11   753152 c:\windows\system32\Adobe\Shockwave 11\gi.dll
+ 2010-05-05 14:05 . 2010-05-05 14:05   503808 c:\windows\system32\Adobe\Shockwave 11\Control.dll
+ 2010-05-05 14:37 . 2010-05-05 14:37   213272 c:\windows\system32\Adobe\Director\SwDir.dll
+ 2010-05-05 14:07 . 2010-05-05 14:07   131072 c:\windows\system32\Adobe\Director\np32dsw.dll
+ 2010-07-19 09:01 . 2010-07-19 09:01   219648 c:\windows\Installer\b1deb.msi
+ 2010-07-19 19:08 . 2010-07-19 19:08   691200 c:\windows\Installer\491ad9.msi
+ 2010-07-19 19:08 . 2010-07-19 19:08   295606 c:\windows\Installer\{AC76BA86-7AD7-5464-3428-800000000003}\ARPPRODUCTICON.exe
+ 2009-07-11 21:02 . 2009-07-11 21:02   3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-11 21:02 . 2009-07-11 21:02   3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2010-05-05 13:40 . 2010-05-05 13:40   1011712 c:\windows\system32\Adobe\Shockwave 11\iml32.dll
+ 2010-04-29 10:11 . 2010-04-29 10:11   1975408 c:\windows\system32\Adobe\Shockwave 11\gt.exe
+ 2010-05-05 13:44 . 2010-05-05 13:44   1798144 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
- 2008-06-23 16:05 . 2008-06-17 12:36   1798144 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
+ 2010-06-20 08:01 . 2010-06-20 08:01   8040960 c:\windows\Installer\635eca.msp
+ 2010-04-04 06:54 . 2010-04-04 06:54   11850240 c:\windows\Installer\635ec9.msp
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\עדן\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-06-13 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-27 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-27 455168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-09-30 4603904]
"nwiz"="nwiz.exe" [2004-09-30 921600]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-09-30 86016]
"SoundMan"="SOUNDMAN.EXE" [2004-09-16 69632]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"DrvIcon"="c:\program files\Vista Drive Icon\DrvIcon.exe" [2008-04-13 49152]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):73,65,76,65,6e,75,69,2e,65,78,65,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21   548352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^תפריט התחלה^תוכניות^הפעלה^DSLMON.lnk]
path=c:\documents and settings\All Users.WINDOWS\תפריט התחלה\תוכניות\הפעלה\DSLMON.lnk
backup=c:\windows\pss\DSLMON.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^תפריט התחלה^תוכניות^הפעלה^Microsoft Office.lnk]
path=c:\documents and settings\All Users.WINDOWS\תפריט התחלה\תוכניות\הפעלה\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^עדן^תפריט התחלה^תוכניות^הפעלה^Adobe Gamma.lnk]
path=c:\documents and settings\עדן\תפריט התחלה\תוכניות\הפעלה\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^עדן^תפריט התחלה^תוכניות^הפעלה^Xfire.lnk]
path=c:\documents and settings\עדן\תפריט התחלה\תוכניות\הפעלה\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-14 23:04   39792   ----a-w-   c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2007-12-29 12:05   486856   ----a-w-   c:\program files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-27 12:00   208952   ----a-w-   c:\windows\ime\imjp8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 12:39   1090952   ----a-w-   c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:17   1695232   ------w-   c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40   155648   ----a-w-   c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 21:08   417792   ----a-w-   c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vilaunch]
2009-09-09 19:19   146412   ----a-w-   c:\windows\system32\vilaunch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-07-01 16:37   37888   ----a-w-   c:\program files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"NBService"=3 (0x3)
"ICQ Service"=2 (0x2)
"Adobe LM Service"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Tactical Ops\\TacticalOps 3\\System\\TacticalOps.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Documents and Settings\\עדן\\Application Data\\Juniper Networks\\Juniper Terminal Services Client\\dsTermServ.exe"=
"c:\\Program Files\\Juniper Networks\\Secure Application Manager\\dsSamProxy.exe"=
"c:\\Program Files\\Tactical Ops\\TacticalOps 4\\System\\TacticalOps.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\UT2004\\System\\UT2004.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\FlashFXP\\FlashFXP.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

R1 NEOFLTR_640_14811;Juniper Networks TDI Filter Driver (NEOFLTR_640_14811);c:\windows\system32\drivers\NEOFLTR_640_14811.sys [27/10/2009 13:26 77608]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 21:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/05/2010 21:41 67656]
S1 SABKUTIL;SABKUTIL;\??\c:\program files\SUPERAntiSpyware\SABKUTIL.sys --> c:\program files\SUPERAntiSpyware\SABKUTIL.sys [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 XDva002;XDva002;\??\c:\windows\system32\XDva002.sys --> c:\windows\system32\XDva002.sys [?]
S3 XDva007;XDva007;\??\c:\windows\system32\XDva007.sys --> c:\windows\system32\XDva007.sys [?]
S3 XDva009;XDva009;\??\c:\windows\system32\XDva009.sys --> c:\windows\system32\XDva009.sys [?]
S3 XDva010;XDva010;\??\c:\windows\system32\XDva010.sys --> c:\windows\system32\XDva010.sys [?]
S3 XDva020;XDva020;\??\c:\windows\system32\XDva020.sys --> c:\windows\system32\XDva020.sys [?]
S3 XDva025;XDva025;\??\c:\windows\system32\XDva025.sys --> c:\windows\system32\XDva025.sys [?]
S3 XDva031;XDva031;\??\c:\windows\system32\XDva031.sys --> c:\windows\system32\XDva031.sys [?]
S3 XDva032;XDva032;\??\c:\windows\system32\XDva032.sys --> c:\windows\system32\XDva032.sys [?]
S3 XDva033;XDva033;\??\c:\windows\system32\XDva033.sys --> c:\windows\system32\XDva033.sys [?]
S3 XDva039;XDva039;\??\c:\windows\system32\XDva039.sys --> c:\windows\system32\XDva039.sys [?]
S3 XDva041;XDva041;\??\c:\windows\system32\XDva041.sys --> c:\windows\system32\XDva041.sys [?]
S3 XDva049;XDva049;\??\c:\windows\system32\XDva049.sys --> c:\windows\system32\XDva049.sys [?]
S3 XDva054;XDva054;\??\c:\windows\system32\XDva054.sys --> c:\windows\system32\XDva054.sys [?]
S3 XDva062;XDva062;\??\c:\windows\system32\XDva062.sys --> c:\windows\system32\XDva062.sys [?]
S3 XDva078;XDva078;\??\c:\windows\system32\XDva078.sys --> c:\windows\system32\XDva078.sys [?]
S3 XDva089;XDva089;\??\c:\windows\system32\XDva089.sys --> c:\windows\system32\XDva089.sys [?]
S3 XDva090;XDva090;\??\c:\windows\system32\XDva090.sys --> c:\windows\system32\XDva090.sys [?]
S3 XDva136;XDva136;\??\c:\windows\system32\XDva136.sys --> c:\windows\system32\XDva136.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/05/2007 12:01 715248]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
IE: &יצא ל- Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: {138FBCB5-DF29-4828-B640-71D6034CC076} = 192.117.235.236 62.219.186.7
DPF: {03EC4525-6918-4674-9EFF-738EEB3E189F} - hxxp://maxshein10.cctvuser.com/plusviewer.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://ssl.sonol.co.il/dana-cached/sc/JuniperSetupClient.cab
FF - ProfilePath - c:\documents and settings\עדן\Application Data\Mozilla\Firefox\Profiles\sx612zxc.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-20 10:44
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1960408961-261903793-1801674531-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1960408961-261903793-1801674531-1004\Software\Microsoft\ M*i*c*r*o*s*o*f*t* *M*a*n*a*g*e*m*e*n*t* *C*o*n*s*o*l*e*\Recent File List]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"File1"="c:\\WINDOWS\\system32\\devmgmt.msc"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(508)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(564)
c:\windows\system32\wdigest.dll

- - - - - - - > 'explorer.exe'(2976)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-07-20 10:50:38
ComboFix-quarantined-files.txt 2010-07-20 07:50
ComboFix2.txt 2010-07-17 17:17
ComboFix3.txt 2009-09-05 08:19
ComboFix4.txt 2009-06-06 20:40

Pre-Run: 6,988,042,240 bytes free
Post-Run: 7,087,841,280 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 7ACF2C59C80CE525FA48481DF2AFD53E

Brenneka · « **Reply #15 on:** July 20, 2010, 03:22:18 AM »

Oh, and after that I used the ComboFix /uninstall command and it worked as well

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/wink.gif\' class=\'bbc_emoticon\' alt=\'

\' />

To be better protected from spywares and malwares, I'm now using the HOSTS file from mvps.org, the one in the pinned topic here, and I've also installed the newest versions of all Adobe softwares (Shockwave Player, Flash Player etc.) and Java, just in case I had old versions.

Again, thanks a lot! You're awesome

TheTechGuide Forum

News:

Author Topic: Annoying virus keeps reappearing (Read 1557 times)

Brenneka

Annoying virus keeps reappearing

guestolo

Annoying virus keeps reappearing

Brenneka

Annoying virus keeps reappearing

guestolo

Annoying virus keeps reappearing

Brenneka

Annoying virus keeps reappearing

Brenneka

Annoying virus keeps reappearing

Brenneka

Annoying virus keeps reappearing

Brenneka

Annoying virus keeps reappearing

guestolo

Annoying virus keeps reappearing

Brenneka

Annoying virus keeps reappearing

guestolo

Annoying virus keeps reappearing

Brenneka

Annoying virus keeps reappearing

Brenneka

Annoying virus keeps reappearing

guestolo

Annoying virus keeps reappearing

Brenneka

Annoying virus keeps reappearing

Brenneka

Annoying virus keeps reappearing