lashaun84 Posted February 13, 2009 Report Share Posted February 13, 2009 Logfile of HijackThis v1.99.1Scan saved at 9:12:58 AM, on 11/02/2009Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\QuickTime\qttask.exeC:\WINDOWS\System32\hkcmd.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\D-Link\AirPlus G\AirGCFG.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exeC:\WINDOWS\System32\baloon.exeC:\WINDOWS\System32\rundll32.exeC:\DOCUME~1\Owner\LOCALS~1\Temp\winlognn.exeC:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\WINDOWS\System32\ctfmon.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exeC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exeC:\WINDOWS\sysguard.exeC:\Documents and Settings\All Users\Start Menu\Programs\Startup\office.exeC:\DOCUME~1\Owner\LOCALS~1\Temp\csrssc.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://adserving.cpxinteractive.com/iframe...a4-000b6aa2a5f8R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet ExplorerR3 - URLSearchHook: (no name) - ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)R3 - URLSearchHook: MyIdentityDefender - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Documents and Settings\Owner\Local Settings\Application Data\CyberDefender\cdmyidd.dllO1 - Hosts: 195.245.119.131 browser-security.microsoft.comO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO3 - Toolbar: MyIdentityDefender - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Documents and Settings\Owner\Local Settings\Application Data\CyberDefender\cdmyidd.dllO4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exeO4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exeO4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startupO4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exeO4 - HKLM\..\Run: [1331176861] "C:\Documents and Settings\All Users\Application Data\1447988137\1331176861.exe"O4 - HKLM\..\Run: [C:\WINDOWS\System32\baloon.exe] C:\WINDOWS\System32\baloon.exeO4 - HKLM\..\Run: [Rhoyezudana] rundll32.exe "C:\WINDOWS\Szinoceqozuzeqij.dll",eO4 - HKLM\..\Run: [jsf8uiw3jnjgffght] C:\DOCUME~1\Owner\LOCALS~1\Temp\winlognn.exeO4 - HKLM\..\Run: [Gyoyaveca] rundll32.exe "C:\WINDOWS\uciqamalanunevif.dll",eO4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitserviceO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [A00F2EE4C2.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F2EE4C2.exeO4 - HKCU\..\Run: [A00F530BC.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F530BC.exeO4 - HKCU\..\Run: [A00F3803D8.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F3803D8.exeO4 - HKCU\..\Run: [RegTool] C:\Program Files\RegTool\RegTool.exe -bootO4 - HKCU\..\Run: [A00F978B69.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F978B69.exeO4 - HKCU\..\Run: [A00F5F98A.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F5F98A.exeO4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /SO4 - HKCU\..\Run: [A00FBD9DF.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00FBD9DF.exeO4 - HKCU\..\Run: [A00F31CA1.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F31CA1.exeO4 - HKCU\..\Run: [A00FA2C2F.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00FA2C2F.exeO4 - HKCU\..\Run: [A00FAAE31.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00FAAE31.exeO4 - HKCU\..\Run: [A00F2F17A.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F2F17A.exeO4 - HKCU\..\Run: [A00F67438.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F67438.exeO4 - HKCU\..\Run: [A00FF0B9F.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00FF0B9F.exeO4 - HKCU\..\Run: [A00F3AEDF.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F3AEDF.exeO4 - HKCU\..\Run: [A00F31BA7.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F31BA7.exeO4 - HKCU\..\Run: [A00F41F8A.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F41F8A.exeO4 - HKCU\..\Run: [A00F2F67B.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F2F67B.exeO4 - HKCU\..\Run: [A00F3ECC2.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F3ECC2.exeO4 - HKCU\..\Run: [A00F2FCB5.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F2FCB5.exeO4 - HKCU\..\Run: [A00F643F1.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F643F1.exeO4 - HKCU\..\Run: [A00F3DBEA.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F3DBEA.exeO4 - HKCU\..\Run: [A00F2FE9A.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F2FE9A.exeO4 - HKCU\..\Run: [A00F5316C0.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F5316C0.exeO4 - HKCU\..\Run: [A00F5425CF.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F5425CF.exeO4 - HKCU\..\Run: [MalwareBot] C:\Program Files\MalwareBot\MalwareBot.exe -bootO4 - HKCU\..\Run: [A00FE2A77.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00FE2A77.exeO4 - HKCU\..\Run: [A00F1B2344.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F1B2344.exeO4 - HKCU\..\Run: [A00F41672.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F41672.exeO4 - HKCU\..\Run: [A00F49140.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F49140.exeO4 - HKCU\..\Run: [A00F5579D.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F5579D.exeO4 - HKCU\..\Run: [A00F142019.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F142019.exeO4 - HKCU\..\Run: [A00F151F3A.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F151F3A.exeO4 - HKCU\..\Run: [A00F50779.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F50779.exeO4 - HKCU\..\Run: [A00F133617.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F133617.exeO4 - HKCU\..\Run: [A00F180366.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F180366.exeO4 - HKCU\..\Run: [A00F18E4CD.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F18E4CD.exeO4 - HKCU\..\Run: [A00F49BD03.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F49BD03.exeO4 - HKCU\..\Run: [A00F8C0A9.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F8C0A9.exeO4 - HKCU\..\Run: [A00FDDE79.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00FDDE79.exeO4 - HKCU\..\Run: [A00F4BB6D.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F4BB6D.exeO4 - HKCU\..\Run: [sysguard] C:\WINDOWS\sysguard.exeO4 - HKCU\..\Run: [jsf8uiw3jnjgffght] C:\DOCUME~1\Owner\LOCALS~1\Temp\winlognn.exeO4 - HKCU\..\Run: [tezrtsjhfr84iusjfo84f] C:\DOCUME~1\Owner\LOCALS~1\Temp\csrssc.exeO4 - HKCU\..\Run: [A00FFAA12.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00FFAA12.exeO4 - HKCU\..\Run: [A00F5114D.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F5114D.exeO4 - HKCU\..\Run: [A00FFFE1D.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00FFFE1D.exeO4 - HKCU\..\Run: [A00F1849C6.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F1849C6.exeO4 - HKCU\..\Run: [A00F7D30D.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F7D30D.exeO4 - HKCU\..\Run: [A00F50854.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F50854.exeO4 - HKCU\..\Run: [A00F80EAE.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F80EAE.exeO4 - Global Startup: office.exeO7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTMLO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dllO12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} (CPlayFirstChocolatieControl Object) - http://zone.msn.com/bingame/choc/default/C...eb.1.0.0.15.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1213917412731O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1213962550419O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/zuma/default/popcaploader_v6.cabO16 - DPF: {E9B80D94-D8BC-43DE-9138-75605A8D9666} (CPlayFirstWeddingDasControl Object) - http://zone.msn.com/bingame/wedd/default/W...sh.1.0.0.50.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{256BB56E-10EE-4BEB-AA15-49F444D132BD}: NameServer = 85.255.112.39,85.255.112.40O17 - HKLM\System\CCS\Services\Tcpip\..\{C7EB3819-3812-4E2C-91CF-A606F639C246}: NameServer = 85.255.112.39,85.255.112.40O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40O17 - HKLM\System\CS1\Services\Tcpip\..\{256BB56E-10EE-4BEB-AA15-49F444D132BD}: NameServer = 85.255.112.39,85.255.112.40O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40O17 - HKLM\System\CS2\Services\Tcpip\..\{256BB56E-10EE-4BEB-AA15-49F444D132BD}: NameServer = 85.255.112.39,85.255.112.40O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40O20 - AppInit_DLLs: C:\WINDOWS\System32\dpnlobby32.dll,C:\WINDOWS\System32\dpnlobby32.dll sdfqxl.dll cnpvkf.dll xhedsz.dll zdnvjq.dllO23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exeO23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exeO23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) Quote Link to post Share on other sites
therock247uk Posted February 14, 2009 Report Share Posted February 14, 2009 Can you please follow this topic? http://www.besttechie.net/forums/index.php?showtopic=12175Your Hijackthis version etc are out of date. Quote Link to post Share on other sites
lashaun84 Posted February 16, 2009 Author Report Share Posted February 16, 2009 Malwarebytes' Anti-Malware 1.34Database version: 1764Windows 5.1.2600 15/02/2009 7:25:08 PMmbam-log-2009-02-15 (19-25-07).txtScan type: Quick ScanObjects scanned: 74163Time elapsed: 15 minute(s), 50 second(s)Memory Processes Infected: 5Memory Modules Infected: 10Registry Keys Infected: 50Registry Values Infected: 56Registry Data Items Infected: 16Folders Infected: 4Files Infected: 286Memory Processes Infected:C:\Documents and Settings\Owner\Local Settings\Temp\winlognn.exe (Trojan.Downloader) -> Unloaded process successfully.C:\WINDOWS\sysguard.exe (Trojan.Downloader) -> Unloaded process successfully.C:\Documents and Settings\Owner\Local Settings\Temp\csrssc.exe (Trojan.Downloader) -> Unloaded process successfully.C:\Documents and Settings\All Users\Start Menu\Programs\Startup\office.exe (Trojan.Downloader) -> Unloaded process successfully.C:\WINDOWS\system32\baloon.exe (Trojan.FakeAlert) -> Unloaded process successfully.Memory Modules Infected:C:\WINDOWS\system32\fccaBQHY.dll (Trojan.Vundo.H) -> Delete on reboot.C:\WINDOWS\Szinoceqozuzeqij.dll (Trojan.Vundo) -> Delete on reboot.C:\WINDOWS\system32\sdfqxl.dll (Trojan.Vundo) -> Delete on reboot.C:\WINDOWS\system32\cnpvkf.dll (Trojan.Vundo) -> Delete on reboot.C:\WINDOWS\system32\xhedsz.dll (Trojan.Vundo) -> Delete on reboot.C:\WINDOWS\system32\viorxs.dll (Trojan.Vundo) -> Delete on reboot.C:\WINDOWS\system32\urqNfCTn.dll (Trojan.Vundo.H) -> Delete on reboot.C:\WINDOWS\system32\WinCtrl32.dll (Trojan.Downloader) -> Delete on reboot.C:\WINDOWS\system32\hsfd83jfdg.dll (Trojan.Downloader) -> Delete on reboot.C:\WINDOWS\system32\__c009CFE2.dat (Trojan.Agent) -> Delete on reboot.Registry Keys Infected:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\urqnfctn (Trojan.Vundo.H) -> Delete on reboot.HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{97bc5159-1d8e-4d18-9b4e-5575041309a8} (Trojan.Vundo.H) -> Delete on reboot.HKEY_CLASSES_ROOT\CLSID\{97bc5159-1d8e-4d18-9b4e-5575041309a8} (Trojan.Vundo.H) -> Delete on reboot.HKEY_CLASSES_ROOT\CLSID\{c5bf49a2-94f3-42bd-f434-3604812c8955} (Trojan.Zlob.H) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{97ac8336-c41b-4d04-aba6-c727e8c24588} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{71a5fc36-8827-45ff-98ed-bd0f7330b414} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{cde2b712-04a3-4f2c-ba07-6b2d0fc8411c} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{71e232e9-753a-4e35-8a49-dfcfa5986a28} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winctrl32 (Trojan.Downloader) -> Delete on reboot.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5bf49a2-94f3-42bd-f434-3604812c8955} (Trojan.Downloader) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\cdmyidd.securitytoolbar (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\TypeLib\{cd24eb02-9831-4838-99d0-726d411b1328} (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{f20da564-9254-49fe-a678-cc3cef172252} (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6} (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\cdmyidd.securitytoolbar.1 (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{5cc2f638-99ff-45d2-97c7-e30e83cf04d2} (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{36dbc179-a19f-48f2-b16a-6a3e19b42a87} (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{c9c42510-9b21-41c1-9dcd-8382a2d07c61} (Trojan.FakeAlert) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\AppID\{36dbc179-a19f-48f2-b16a-6a3e19b42a87} (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{dcfba5e4-23ed-49f9-a5c2-99607670da51} (Spyware.BZub) -> Delete on reboot.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dcfba5e4-23ed-49f9-a5c2-99607670da51} (Spyware.BZub) -> Delete on reboot.HKEY_CLASSES_ROOT\CLSID\{32123989-5e4a-47da-bd3f-75e46c4c75d6} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{51008f05-10d7-4981-a349-cde667a546bc} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{85fb89b6-38d9-4b04-8512-c90471161acb} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winvc05 (Rootkit.Agent) -> Delete on reboot.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\winvc05 (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winvc05 (Rootkit.Agent) -> Delete on reboot.HKEY_CLASSES_ROOT\coolplay (Trojan.DNSChanger) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\MalwareBot (Rogue.MalwareBot) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c009cfe2 (Trojan.Vundo) -> Delete on reboot.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\freshplay (Trojan.DNSChanger) -> Quarantined and deleted successfully.Registry Values Infected:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ccf7760d (Trojan.Vundo.H) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{c5bf49a2-94f3-42bd-f434-3604812c8955} (Trojan.Zlob.H) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysguard (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rhoyezudana (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jsf8uiw3jnjgffght (Trojan.Downloader) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jsf8uiw3jnjgffght (Trojan.Downloader) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tezrtsjhfr84iusjfo84f (Trojan.Downloader) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6} (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6} (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6} (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gyoyaveca (Trojan.Agent) -> Delete on reboot.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f530bc.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f5f98a.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00fbd9df.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f31ca1.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00fa2c2f.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00faae31.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f2f17a.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f67438.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00ff0b9f.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f3aedf.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f31ba7.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f41f8a.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f2f67b.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f3ecc2.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f2fcb5.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f643f1.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f3dbea.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f2fe9a.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00fe2a77.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f41672.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f49140.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f5579d.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f50779.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f8c0a9.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00fdde79.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f4bb6d.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00ffaa12.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f5114d.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00fffe1d.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f7d30d.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f50854.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f80eae.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f4c262.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f69686.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f60820.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f65239.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f79eaf.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\a00f55bc3.exe (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Delete on reboot.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Delete on reboot.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Delete on reboot.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Delete on reboot.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\c:\windows\system32\baloon.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.Registry Data Items Infected:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\fccabqhy -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\fccabqhy -> Delete on reboot.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{256bb56e-10ee-4beb-aa15-49f444d132bd}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c7eb3819-3812-4e2c-91cf-a606f639c246}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c7eb3819-3812-4e2c-91cf-a606f639c246}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{256bb56e-10ee-4beb-aa15-49f444d132bd}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{c7eb3819-3812-4e2c-91cf-a606f639c246}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{c7eb3819-3812-4e2c-91cf-a606f639c246}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{256bb56e-10ee-4beb-aa15-49f444d132bd}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{c7eb3819-3812-4e2c-91cf-a606f639c246}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{c7eb3819-3812-4e2c-91cf-a606f639c246}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully.Folders Infected:C:\Documents and Settings\Owner\Application Data\MalwareBot (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Settings (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Start Menu\Programs\coolplay (Trojan.DNSChanger) -> Quarantined and deleted successfully.Files Infected:C:\WINDOWS\system32\urqNfCTn.dll (Trojan.Vundo.H) -> Delete on reboot.C:\WINDOWS\system32\fccaBQHY.dll (Trojan.Vundo.H) -> Delete on reboot.C:\WINDOWS\system32\YHQBaccf.ini (Trojan.Vundo.H) -> Delete on reboot.C:\WINDOWS\system32\YHQBaccf.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\batvsgta.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\atgsvtab.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\bibunsdn.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\ndsnubib.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\blbscvoa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\aovcsblb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\bvevvgfv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\vfgvvevb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\gyspqvle.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\elvqpsyg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\iqqdihvo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\ovhidqqi.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\jvqjthmf.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\fmhtjqvj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\qhwsqhqx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\xqhqswhq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\rbxlgsjx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\xjsglxbr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\ujwgxjai.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\iajxgwju.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\wjwxiomp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\pmoixwjw.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\xntiicwe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\ewciitnx.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.C:\WINDOWS\system32\hsfd83jfdg.dll (Trojan.Zlob.H) -> Delete on reboot.C:\WINDOWS\sysguard.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.C:\WINDOWS\Szinoceqozuzeqij.dll (Trojan.Vundo) -> Delete on reboot.C:\WINDOWS\system32\sdfqxl.dll (Trojan.Vundo) -> Delete on reboot.C:\WINDOWS\system32\cnpvkf.dll (Trojan.Vundo) -> Delete on reboot.C:\WINDOWS\system32\xhedsz.dll (Trojan.Vundo) -> Delete on reboot.C:\WINDOWS\system32\viorxs.dll (Trojan.Vundo) -> Delete on reboot.C:\WINDOWS\system32\WinCtrl32.dll (Trojan.Downloader) -> Delete on reboot.C:\Documents and Settings\Owner\Local Settings\Temp\winlognn.exe (Trojan.Downloader) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\csrssc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.C:\Documents and Settings\All Users\Start Menu\Programs\Startup\office.exe (Trojan.Downloader) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F2EE4C2.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F530BC.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F3803D8.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F978B69.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F5F98A.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00FBD9DF.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F31CA1.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00FA2C2F.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00FAAE31.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F2F17A.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F67438.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00FF0B9F.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F3AEDF.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F31BA7.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F41F8A.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F2F67B.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F3ECC2.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F2FCB5.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F643F1.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F3DBEA.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F2FE9A.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F5316C0.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F5425CF.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00FE2A77.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F1B2344.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F41672.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F49140.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F5579D.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F142019.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F151F3A.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F50779.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F133617.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F180366.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F18E4CD.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F49BD03.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F8C0A9.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00FDDE79.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F4BB6D.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00FFAA12.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F5114D.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00FFFE1D.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F1849C6.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F7D30D.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F50854.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F80EAE.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F4C262.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F69686.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F60820.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F65239.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F79EAF.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F55BC3.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Application Data\CyberDefender\cdmyidd.dll (Trojan.BHO) -> Quarantined and deleted successfully.C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.C:\WINDOWS\system32\ipv6sp.dll (Trojan.BHO) -> Quarantined and deleted successfully.C:\WINDOWS\system32\iehelper.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.C:\WINDOWS\system32\fgrrrgoe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\fnoxefcd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\oqqmjcek.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\ajwjfbbe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\avica.dll (Spyware.BZub) -> Delete on reboot.C:\WINDOWS\system32\bmecmq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\brahuudv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\cmopdz.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\dswxrrpx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\gacehj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\gqbppt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\isuoos.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\itoyulfo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\kcfkmvfb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\ltsnlhuu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\oaqhkrsy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\pivfwkhl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\rrrrkbno.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\rvpvqara.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\TDSScfub.dll (Trojan.TDSS) -> Quarantined and deleted successfully.C:\WINDOWS\system32\TDSSnrsr.dll (Trojan.TDSS) -> Quarantined and deleted successfully.C:\WINDOWS\system32\TDSSoeqh.dll (Trojan.TDSS) -> Quarantined and deleted successfully.C:\WINDOWS\system32\TDSSriqp.dll (Trojan.TDSS) -> Quarantined and deleted successfully.C:\WINDOWS\system32\rcuguuib.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\ucukblls.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\uhfgdxsp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\iapcigym.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\uukwoo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\uxldcoud.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\juwuwlft.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\moyxvb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\wikyvfro.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\WinCtrl32.dl_ (Trojan.Downloader) -> Quarantined and deleted successfully.C:\WINDOWS\system32\xdkcnehl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\xvbgualt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\zxqhpt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\crypt3.dll (Spyware.BZub) -> Quarantined and deleted successfully.C:\WINDOWS\system32\yemfpwvm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\kxkhhh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\lkybsbto.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\tpxooqub.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\mcbolojw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\drivers\TDSSmaxt.sys (Trojan.TDSS) -> Quarantined and deleted successfully.C:\WINDOWS\system32\drivers\Winvc05.sys (Rootkit.Agent) -> Delete on reboot.C:\beX.exe (Trojan.Downloader) -> Quarantined and deleted successfully.C:\dhxbxshe.exe (Backdoor.Frauder) -> Quarantined and deleted successfully.C:\qvwi.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\shvmjqoq.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\uspud.exe (Trojan.Downloader) -> Quarantined and deleted successfully.C:\RECYCLER\S-1-5-21-436374069-1364589140-1801674531-1003\Dc3.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\13.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\14.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\16.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\17.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\18.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\19.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\1B.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\1E.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\1F.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\tsjmcmbq.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\uktkwbyp.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\whshpbxw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\vknkbatr.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\vwtskrrl.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\w32NOFJCyliz5mm5R.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\20.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\50.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\7.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\A.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\B.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\F.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\nlarqlpp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\phrxdswg.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\8.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\9.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\wmwhoinh.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F1A11735.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F1B121D.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F1D452.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F1DD2F2.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F25C01.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F2DCC9.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\skovhcvn.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F6AED0.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F6C278.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F72400.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F149D5.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F30418.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F44514.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\poargciw.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\qjmqxunc.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\qragvkli.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\qthkeiyd.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\qxbwkmer.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00FE43C19.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00FEAC87E.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00FEC4E24.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00FF46F3.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\5B.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\6.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F34BC0.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F352B5.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F35BF85.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F37E0B.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F427E7.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\tkksjbkp.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\xgvaijsh.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\xlpxaduv.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\xmebeova.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\xrfqhepi.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\xwfwsuos.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\yrywryej.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\yxyqtjex.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\yyemkxuw.exe (Trojan.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\C.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\gvtnyghd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F450FB.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F4853A.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F4E4923.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F4F3E2.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F55EA2.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F5BAAC.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\22.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\23.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\24.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\27.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\2D.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\2F.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\3.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\338.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F84A46B.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F880D1.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00F99D3E.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00FBC945.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\_A00FBCB97.exe (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\Temp\BN2.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.C:\WINDOWS\Temp\BN3.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\rs.dat (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log\2009 Feb 05 - 02_02_31 PM_200.log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log\2009 Feb 05 - 04_02_41 PM_513.log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log\2009 Feb 05 - 05_26_15 PM_342.log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log\2009 Feb 05 - 07_37_19 PM_046.log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log\2009 Feb 05 - 07_43_56 PM_889.log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log\2009 Feb 05 - 11_21_31 AM_651.log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log\2009 Feb 09 - 02_13_41 PM_061.log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log\2009 Feb 09 - 05_13_24 PM_357.log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log\2009 Feb 10 - 03_11_45 PM_015.log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log\2009 Feb 10 - 09_07_09 AM_686.log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log\2009 Feb 10 - 09_48_56 AM_983.log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log\2009 Feb 10 - 10_23_04 AM_076.log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log\2009 Feb 10 - 11_16_38 AM_545.log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Log\2009 Feb 10 - 12_35_53 PM_514.log (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Application Data\MalwareBot\Settings\ScanResults.pie (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\WINDOWS\Tasks\MalwareBot Scheduled Scan.job (Rogue.MalwareBot) -> Quarantined and deleted successfully.C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.C:\WINDOWS\uciqamalanunevif.dll (Trojan.Agent) -> Delete on reboot.C:\autorun.inf (Trojan.Agent) -> Quarantined and deleted successfully.C:\RECYCLER\S-1-8-30-100002726-100015695-100032054-4230.com (Trojan.Agent) -> Quarantined and deleted successfully.C:\RECYCLER\S-6-6-79-100023757-100003572-100027689-8619.com (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\drivers\gaopdxserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\bb1.dat (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\ps1.dat (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\rc.dat (Trojan.Agent) -> Quarantined and deleted successfully.C:\ktpcd.exe (Trojan.Agent) -> Quarantined and deleted successfully.C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\__c009CFE2.dat (Trojan.Vundo) -> Delete on reboot.C:\WINDOWS\system32\__c002411A.dat (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\__c002ADA4.dat (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\__c0076D4.dat (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\__c00867BF.dat (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\__c00A97DB.dat (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\__c00D9C03.dat (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\__c00E3787.dat (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\__c00F9F10.dat (Trojan.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\cs.dat (Malware.Trace) -> Quarantined and deleted successfully.C:\WINDOWS\system32\nnnkLcAr.dll (Backdoor.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\qoMCrpOF.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\geBtUlMe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\opnmMEwt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\nnnopNGY.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\pmnlkLdb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\ljJYPJab.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\wvUoOfGx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.C:\WINDOWS\system32\baloon.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.C:\WINDOWS\system32\cfrog.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\TDSS73d3.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.C:\WINDOWS\Temp\tempo-1858406.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.C:\WINDOWS\Temp\tempo-1866609.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.C:\WINDOWS\Temp\tempo-3733953.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.C:\WINDOWS\Temp\tempo-3768312.tmp (Trojan.DNSChanger) -> Quarantined and deleted successfully.C:\WINDOWS\system32\TDSSfpmp.dll (Rootkit.Agent) -> Quarantined and deleted successfully.C:\WINDOWS\system32\TDSStkdv.log (Trojan.TDSS) -> Quarantined and deleted successfully. Quote Link to post Share on other sites
therock247uk Posted February 16, 2009 Report Share Posted February 16, 2009 Please download ATF Cleaner by Atribune.Double-click ATF-Cleaner.exe to run the program.Under Main choose: Select AllClick the Empty Selected button.If you use Firefox browserClick Firefox at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browserClick Opera at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.Go to Kaspersky website and perform an online antivirus scan.Read through the requirements and privacy statement and click on Accept button.It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.When the downloads have finished, click on Settings.Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programsArchivesMail databases[*]Click on My Computer under Scan.[*]Once the scan is complete, it will display the results. Click on View Scan Report.[*]You will see a list of infected items there. Click on Save Report As....[*]Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Quote Link to post Share on other sites
lashaun84 Posted February 17, 2009 Author Report Share Posted February 17, 2009 --------------------------------------------------------------------------------KASPERSKY ONLINE SCANNER 7 REPORT Monday, February 16, 2009 Operating System: Microsoft Windows XP Home Edition (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Monday, February 16, 2009 21:45:28 Records in database: 1804985--------------------------------------------------------------------------------Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yesScan area - My Computer: A:\ C:\ D:\Scan statistics: Files scanned: 37986 Threat name: 30 Infected objects: 223 Suspicious objects: 1 Duration of the scan: 01:56:18File name / Threat name / Threats countwinlogon.exe\dpnlobby32.dll/winlogon.exe\dpnlobby32.dll Infected: Trojan.Win32.Agent.bkpf 1C:\WINDOWS\System32\dpnlobby32.dll/C:\WINDOWS\System32\dpnlobby32.dll Infected: P2P-Worm.Win32.Nugg.af 22C:\WINDOWS\system32\zdnvjq.dll/C:\WINDOWS\system32\zdnvjq.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.izl 7C:\WINDOWS\system32\rukcng.dll/C:\WINDOWS\system32\rukcng.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.jmn 7services.exe\dpnlobby32.dll/services.exe\dpnlobby32.dll Infected: Trojan.Win32.Agent.bkpf 1C:\WINDOWS\System32\__c00B9C2.dat/C:\WINDOWS\System32\__c00B9C2.dat Infected: Backdoor.Win32.Agent.aawp 13lsass.exe\dpnlobby32.dll/lsass.exe\dpnlobby32.dll Infected: Trojan.Win32.Agent.bkpf 1svchost.exe\dpnlobby32.dll/svchost.exe\dpnlobby32.dll Infected: Trojan.Win32.Agent.bkpf 4C:\WINDOWS\System32\zdnvjq.dll/C:\WINDOWS\System32\zdnvjq.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.izl 16C:\WINDOWS\System32\rukcng.dll/C:\WINDOWS\System32\rukcng.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.jmn 16spoolsv.exe\dpnlobby32.dll/spoolsv.exe\dpnlobby32.dll Infected: Trojan.Win32.Agent.bkpf 1jqs.exe\dpnlobby32.dll/jqs.exe\dpnlobby32.dll Infected: Trojan.Win32.Agent.bkpf 1wdfmgr.exe\dpnlobby32.dll/wdfmgr.exe\dpnlobby32.dll Infected: Trojan.Win32.Agent.bkpf 1explorer.exe\dpnlobby32.dll/explorer.exe\dpnlobby32.dll Infected: Trojan.Win32.Agent.bkpf 1jusched.exe\dpnlobby32.dll/jusched.exe\dpnlobby32.dll Infected: Trojan.Win32.Agent.bkpf 1realsched.exe\dpnlobby32.dll/realsched.exe\dpnlobby32.dll Infected: Trojan.Win32.Agent.bkpf 1issch.exe\dpnlobby32.dll/issch.exe\dpnlobby32.dll Infected: Trojan.Win32.Agent.bkpf 1ctfmon.exe\dpnlobby32.dll/ctfmon.exe\dpnlobby32.dll Infected: Trojan.Win32.Agent.bkpf 1firefox.exe\dpnlobby32.dll/firefox.exe\dpnlobby32.dll Infected: Trojan.Win32.Agent.bkpf 1C:\!FixIEDef\1.tmp Infected: Trojan.Win32.Agent2.abb 1C:\!FixIEDef\__c0013A16.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0019544.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00210E4.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0023CC6.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0025964.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c002A68A.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c002F1E4.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0034F69.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0042D21.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0044C2B.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c004AF7B.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c004C291.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0051F8F.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0052589.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c005670D.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0058519.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0059AEE.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c005E189.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0061FB5.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0065744.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0068A40.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c006961B.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c006FE92.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c007592E.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c007D907.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0086EC0.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c008D81A.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c008E442.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00912FE.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0094E24.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c0096412.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c009AF9A.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c009CFE2.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c009E490.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c009EE1C.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00A024E.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00A481B.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00A4916.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00A5BC1.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00A6853.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00AA101.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00AA59C.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00B4731.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00B7984.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00BB0C4.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00BBF55.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00BE2B5.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00C3440.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00C4CC1.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00C7EFE.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00C9254.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00CA6E4.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00D7B79.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00DB189.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00DB1B2.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00DF600.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00E6129.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00E65D1.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00E8841.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00EA9A1.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00F38C4.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00F3964.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00F4BC0.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00F6B82.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00F7A7A.dat Infected: Backdoor.Win32.Agent.aawp 1C:\!FixIEDef\__c00FF2EC.dat Infected: Backdoor.Win32.Agent.aawp 1C:\Documents and Settings\All Users\Application Data\1447988137\1331176861.exe Infected: Trojan.Win32.Agent.bkws 1C:\Documents and Settings\Owner\Desktop\Incomplete\Preview-T-3515163-busted ron isley.wma Infected: Trojan-Downloader.WMA.Wimad.n 1C:\Documents and Settings\Owner\Desktop\Incomplete\Preview-T-3545427-drama - not today.mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1C:\Documents and Settings\Owner\Desktop\Incomplete\Preview-T-5745425-i love you musiq.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1C:\Documents and Settings\Owner\Desktop\Incomplete\T-5745425-i love you musiq.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1C:\Documents and Settings\Owner\Desktop\MUSIC\yesterday dorinda clark cole.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1C:\Documents and Settings\Owner\Local Settings\Temp\qaafAtHj.exe Infected: Packed.Win32.Krap.j 1C:\Documents and Settings\Owner\Local Settings\Temp\Rbqlljsg.exe Infected: Trojan-Downloader.Win32.FraudLoad.dcn 1C:\Documents and Settings\Owner\Local Settings\Temp\rMsUoOvu.exe Infected: Trojan.Win32.Inject.ott 1C:\Documents and Settings\Owner\Local Settings\Temp\rpwByoTs.exe Infected: Trojan-Downloader.Win32.FraudLoad.dar 1C:\Documents and Settings\Owner\Local Settings\Temp\TDSS777.tmp Infected: Packed.Win32.Tdss.a 1C:\Documents and Settings\Owner\Local Settings\Temp\TDSS9e8.tmp Suspicious: Trojan.Win32.Patched.dy 1C:\Documents and Settings\Owner\Local Settings\Temp\TeuDbAVS.exe Infected: Trojan-Downloader.Win32.Agent.bfut 1C:\Documents and Settings\Owner\Local Settings\Temp\TgWNhCKv.exe Infected: Trojan-Downloader.Win32.Agent.bgoh 1C:\Documents and Settings\Owner\Local Settings\Temp\tJPGmmFV.exe Infected: Rootkit.Win32.TDSS.eyj 1C:\Documents and Settings\Owner\Local Settings\Temp\tmp45C.tmp Infected: Rootkit.Win32.TDSS.eyj 1C:\Documents and Settings\Owner\Local Settings\Temp\tmp50.tmp Infected: Rootkit.Win32.TDSS.eyj 1C:\Documents and Settings\Owner\Local Settings\Temp\tmpAC.tmp Infected: Rootkit.Win32.TDSS.eyj 1C:\Documents and Settings\Owner\Local Settings\Temp\towlorsb.exe Infected: Worm.Win32.AutoTDSS.bpj 1C:\Documents and Settings\Owner\Local Settings\Temp\uiucdugC.exe Infected: Trojan-Downloader.Win32.Agent.bgoh 1C:\Documents and Settings\Owner\Local Settings\Temp\uXLdLGVr.exe Infected: Packed.Win32.Krap.j 1C:\Documents and Settings\Owner\Local Settings\Temp\viDqrvHW.exe Infected: Packed.Win32.Krap.j 1C:\Documents and Settings\Owner\Local Settings\Temp\WiivGWch.exe Infected: Packed.Win32.Krap.j 1C:\Documents and Settings\Owner\Local Settings\Temp\winiguard.exe Infected: not-a-virus:FraudTool.Win32.SpyVampire.h 1C:\Documents and Settings\Owner\Local Settings\Temp\WqgnSSFM.exe Infected: Packed.Win32.Krap.j 1C:\Documents and Settings\Owner\Local Settings\Temp\wxUlNgTk.exe Infected: Trojan.Win32.Agent.bntk 1C:\Documents and Settings\Owner\Local Settings\Temp\XafEmLbp.exe Infected: Trojan-Downloader.Win32.Agent.bgoh 1C:\Documents and Settings\Owner\Local Settings\Temp\XkpGthFn.exe Infected: Trojan-Downloader.Win32.FraudLoad.dcm 1C:\Documents and Settings\Owner\Local Settings\Temp\xWSkHbjW.exe Infected: Trojan-Downloader.Win32.FraudLoad.dar 1C:\Documents and Settings\Owner\Local Settings\Temp\YFIDhgpp.exe Infected: Trojan.Win32.Inject.ott 1C:\Documents and Settings\Owner\Local Settings\Temp\yhRBGxyE.exe Infected: Packed.Win32.Krap.j 1C:\Documents and Settings\Owner\Local Settings\Temp\_A00F28F94.exe Infected: Backdoor.Win32.Agent.aawp 1C:\Program Files\Common Files\aolback\Comps\toolbar\toolbr.exe Infected: not-a-virus:AdWare.Win32.SearchIt.t 1C:\WINDOWS\system32\dpnlobby32.dll Infected: P2P-Worm.Win32.Nugg.af 1C:\WINDOWS\system32\GroupPolicyManifest\39.music.mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1C:\WINDOWS\system32\GroupPolicyManifest\41.crack.zip Infected: P2P-Worm.Win32.Nugg.w 3C:\WINDOWS\system32\GroupPolicyManifest\42.keymaker.zip Infected: P2P-Worm.Win32.Nugg.w 2C:\WINDOWS\system32\GroupPolicyManifest\43.setup.zip Infected: P2P-Worm.Win32.Nugg.w 2C:\WINDOWS\system32\GroupPolicyManifest\44.unpack.zip Infected: P2P-Worm.Win32.Nugg.w 1C:\WINDOWS\system32\GroupPolicyManifest\45.keygen.zip Infected: P2P-Worm.Win32.Nugg.w 2C:\WINDOWS\system32\GroupPolicyManifest\46.serial.zip Infected: P2P-Worm.Win32.Nugg.w 2C:\WINDOWS\system32\GroupPolicyManifest\47.music.snd Infected: Trojan-Downloader.WMA.GetCodec.s 1C:\WINDOWS\system32\kjepncko.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.izl 1C:\WINDOWS\system32\ndqnvhgv.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.jep 1C:\WINDOWS\system32\qigkdfeq.dll Infected: Trojan.Win32.Monder.avau 1C:\WINDOWS\system32\rasha.exe Infected: Trojan.Win32.Agent2.bhm 1C:\WINDOWS\system32\rukcng.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.jmn 1C:\WINDOWS\system32\sjiznr.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.jep 1C:\WINDOWS\system32\tqtraqcu.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.jmn 1C:\WINDOWS\system32\wkzrha.dll Infected: Trojan.Win32.Monder.avau 1C:\WINDOWS\system32\zdnvjq.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.izl 1C:\WINDOWS\system32\__c00B9C2.dat Infected: Backdoor.Win32.Agent.aawp 1C:\WINDOWS\Temp\tempo-24481125.tmp Infected: Rootkit.Win32.TDSS.eyj 1C:\WINDOWS\Temp\tempo-24486062.tmp Infected: Rootkit.Win32.TDSS.eyj 1The selected area was scanned. Quote Link to post Share on other sites
therock247uk Posted February 17, 2009 Report Share Posted February 17, 2009 Ok post me a fresh Hijackthis log and we will go from there. Quote Link to post Share on other sites
lashaun84 Posted February 17, 2009 Author Report Share Posted February 17, 2009 Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:39:45 AM, on 17/02/2009Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\System32\wdfmgr.exeC:\WINDOWS\Explorer.EXEC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\QuickTime\qttask.exeC:\WINDOWS\System32\hkcmd.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\D-Link\AirPlus G\AirGCFG.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exeC:\WINDOWS\System32\ctfmon.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exeC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\WINDOWS\System32\wbem\wmiprvse.exeR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://adserving.cpxinteractive.com/iframe...a4-000b6aa2a5f8R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet ExplorerR3 - URLSearchHook: (no name) - ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)O1 - Hosts: 195.245.119.131 browser-security.microsoft.comO2 - BHO: (no name) - {DCFBA5E4-23ED-49F9-A5C2-99607670DA51} - C:\WINDOWS\System32\avica.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exeO4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exeO4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startupO4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exeO4 - HKLM\..\Run: [1331176861] "C:\Documents and Settings\All Users\Application Data\1447988137\1331176861.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [A00F2EE4C2.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F2EE4C2.exeO4 - HKCU\..\Run: [A00F3803D8.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F3803D8.exeO4 - HKCU\..\Run: [RegTool] C:\Program Files\RegTool\RegTool.exe -bootO4 - HKCU\..\Run: [A00F978B69.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F978B69.exeO4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /SO4 - HKCU\..\Run: [A00F5316C0.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F5316C0.exeO4 - HKCU\..\Run: [A00F5425CF.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F5425CF.exeO4 - HKCU\..\Run: [MalwareBot] C:\Program Files\MalwareBot\MalwareBot.exe -bootO4 - HKCU\..\Run: [A00F1B2344.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F1B2344.exeO4 - HKCU\..\Run: [A00F142019.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F142019.exeO4 - HKCU\..\Run: [A00F151F3A.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F151F3A.exeO4 - HKCU\..\Run: [A00F133617.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F133617.exeO4 - HKCU\..\Run: [A00F180366.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F180366.exeO4 - HKCU\..\Run: [A00F18E4CD.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F18E4CD.exeO4 - HKCU\..\Run: [A00F49BD03.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F49BD03.exeO4 - HKCU\..\Run: [A00F1849C6.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F1849C6.exeO4 - HKCU\..\Run: [kee7alkt69cynm2wjrmu2626xfqtne50kr6rxzouq1] C:\DOCUME~1\Owner\LOCALS~1\Temp\jf64yo.exeO4 - HKCU\..\Run: [nugzld42x9qoi8kpfum4381] C:\DOCUME~1\Owner\LOCALS~1\Temp\g9eerxve4pbc.exeO4 - HKCU\..\Run: [okqy201os5gkvdw1h1ncisss9zxameriwu4ezytzss797s8vo] C:\DOCUME~1\Owner\LOCALS~1\Temp\s8w4afb.exeO4 - HKCU\..\Run: [qkpcj6rnx0knqt] C:\DOCUME~1\Owner\LOCALS~1\Temp\th3su0fz5p.exeO4 - HKCU\..\Run: [y51qp1vkmded7] C:\DOCUME~1\Owner\LOCALS~1\Temp\ujq0wl.exeO4 - HKCU\..\Run: [qya5rk3lycw710xg1zu7iunr3u4m2z3wxd64pexvl39tw1] C:\DOCUME~1\Owner\LOCALS~1\Temp\yda29ynt6c8qt.exeO4 - HKCU\..\Run: [apk79qiimvlevvykm6lkc34l45s1l6ssblncoy284oqby059os] C:\DOCUME~1\Owner\LOCALS~1\Temp\jnq9gh.exeO4 - HKCU\..\Run: [aofcwlmky9v9ptpdyqwe5h9rq23snuka4kg34scyyg1ng] C:\DOCUME~1\Owner\LOCALS~1\Temp\sbmqb4au.exeO4 - HKCU\..\Run: [vkhi2mrlevn6ge72xhb30v8ifm8nmf2s] C:\DOCUME~1\Owner\LOCALS~1\Temp\jtq087fztx24.exeO4 - HKCU\..\Run: [A00F2B3F59.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F2B3F59.exeO4 - HKCU\..\Run: [A00F25133.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F25133.exeO4 - HKCU\..\Run: [A00F395B9.exe] C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F395B9.exeO8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTMLO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dllO12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} (CPlayFirstChocolatieControl Object) - http://zone.msn.com/bingame/choc/default/C...eb.1.0.0.15.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1213917412731O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1213962550419O16 - DPF: {E9B80D94-D8BC-43DE-9138-75605A8D9666} (CPlayFirstWeddingDasControl Object) - http://zone.msn.com/bingame/wedd/default/W...sh.1.0.0.50.cabO20 - AppInit_DLLs: C:\WINDOWS\System32\dpnlobby32.dll,C:\WINDOWS\System32\dpnlobby32.dll sdfqxl.dll cnpvkf.dll xhedsz.dll zdnvjq.dll viorxs.dll rukcng.dllO20 - Winlogon Notify: ccf776a2517 - C:\WINDOWS\System32\dpnlobby32.dllO20 - Winlogon Notify: __c002917C - C:\WINDOWS\System32\__c002917C.datO23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe--End of file - 8203 bytes Quote Link to post Share on other sites
therock247uk Posted February 17, 2009 Report Share Posted February 17, 2009 Download ComboFix from one of these locations:Link 1Link 2* IMPORTANT !!! Save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our toolsDouble click on ComboFix.exe & follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:Click on Yes, to continue scanning for malware.When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply. Quote Link to post Share on other sites
lashaun84 Posted February 17, 2009 Author Report Share Posted February 17, 2009 ComboFix 09-02-15.01 - Owner 2009-02-17 11:22:04.1 - NTFSx86Microsoft Windows XP Home Edition 5.1.2600.0.1252.1.1033.18.254.72 [GMT -5:00]Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe * Created a new restore point.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\GnuHashes.inic:\windows\IE4 Error Log.txtc:\windows\system32\__c0021000.datc:\windows\system32\__c002917C.datc:\windows\system32\__c0044400.datc:\windows\system32\__c008D31A.datc:\windows\system32\akc:\windows\system32\cookie1.datc:\windows\system32\dpnlobby32.dllc:\windows\system32\GroupPolicy000.datc:\windows\system32\GroupPolicyManifestc:\windows\system32\GroupPolicyManifest\39.music.mp3c:\windows\system32\GroupPolicyManifest\39.music.mp3.kwdc:\windows\system32\GroupPolicyManifest\41.crack.zipc:\windows\system32\GroupPolicyManifest\41.crack.zip.kwdc:\windows\system32\GroupPolicyManifest\42.keymaker.zipc:\windows\system32\GroupPolicyManifest\42.keymaker.zip.kwdc:\windows\system32\GroupPolicyManifest\43.setup.zipc:\windows\system32\GroupPolicyManifest\43.setup.zip.kwdc:\windows\system32\GroupPolicyManifest\44.unpack.zipc:\windows\system32\GroupPolicyManifest\44.unpack.zip.kwdc:\windows\system32\GroupPolicyManifest\45.keygen.zipc:\windows\system32\GroupPolicyManifest\45.keygen.zip.kwdc:\windows\system32\GroupPolicyManifest\46.serial.zipc:\windows\system32\GroupPolicyManifest\46.serial.zip.kwdc:\windows\system32\GroupPolicyManifest\47.music.sndc:\windows\system32\GroupPolicyManifest\47.music.snd.kwdc:\windows\system32\kjepncko.dllc:\windows\system32\ndqnvhgv.dllc:\windows\system32\qigkdfeq.dllc:\windows\system32\rukcng.dllc:\windows\system32\sjiznr.dllc:\windows\system32\tb.drc:\windows\system32\TDSSosvd.datc:\windows\system32\tqtraqcu.dllc:\windows\system32\wkzrha.dllc:\windows\system32\zdnvjq.dllc:\windows\update.exeC:\xcrashdump.datc:\windows\system32\avica.dll . . . . failed to delete.((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Legacy_TDSSSERV.SYS-------\Service_TDSSserv.sys((((((((((((((((((((((((( Files Created from 2009-01-17 to 2009-02-17 ))))))))))))))))))))))))))))))).2009-02-17 08:39 . 2009-02-17 08:39 <DIR> d-------- c:\program files\Trend Micro2009-02-15 18:27 . 2009-02-15 18:27 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware2009-02-15 18:27 . 2009-02-15 18:27 <DIR> d-------- c:\documents and settings\Owner\Application Data\Malwarebytes2009-02-15 18:27 . 2009-02-15 18:27 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes2009-02-15 18:27 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys2009-02-15 18:27 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys2009-02-15 17:51 . 2009-02-15 17:51 <DIR> d-------- c:\documents and settings\Administrator.DEEANDSHAUN2009-02-15 09:10 . 2009-02-15 09:10 1,583,467 ---hs---- c:\windows\system32\sxjyuonm.ini2009-02-11 13:24 . 2009-02-11 13:24 <DIR> d-------- c:\windows\ERUNT2009-02-11 13:24 . 2009-02-11 13:24 <DIR> d-------- C:\ERDNT2009-02-11 13:16 . 2009-02-11 15:26 <DIR> d-------- C:\!FixIEDef2009-02-10 11:29 . 2009-02-10 11:29 <DIR> d-------- c:\documents and settings\All Users\Application Data\ESET2009-02-08 19:07 . 2009-02-08 19:07 39,936 --a------ C:\rnqcp.exe2009-02-08 19:07 . 2009-02-08 19:08 2 --a------ C:\-8561974702009-02-06 10:35 . 2005-08-27 03:38 1,435,272 --a------ c:\windows\system32\Flash8.ocx2009-02-06 10:35 . 2002-03-04 13:27 1,140,472 --a------ c:\windows\system32\IGUltraGrid20.ocx2009-02-06 10:35 . 2003-11-19 14:59 512,688 --a------ c:\windows\system32\XceedCry.dll2009-02-06 10:35 . 2004-03-09 00:00 131,856 --a------ c:\windows\system32\MSADODC.ocx2009-02-06 10:35 . 1999-01-26 20:36 11,012 --a------ c:\windows\system32\threadapi.tlb2009-02-05 19:30 . 2009-02-05 19:53 <DIR> d-------- c:\windows\Internet Logs2009-02-05 19:28 . 2009-02-09 08:47 <DIR> d-------- c:\windows\system32\ZoneLabs2009-02-05 19:28 . 2009-02-05 19:28 <DIR> d-------- c:\program files\Zone Labs2009-02-05 09:33 . 2009-02-05 09:33 18,060 --a------ c:\windows\system32\data013F.pk22009-02-05 09:32 . 2009-02-05 09:32 18,148 --a------ c:\windows\system32\data011B.pkd2009-02-05 09:26 . 2009-02-05 11:14 7,680 --a------ c:\windows\system32\rasha.exe2009-02-03 16:40 . 2009-02-05 11:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy2009-02-03 09:56 . 2009-02-03 09:56 120 ---hs---- c:\windows\system32\yaceoerc.ini2009-02-02 09:09 . 2009-02-02 09:09 1,464,591 ---hs---- c:\windows\system32\wsnpgnil.ini2009-01-30 08:53 . 2009-01-31 09:08 1,519,799 ---hs---- c:\windows\system32\vehykqla.ini2009-01-29 08:53 . 2009-01-29 08:53 1,519,356 ---hs---- c:\windows\system32\kwqdiddg.ini2009-01-27 23:04 . 2009-01-29 08:50 1,519,356 ---hs---- c:\windows\system32\apswymby.ini2009-01-27 12:38 . 2009-01-27 12:38 <DIR> d-------- c:\program files\ParetoLogic2009-01-27 12:38 . 2009-01-27 12:38 <DIR> d-------- c:\program files\Common Files\ParetoLogic2009-01-27 12:38 . 2009-01-27 12:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\ParetoLogic2009-01-27 12:38 . 2009-01-27 12:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\DriverCure2009-01-27 12:36 . 2009-01-27 12:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\Downloaded Installations2009-01-27 12:10 . 2009-01-27 12:10 <DIR> d-------- c:\documents and settings\Owner\Application Data\Uniblue2009-01-27 11:32 . 2009-01-27 11:32 <DIR> d-------- c:\documents and settings\Dee\Application Data\PC Tools2009-01-27 10:46 . 2009-01-27 10:46 <DIR> d-------- c:\documents and settings\Administrator2009-01-26 14:07 . 2009-01-26 14:07 <DIR> d-------- c:\documents and settings\Owner\Application Data\MSN62009-01-26 14:07 . 2009-01-26 14:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\MSN62009-01-26 11:04 . 2009-01-26 11:04 <DIR> d-------- c:\documents and settings\Owner\Application Data\RegTool2009-01-25 18:04 . 2009-01-25 18:04 <DIR> d-------- c:\program files\Common Files\PC Tools2009-01-25 11:21 . 2009-01-25 18:24 <DIR> d-------- c:\documents and settings\All Users\Application Data\14479881372009-01-25 11:03 . 2009-01-25 11:03 45 --a------ c:\windows\system32\RPVersion.ini2009-01-25 11:00 . 2009-01-25 11:00 410,984 --a------ c:\windows\system32\deploytk.dll2009-01-23 17:18 . 2001-08-18 07:00 96,768 --a------ c:\windows\system32\avica.dll2009-01-22 11:59 . 2009-01-29 10:14 54,156 --ah----- c:\windows\QTFont.qfn2009-01-22 11:59 . 2009-01-22 11:59 1,409 --a------ c:\windows\QTFont.for2009-01-20 18:51 . 2009-01-20 18:51 <DIR> d-------- c:\documents and settings\Owner\.realobjects.(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-02-11 00:49 --------- d-----w c:\program files\Morpheus2009-02-10 15:32 --------- d-----w c:\documents and settings\Owner\Application Data\LimeWire2009-02-06 00:33 30,208 ----a-w c:\windows\Internet Logs\xDB4.tmp2009-02-06 00:33 12,288 ----a-w c:\windows\Internet Logs\xDB5.tmp2009-02-06 00:30 29,184 ----a-w c:\windows\Internet Logs\xDB2.tmp2009-02-06 00:30 12,800 ----a-w c:\windows\Internet Logs\xDB3.tmp2009-02-05 14:33 13,457 ----a-w c:\windows\system32\0121mixed.bin2009-02-05 14:33 12,901 ----a-w c:\windows\system32\297backup.bin2009-02-05 14:32 6,291 ----a-w c:\windows\system32\10b.zip2009-02-05 14:32 5,287 ----a-w c:\windows\system32\139backup.bin2009-02-05 14:32 4,797 ----a-w c:\windows\system32\user275.zip2009-02-05 14:32 4,240 ----a-w c:\windows\system32\cookies284.zip2009-02-05 14:32 3,793 ----a-w c:\windows\system32\147base.bin2009-02-05 14:32 3,237 ----a-w c:\windows\system32\data009C.bin2009-02-05 14:32 12,542 ----a-w c:\windows\system32\uninstall7d.zip2009-02-05 14:32 11,985 ----a-w c:\windows\system32\0085.zip2009-02-05 14:32 10,491 ----a-w c:\windows\system32\images142.zip2009-01-27 17:41 --------- d-----w c:\program files\DivX2009-01-27 16:32 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP2009-01-25 17:40 --------- d-----w c:\documents and settings\All Users\Application Data\Zylom2009-01-25 15:59 --------- d-----w c:\program files\Java2009-01-22 15:10 --------- d-----w c:\program files\Yahoo! Games2009-01-14 20:32 --------- d-----w c:\documents and settings\Owner\Application Data\Move Networks2009-01-11 14:28 --------- d-----w c:\program files\Common Files\AOL2009-01-11 14:27 2,560 ----a-w c:\windows\_MSRSTRT.EXE2009-01-11 14:26 --------- d-----w c:\documents and settings\All Users\Application Data\AOL2009-01-11 14:25 --------- d-----w c:\documents and settings\Owner\Application Data\AOL2009-01-11 03:59 --------- d-----w c:\program files\eGames2009-01-11 03:58 --------- d-----w c:\program files\Shockwave.com2009-01-10 22:15 --------- d-----w c:\documents and settings\Owner\Application Data\Mind Control Software2009-01-07 23:08 --------- d-----w c:\documents and settings\All Users\Application Data\PopCap2009-01-06 00:54 --------- d--h--w c:\program files\InstallShield Installation Information2009-01-06 00:54 --------- d-----w c:\program files\ANI2009-01-06 00:54 --------- d-----w c:\documents and settings\All Users\Application Data\InstallShield2009-01-06 00:53 --------- d-----w c:\program files\D-Link2009-01-06 00:50 --------- d-----w c:\program files\Viva Media2009-01-06 00:42 --------- d-----w c:\program files\Common Files\InstallShield2009-01-04 23:04 --------- d-----w c:\program files\iXi Tools2008-12-29 21:29 --------- d-----w c:\documents and settings\All Users\Application Data\Sandlot Games2008-12-29 16:39 --------- d-----w c:\documents and settings\Owner\Application Data\Gaijin Ent2008-12-29 16:28 --------- d-----w c:\program files\Viva Media Best Buy.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DCFBA5E4-23ED-49F9-A5C2-99607670DA51}]2001-08-18 07:00 96768 --a------ c:\windows\System32\avica.dll[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="c:\windows\System32\ctfmon.exe" [2001-08-18 13312]"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2001-08-02 1077277][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"MMTray"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2006-01-19 110592]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-25 136600]"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-06-17 98304]"IgfxTray"="c:\windows\System32\igfxtray.exe" [2002-06-19 155648]"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2002-06-19 114688]"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-07-11 180269]"MimBoot"="c:\progra~1\MUSICM~1\MUSICM~1\mimboot.exe" [2006-01-19 11776]"D-Link AirPlus G"="c:\program files\D-Link\AirPlus G\AirGCFG.exe" [2007-04-14 1556480]"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 221184]"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]"1331176861"="c:\documents and settings\All Users\Application Data\1447988137\1331176861.exe" [2009-01-25 2096677]R0 krnchtju;krnchtju;c:\windows\system32\drivers\krnchtju.sys [2001-08-18 23424]--- Other Services/Drivers In Memory ---*NewlyCreated* - ALG*NewlyCreated* - IPNAT.Contents of the 'Scheduled Tasks' folder2009-02-16 c:\windows\Tasks\RegTool Scan.job- c:\program files\RegTool\RegTool.exe []2009-02-16 c:\windows\Tasks\RegTool Scan.job- c:\program files\RegTool [].- - - - ORPHANS REMOVED - - - -URLSearchHooks-~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)HKCU-Run-RegTool - c:\program files\RegTool\RegTool.exeHKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exeHKCU-Run-MalwareBot - c:\program files\MalwareBot\MalwareBot.exeNotify-ccf776a2517 - c:\windows\System32\dpnlobby32.dllNotify-__c002917C - c:\windows\System32\__c002917C.datSafeBoot-Winvc05.sys.------- Supplementary Scan -------.uStart Page = hxxp://www.google.commStart Page = about:blankmWindow Title = Microsoft Internet ExploreruInternet Connection Wizard,ShellNext = hxxp://adserving.cpxinteractive.com/iframe3?0j4EAPLyAwDp-AYASnkCAAIBAAAAAP8AAAD..wICAAJWxwQA.-IDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM3MzMzMzPA.zczMzMzM8D8BAAAAAAD8PwEAAAAAAPw.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA-Zc2EhmSoAR3CUCiFLJku-nURFVowed0ylzM3wAAAAA=,,http://www3.evilshare.com/accd7d46-5618-102b-a5a4-000b6aa2a5f8IE: &AOL Toolbar search - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTMLIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htmTrusted Zone: musicmatch.com\onlineDPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cabFF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\aw4dysyr.default\FF - plugin: c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\aw4dysyr.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npmnqmp071101000055.dllFF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-02-17 11:29:31Windows 5.1.2600 NTFSscanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... c:\windows\TEMP\Perflib_Perfdata_7c0.dat 16384 bytes**************************************************************************.--------------------- DLLs Loaded Under Running Processes ---------------------- - - - - - - > 'winlogon.exe'(652)c:\windows\system32\ODBC32.dll- - - - - - - > 'lsass.exe'(708)c:\windows\System32\dssenh.dll.------------------------ Other Running Processes ------------------------.c:\program files\Java\jre6\bin\jqs.exec:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEc:\windows\system32\wdfmgr.exec:\progra~1\MUSICM~1\MUSICM~1\MMDiag.exec:\program files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe.**************************************************************************.Completion time: 2009-02-17 11:37:09 - machine was rebootedComboFix-quarantined-files.txt 2009-02-17 16:35:35Pre-Run: 28,706,557,952 bytes freePost-Run: 28,953,227,264 bytes freeWinXP_EN_HOM_BF.EXE[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect244 --- E O F --- 2009-02-17 16:32:15 Quote Link to post Share on other sites
therock247uk Posted February 17, 2009 Report Share Posted February 17, 2009 NOTE: You will need to temporarily disable any programs you have running that will block attempts to edit the registry. As FixIEDef calls REGEDIT to delete registry keys added by Zlob, Trojan.Downloader.Delf, AntiSpyPro, and IE Defender.[*]Download FixIEDef.exe by ShadowPuterDude to the Desktop.Note: FixIEDef now supports Non-English Language Systems[*]Double-click FixIEDef.exe:[*]That will open the About FixIEDef screen. Click OK to continue:[*]Next, press the Scan! button:[*]FixIEDef needs to run as Administrator to perform correctly. This message simply confirms it was able to run with admin privileges. Click OK to continue:[*]Wait for the scan to finish. It shouldn't take very long:WARNING: FixIEDef will kill all copies of Internet Explorer and Explorer that are running, during removal of malicious files. The icons and Start Menu on your Desktop will not be visible while FixIEDef is removing malicious files. This is necessary to remove parts of the infection that would otherwise not be removed.[*]After the !!! All Finished !!! message is displayed, click Exit:[*]Post the FixIEDef log file, located on the Desktop.Note: process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool". It is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user. See: http://www.beyondlogic.org/consulting/proc...processutil.htmMirrors: Alternate official download locations for FixIEDef.exehttp://it-mate.co.uk/downloads/fixiedef/fixiedef.exehttp://hosts-file.net/download/fixiedef/fixiedef.exehttp://avant.it-mate.co.uk/?c=Download&f=Tools/FixIEDefhttp://archives.mysteryfcm.co.uk/?f=Securi...pyware/FixIEDef Quote Link to post Share on other sites
lashaun84 Posted February 17, 2009 Author Report Share Posted February 17, 2009 ********************************************************************************* ** FixIEDef Log ** Version 1.7.22.7430 ** *********************************************************************************Created at 14:50:11 on Tuesday, February 17, 2009Time Zone : (GMT-05:00) Eastern Time (US & Canada)Logged On User : OwnerOperating System : Microsoft Windows XP Home Edition OS Architecture : X86System Langauge : English (United States)Keyboard Layout : English (United States)Processor : X86 Intel® Celeron® CPU 1.80GHzSystem Drive : C:\Windows Directory : C:\WINDOWSSystem Directory : C:\WINDOWS\System32System Drive Type : FixedSystem Drive Status : READYSystem Drive Label : System Drive Size : 38.14 GBSystem Drive Free : 27.51 GBTotal Physical Memory: 254 MBFree Physical Memory : 102 MBTotal Page File : 254 MBFree Page File : 455 MBTotal Virtual Memory : 2048 MBFree Virtual Memory : 1976 MBBoot State : Normal boot--------------------------------------------------------------------------------!!! userinit.exe is Clean !!!--------------------------------------------------------------------------------!!! Files that have been deleted !!!No malicious files found--------------------------------------------------------------------------------!!! Directories that have been removed !!!No malicious directories to be removed--------------------------------------------------------------------------------!!! Registry entries that have been removed !!!No malicious Registry entries found================================================================================All Done ShadowPuterDudeSafe Surfing!!! Quote Link to post Share on other sites
therock247uk Posted February 17, 2009 Report Share Posted February 17, 2009 Ok last tool before we clean up leftovers.Before we begin, you should save these instructions in Notepad to your desktop, or print them, for easy reference. Much of our fix will be done in Safe mode, and you will be unable to access this thread at that time. If you have questions at any point, or are unsure of the instructions, feel free to post here and ask for clarification before proceeding.Download SDFix and save it to your Desktop.Double click SDFix.exe and it will extract the files to %systemdrive%(Drive that contains the Windows Directory, typically C:\SDFix)Please then reboot your computer in Safe Mode by doing the following :Restart your computerAfter hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;Instead of Windows loading as normal, the Advanced Options Menu should appear;Select the first option, to run Windows in Safe Mode, then press Enter.Choose your usual account. Open the extracted SDFix folder and double click RunThis.bat to start the script. Type Y to begin the cleanup process. It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot. Press any Key and it will restart the PC. When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons. Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt(Report.txt will also be copied to Clipboard ready for posting back on the forum). Finally paste the contents of the Report.txt back on the forum. Quote Link to post Share on other sites
lashaun84 Posted February 17, 2009 Author Report Share Posted February 17, 2009 SDFix: Version 1.240 Run by Administrator on Tue 02/17/2009 at 06:31 PMMicrosoft Windows XP [Version 5.1.2600]Running From: C:\SDFixChecking Services :Restoring Default Security ValuesRestoring Default Hosts FileRebootingChecking Files : Trojan Files Found:C:\-85619~1 - DeletedRemoving Temp FilesADS Check : Final Check :catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-02-17 18:43:06Windows 5.1.2600 NTFSscanning hidden processes ...scanning hidden services & system hive ...scanning hidden registry entries ...scanning hidden files ...scan completed successfullyhidden processes: 0hidden services: 0hidden files: 0Remaining Services :Authorized Application Key Export:[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]Remaining Files :File Backups: - C:\SDFix\backups\backups.zipFiles with Hidden Attributes :Mon 16 Jun 2008 5,237 A..H. --- "C:\TEMP\t4.bak"Tue 17 Jun 2008 8,941 A..H. --- "C:\TEMP\t4.bak1"Tue 17 Jun 2008 9,458 A..H. --- "C:\TEMP\t4.bak2"Sat 23 Aug 2008 6,464 A..H. --- "C:\TEMP\t4.bak3"Fri 11 Jul 2008 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"Sat 20 Dec 2008 7,478,208 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\351c39c58af1240d8e8a02f54010533a\BIT32.tmp"Fri 20 Jun 2008 8,723,064 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5addd6f775e0368f244f62c739d66dd4\BIT58.tmp"Fri 17 Oct 2008 7,281,784 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7ab777f7de3e6e633438f06ba30269aa\BIT46.tmp"Fri 2 May 2008 3,493,888 A..H. --- "C:\Documents and Settings\Owner\Application Data\U3\temp\Launchpad Removal.exe"Finished! Quote Link to post Share on other sites
therock247uk Posted February 19, 2009 Report Share Posted February 19, 2009 Please run the MGA Diagnostic Tool and post back the report it shall produce:Download MGADiag to your desktop.Double-click on MGADiag.exe to launch the programClick "Continue"Ensure that the "Windows" tab is selected (it should be by default).Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.Paste the MGA Diagnostic Report back here in your next reply. Quote Link to post Share on other sites
lashaun84 Posted February 19, 2009 Author Report Share Posted February 19, 2009 Diagnostic Report (1.9.0006.1):-----------------------------------------WGA Data-->Validation Status: GenuineValidation Code: 0Online Validation Code: N/ACached Validation Code: N/AWindows Product Key: *****-*****-GD6GR-K6DP3-4C8MTWindows Product Key Hash: s2kt66ZJWfV4nS1wFD5F9bxTSDw=Windows Product ID: 55277-OEM-2111907-00102Windows Product ID Type: 2Windows License Type: OEM SLPWindows OS version: 5.1.2600.2.00010300.0.0.homID: {0FFF7749-7242-4E18-8CDB-C60DDB3C7F5C}(1)Is Admin: YesTestCab: 0x0WGA Version: Registered, 1.7.69.2Signed By: MicrosoftProduct Name: N/AArchitecture: N/ABuild lab: N/ATTS Error: N/AValidation Diagnostic: 025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005Resolution Status: N/AWgaER Data-->ThreatID(s): N/AVersion: N/AWGA Notifications Data-->Cached Result: N/A, hr = 0x80070002File Exists: NoVersion: N/A, hr = 0x80070002WgaTray.exe Signed By: N/A, hr = 0x80070002WgaLogon.dll Signed By: N/A, hr = 0x80070002OGA Notifications Data-->Cached Result: N/A, hr = 0x80070002Version: N/A, hr = 0x80070002WGATray.exe Signed By: N/A, hr = 0x80070002OGAAddin.dll Signed By: N/A, hr = 0x80070002OGA Data-->Office Status: 100 GenuineMicrosoft Office Professional Edition 2003 - 100 GenuineOGA Version: N/A, 0x80070002Signed By: N/A, hr = 0x80070002Office Diagnostics: 025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005Browser Data-->Proxy settings: N/AUser Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exeDownload signed ActiveX controls: PromptDownload unsigned ActiveX controls: DisabledRun ActiveX controls and plug-ins: AllowedInitialize and script ActiveX controls not marked as safe: DisabledAllow scripting of Internet Explorer Webbrowser control: DisabledActive scripting: AllowedScript ActiveX controls marked as safe for scripting: AllowedFile Scan Data-->Other data-->Office Details: <GenuineResults><MachineData><UGUID>{0FFF7749-7242-4E18-8CDB-C60DDB3C7F5C}</UGUID><Version>1.9.0006.1</Version><OS>5.1.2600.2.00010300.0.0.hom</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-4C8MT</PKey><PID>55277-OEM-2111907-00102</PID><PIDType>2</PIDType><SID>S-1-5-21-436374069-1364589140-1801674531</SID><SYSTEM><Manufacturer>Dell Computer Corporation</Manufacturer><Model>Dimension 2300</Model></SYSTEM><BIOS><Manufacturer>Mitac Corp</Manufacturer><Version>A01</Version><SMBIOSVersion major="2" minor="3"/><Date>20020719******.******+***</Date><SLPBIOS>Dell System,Dell Computer,Dell System,Dell System</SLPBIOS></BIOS><HWID>1FFA394F0184204E</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData> <Software><Office><Result>100</Result><Products><Product GUID="{90110409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Professional Edition 2003</Name><Ver>11</Ver><Val>87057A632D39D00</Val><Hash>yQLfxRA/aKiOHU0buoxI8EpMa7Q=</Hash><Pid>73931-640-2604441-57595</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="11" Result="100"/><App Id="16" Version="11" Result="100"/><App Id="18" Version="11" Result="100"/><App Id="19" Version="11" Result="100"/><App Id="1A" Version="11" Result="100"/><App Id="1B" Version="11" Result="100"/><App Id="44" Version="11" Result="100"/></Applications></Office></Software></GenuineResults> Licensing Data-->N/AHWID Data-->N/AOEM Activation 1.0 Data-->BIOS string matches: yesMarker string from BIOS: 1E840:Dell Inc|1D270:Dell Inc|10B5B:Dell Inc|10B5B:Microsoft CorporationMarker string from OEMBIOS.DAT: Dell System,Dell Computer,Dell System,Dell SystemOEM Activation 2.0 Data-->N/A Quote Link to post Share on other sites
therock247uk Posted February 19, 2009 Report Share Posted February 19, 2009 Can you please download and install this update? http://www.microsoft.com/downloads/details...45-9E368D3CDB5A your system is very outdated id like to update it a bit before doing anything more. Quote Link to post Share on other sites
lashaun84 Posted February 19, 2009 Author Report Share Posted February 19, 2009 I've downloaded XP service pack 2, waiting on you! Quote Link to post Share on other sites
therock247uk Posted February 19, 2009 Report Share Posted February 19, 2009 Installed? Quote Link to post Share on other sites
lashaun84 Posted February 19, 2009 Author Report Share Posted February 19, 2009 yes, restarted computer ready for the next step Quote Link to post Share on other sites
therock247uk Posted February 19, 2009 Report Share Posted February 19, 2009 Lets see a fresh Hijackthis log. Quote Link to post Share on other sites
lashaun84 Posted February 19, 2009 Author Report Share Posted February 19, 2009 Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:35:03 PM, on 19/02/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\wscntfy.exeC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\QuickTime\qttask.exeC:\WINDOWS\System32\hkcmd.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\D-Link\AirPlus G\AirGCFG.exeC:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://adserving.cpxinteractive.com/iframe...a4-000b6aa2a5f8O2 - BHO: (no name) - {DCFBA5E4-23ED-49F9-A5C2-99607670DA51} - C:\WINDOWS\System32\avica.dllO4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exeO4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exeO4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startupO4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exeO4 - HKLM\..\Run: [1331176861] "C:\Documents and Settings\All Users\Application Data\1447988137\1331176861.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTMLO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} (CPlayFirstChocolatieControl Object) - http://zone.msn.com/bingame/choc/default/C...eb.1.0.0.15.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1213917412731O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1213962550419O16 - DPF: {E9B80D94-D8BC-43DE-9138-75605A8D9666} (CPlayFirstWeddingDasControl Object) - http://zone.msn.com/bingame/wedd/default/W...sh.1.0.0.50.cabO23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe--End of file - 5293 bytes Quote Link to post Share on other sites
therock247uk Posted February 20, 2009 Report Share Posted February 20, 2009 1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Open notepad and copy/paste the text in the quotebox below into it:Driver::krnchtjuKillAll::File::c:\windows\system32\drivers\krnchtju.sysc:\windows\system32\sxjyuonm.iniC:\rnqcp.exeC:\-856197470c:\windows\system32\yaceoerc.inic:\windows\system32\wsnpgnil.inic:\windows\system32\vehykqla.inic:\windows\system32\kwqdiddg.inic:\windows\system32\apswymby.inic:\windows\system32\avica.dllc:\windows\system32\0121mixed.binc:\windows\system32\297backup.binc:\windows\system32\10b.zipc:\windows\system32\139backup.binc:\windows\system32\user275.zipc:\windows\system32\cookies284.zipc:\windows\system32\147base.binc:\windows\system32\data009C.binc:\windows\system32\uninstall7d.zipc:\windows\system32\0085.zipc:\windows\system32\images142.zipFolderc:\documents and settings\All Users\Application Data\1447988137Save this as CFScript.txt, in the same location as ComboFix.exeRefering to the picture above, drag CFScript into ComboFix.exeWhen finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply. Quote Link to post Share on other sites
lashaun84 Posted February 20, 2009 Author Report Share Posted February 20, 2009 ComboFix 09-02-15.01 - Owner 2009-02-20 18:28:04.2 - NTFSx86Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.254.104 [GMT -5:00]Running from: c:\documents and settings\Owner\Desktop\ComboFix.exeCommand switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt * Created a new restore pointFILE ::C:\-856197470C:\rnqcp.exec:\windows\system32\0085.zipc:\windows\system32\0121mixed.binc:\windows\system32\10b.zipc:\windows\system32\139backup.binc:\windows\system32\147base.binc:\windows\system32\297backup.binc:\windows\system32\apswymby.inic:\windows\system32\avica.dllc:\windows\system32\cookies284.zipc:\windows\system32\data009C.binc:\windows\system32\drivers\krnchtju.sysc:\windows\system32\images142.zipc:\windows\system32\kwqdiddg.inic:\windows\system32\sxjyuonm.inic:\windows\system32\uninstall7d.zipc:\windows\system32\user275.zipc:\windows\system32\vehykqla.inic:\windows\system32\wsnpgnil.inic:\windows\system32\yaceoerc.ini.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).C:\rnqcp.exec:\windows\system32\0085.zipc:\windows\system32\0121mixed.binc:\windows\system32\10b.zipc:\windows\system32\139backup.binc:\windows\system32\147base.binc:\windows\system32\297backup.binc:\windows\system32\apswymby.inic:\windows\system32\avica.dllc:\windows\system32\cookies284.zipc:\windows\system32\data009C.binc:\windows\system32\drivers\krnchtju.sysc:\windows\system32\images142.zipc:\windows\system32\kwqdiddg.inic:\windows\system32\sxjyuonm.inic:\windows\system32\uninstall7d.zipc:\windows\system32\user275.zipc:\windows\system32\vehykqla.inic:\windows\system32\wsnpgnil.inic:\windows\system32\yaceoerc.ini.((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Legacy_KRNCHTJU-------\Service_krnchtju((((((((((((((((((((((((( Files Created from 2009-01-20 to 2009-02-20 ))))))))))))))))))))))))))))))).2009-02-20 18:09 . 2009-02-20 18:09 <DIR> d-------- c:\windows\system32\CatRoot_bak2009-02-20 18:00 . 2009-02-20 18:06 <DIR> d--h----- c:\windows\$hf_mig$2009-02-19 12:04 . 2004-08-04 00:56 221,184 --a------ c:\windows\system32\wmpns.dll2009-02-19 12:01 . 2009-02-19 12:01 <DIR> d-------- c:\windows\provisioning2009-02-19 11:57 . 2009-02-19 11:57 <DIR> d-------- c:\windows\ServicePackFiles2009-02-19 11:54 . 2004-08-04 00:56 2,897,920 --------- c:\windows\system32\xpsp2res.dll2009-02-19 11:51 . 2005-02-24 22:35 22,752 --a------ c:\windows\system32\spupdsvc.exe2009-02-19 11:51 . 2004-07-17 11:40 19,528 --a------ c:\windows\002394_.tmp2009-02-19 11:45 . 2009-02-19 11:45 <DIR> d-------- c:\windows\EHome2009-02-18 23:02 . 2009-02-18 23:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Office Genuine Advantage2009-02-17 18:22 . 2009-02-17 18:47 <DIR> d-------- C:\SDFix2009-02-17 08:39 . 2009-02-17 08:39 <DIR> d-------- c:\program files\Trend Micro2009-02-15 18:27 . 2009-02-15 18:27 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware2009-02-15 18:27 . 2009-02-15 18:27 <DIR> d-------- c:\documents and settings\Owner\Application Data\Malwarebytes2009-02-15 18:27 . 2009-02-15 18:27 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes2009-02-15 18:27 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys2009-02-15 18:27 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys2009-02-15 17:51 . 2009-02-15 17:51 <DIR> d-------- c:\documents and settings\Administrator.DEEANDSHAUN2009-02-11 13:24 . 2009-02-17 18:28 <DIR> d-------- c:\windows\ERUNT2009-02-11 13:24 . 2009-02-11 13:24 <DIR> d-------- C:\ERDNT2009-02-11 13:16 . 2009-02-11 15:26 <DIR> d-------- C:\!FixIEDef2009-02-10 11:29 . 2009-02-10 11:29 <DIR> d-------- c:\documents and settings\All Users\Application Data\ESET2009-02-06 10:35 . 2005-08-27 03:38 1,435,272 --a------ c:\windows\system32\Flash8.ocx2009-02-06 10:35 . 2002-03-04 13:27 1,140,472 --a------ c:\windows\system32\IGUltraGrid20.ocx2009-02-06 10:35 . 2003-11-19 14:59 512,688 --a------ c:\windows\system32\XceedCry.dll2009-02-06 10:35 . 2004-03-09 00:00 131,856 --a------ c:\windows\system32\MSADODC.ocx2009-02-06 10:35 . 1999-01-26 20:36 11,012 --a------ c:\windows\system32\threadapi.tlb2009-02-05 19:30 . 2009-02-05 19:53 <DIR> d-------- c:\windows\Internet Logs2009-02-05 19:28 . 2009-02-09 08:47 <DIR> d-------- c:\windows\system32\ZoneLabs2009-02-05 19:28 . 2009-02-05 19:28 <DIR> d-------- c:\program files\Zone Labs2009-02-05 09:33 . 2009-02-05 09:33 18,060 --a------ c:\windows\system32\data013F.pk22009-02-05 09:32 . 2009-02-05 09:32 18,148 --a------ c:\windows\system32\data011B.pkd2009-02-05 09:26 . 2009-02-05 11:14 7,680 --a------ c:\windows\system32\rasha.exe2009-02-03 16:40 . 2009-02-05 11:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy2009-01-27 12:38 . 2009-01-27 12:38 <DIR> d-------- c:\program files\ParetoLogic2009-01-27 12:38 . 2009-01-27 12:38 <DIR> d-------- c:\program files\Common Files\ParetoLogic2009-01-27 12:38 . 2009-01-27 12:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\ParetoLogic2009-01-27 12:38 . 2009-01-27 12:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\DriverCure2009-01-27 12:36 . 2009-01-27 12:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\Downloaded Installations2009-01-27 12:10 . 2009-01-27 12:10 <DIR> d-------- c:\documents and settings\Owner\Application Data\Uniblue2009-01-27 11:32 . 2009-01-27 11:32 <DIR> d-------- c:\documents and settings\Dee\Application Data\PC Tools2009-01-27 10:46 . 2009-01-27 10:46 <DIR> d-------- c:\documents and settings\Administrator2009-01-26 14:07 . 2009-01-26 14:07 <DIR> d-------- c:\documents and settings\Owner\Application Data\MSN62009-01-26 14:07 . 2009-01-26 14:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\MSN62009-01-26 11:04 . 2009-01-26 11:04 <DIR> d-------- c:\documents and settings\Owner\Application Data\RegTool2009-01-25 18:04 . 2009-01-25 18:04 <DIR> d-------- c:\program files\Common Files\PC Tools2009-01-25 11:21 . 2009-01-25 18:24 <DIR> d-------- c:\documents and settings\All Users\Application Data\14479881372009-01-25 11:03 . 2009-01-25 11:03 45 --a------ c:\windows\system32\RPVersion.ini2009-01-25 11:00 . 2009-01-25 11:00 410,984 --a------ c:\windows\system32\deploytk.dll2009-01-22 11:59 . 2009-02-18 10:03 54,156 --ah----- c:\windows\QTFont.qfn2009-01-22 11:59 . 2009-01-22 11:59 1,409 --a------ c:\windows\QTFont.for2009-01-20 18:51 . 2009-01-20 18:51 <DIR> d-------- c:\documents and settings\Owner\.realobjects.(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-02-11 00:49 --------- d-----w c:\program files\Morpheus2009-02-10 15:32 --------- d-----w c:\documents and settings\Owner\Application Data\LimeWire2009-02-06 00:33 30,208 ----a-w c:\windows\Internet Logs\xDB4.tmp2009-02-06 00:33 12,288 ----a-w c:\windows\Internet Logs\xDB5.tmp2009-02-06 00:30 29,184 ----a-w c:\windows\Internet Logs\xDB2.tmp2009-02-06 00:30 12,800 ----a-w c:\windows\Internet Logs\xDB3.tmp2009-01-27 17:41 --------- d-----w c:\program files\DivX2009-01-27 16:32 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP2009-01-25 17:40 --------- d-----w c:\documents and settings\All Users\Application Data\Zylom2009-01-25 15:59 --------- d-----w c:\program files\Java2009-01-22 15:10 --------- d-----w c:\program files\Yahoo! Games2009-01-14 20:32 --------- d-----w c:\documents and settings\Owner\Application Data\Move Networks2009-01-11 14:28 --------- d-----w c:\program files\Common Files\AOL2009-01-11 14:27 2,560 ----a-w c:\windows\_MSRSTRT.EXE2009-01-11 14:26 --------- d-----w c:\documents and settings\All Users\Application Data\AOL2009-01-11 14:25 --------- d-----w c:\documents and settings\Owner\Application Data\AOL2009-01-11 03:59 --------- d-----w c:\program files\eGames2009-01-11 03:58 --------- d-----w c:\program files\Shockwave.com2009-01-10 22:15 --------- d-----w c:\documents and settings\Owner\Application Data\Mind Control Software2009-01-07 23:08 --------- d-----w c:\documents and settings\All Users\Application Data\PopCap2009-01-06 00:54 --------- d--h--w c:\program files\InstallShield Installation Information2009-01-06 00:54 --------- d-----w c:\program files\ANI2009-01-06 00:54 --------- d-----w c:\documents and settings\All Users\Application Data\InstallShield2009-01-06 00:53 --------- d-----w c:\program files\D-Link2009-01-06 00:50 --------- d-----w c:\program files\Viva Media2009-01-06 00:42 --------- d-----w c:\program files\Common Files\InstallShield2009-01-04 23:04 --------- d-----w c:\program files\iXi Tools2008-12-29 21:29 --------- d-----w c:\documents and settings\All Users\Application Data\Sandlot Games2008-12-29 16:39 --------- d-----w c:\documents and settings\Owner\Application Data\Gaijin Ent2008-12-29 16:28 --------- d-----w c:\program files\Viva Media Best Buy.((((((((((((((((((((((((((((( SnapShot@2009-02-17_11.32.56.15 ))))))))))))))))))))))))))))))))))))))))).- 2001-08-18 12:00:00 1,229,312 ----a-w c:\windows\AppPatch\AcGenral.dll+ 2004-08-04 05:56:42 1,852,416 ----a-w c:\windows\AppPatch\acgenral.dll- 2001-08-18 12:00:00 370,688 ----a-w c:\windows\AppPatch\AcLayers.dll+ 2004-08-04 05:56:42 450,048 ----a-w c:\windows\AppPatch\aclayers.dll- 2001-08-18 12:00:00 45,568 ----a-w c:\windows\AppPatch\AcLua.dll+ 2004-08-04 05:56:42 137,728 ----a-w c:\windows\AppPatch\aclua.dll- 2001-08-18 12:00:00 204,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll+ 2004-08-04 05:56:42 244,736 ----a-w c:\windows\AppPatch\acspecfc.dll- 2001-08-18 12:00:00 105,472 ----a-w c:\windows\AppPatch\AcXtrnal.dll+ 2004-08-04 05:56:42 116,224 ----a-w c:\windows\AppPatch\acxtrnal.dll+ 2008-08-07 20:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX\ERDNT.EXE+ 2009-02-17 23:28:54 405,504 ----a-w c:\windows\ERUNT\SDFIX\Users\00000001\NTUSER.DAT+ 2009-02-17 23:28:54 8,192 ----a-w c:\windows\ERUNT\SDFIX\Users\00000002\UsrClass.dat+ 2008-08-07 20:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX_First_Run\ERDNT.EXE+ 2009-02-17 23:28:43 405,504 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT+ 2009-02-17 23:28:43 8,192 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat- 2001-08-18 12:00:00 1,000,960 ----a-w c:\windows\explorer.exe+ 2004-08-04 05:56:50 1,032,192 ----a-w c:\windows\explorer.exe- 2001-08-18 12:00:00 32,256 ----a-w c:\windows\Help\sniffpol.dll+ 2004-08-04 05:56:46 34,816 ----a-w c:\windows\Help\sniffpol.dll- 2001-08-18 12:00:00 30,720 ----a-w c:\windows\Help\sstub.dll+ 2004-08-04 05:56:46 33,280 ----a-w c:\windows\Help\sstub.dll- 2001-08-18 12:00:00 262,656 ----a-w c:\windows\Help\tshoot.dll+ 2004-08-04 05:56:48 279,040 ----a-w c:\windows\Help\tshoot.dll- 2002-09-22 00:13:26 10,752 ----a-w c:\windows\hh.exe+ 2004-08-04 05:56:52 10,752 ----a-w c:\windows\hh.exe- 2001-08-18 12:00:00 238,592 ----a-w c:\windows\ime\mscandui.dll+ 2004-08-04 05:56:44 220,160 ----a-w c:\windows\ime\mscandui.dll- 2001-08-18 12:00:00 160,768 ----a-w c:\windows\ime\SOFTKBD.DLL+ 2004-08-04 05:56:46 130,048 ----a-w c:\windows\ime\softkbd.dll+ 2004-08-04 05:56:30 62,976 ------w c:\windows\ime\spgrmr.dll- 2001-08-18 12:00:00 256,000 ----a-w c:\windows\ime\SPTIP.dll+ 2004-08-04 05:56:46 250,880 ----a-w c:\windows\ime\sptip.dll+ 2004-03-11 19:53:40 170,688 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\ACCWIZ.DLL+ 2003-07-14 22:43:20 87,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\ADDRPARS.DLL+ 2003-07-14 22:57:34 38,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\AUTHZAX.DLL+ 2003-07-14 22:53:06 94,768 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\AW.DLL+ 2003-07-14 22:53:24 60,984 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\BLNMGR.DLL+ 2003-07-14 22:53:22 46,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\BLNMGRPS.DLL+ 2004-03-11 20:00:14 351,936 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\CDLMSO.DLL+ 2003-07-15 07:18:12 47,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\DFUICOM.EXE+ 2003-07-25 22:57:20 75,832 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\DLGSETP.DLL+ 2003-07-14 22:56:54 14,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\DSITF.DLL+ 2003-07-14 22:57:14 98,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\DSSM.EXE+ 2003-11-10 16:52:54 39,952 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\DWDCW20.DLL+ 2003-11-10 16:52:54 34,832 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\DWTRIG20.EXE+ 2004-05-22 11:57:40 132,296 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\ENVELOPE.DLL+ 2004-05-18 22:58:40 10,080,960 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\EXCEL.EXE+ 2003-07-14 22:41:44 13,368 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FINDER.EXE+ 2004-03-11 20:13:14 1,146,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FM20.DLL+ 2002-10-07 13:49:36 192,573 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FORM.DLL+ 2004-05-22 12:36:24 1,952,960 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FPCUTL.DLL+ 2004-06-23 21:53:40 187,072 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FPDTC.DLL+ 2003-07-14 22:40:12 179,768 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FPERSON.DLL+ 2003-07-14 22:40:12 165,944 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FPLACE.DLL+ 2004-04-28 04:19:36 1,159,368 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FPSRVUTL.DLL+ 2004-05-22 12:36:18 800,960 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\FPWEC.DLL+ 2004-06-23 21:11:38 2,140,352 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\GRAPH.EXE+ 2004-03-12 16:36:22 87,240 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\IEAWSDC.DLL+ 2004-03-22 20:20:24 161,472 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\IETAG.DLL+ 2003-07-23 22:32:32 121,400 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\IMPMAIL.DLL+ 2004-05-27 20:05:44 7,067,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\INFOPATH.EXE+ 2003-07-14 22:45:14 58,944 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\INLAUNCH.DLL+ 2004-03-22 20:17:04 765,680 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MDIGRAPH.DLL+ 2003-06-18 21:31:10 252,928 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MDIINK.DLL+ 2004-03-22 20:17:06 24,816 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MDIMON.DLL+ 2004-03-22 20:17:08 25,840 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MDIPPR.DLL+ 2004-03-22 20:17:10 42,224 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MDIUI.DLL+ 2003-06-18 21:31:34 443,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MDIVWCTL.DLL+ 2003-07-14 22:46:08 176,696 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MIMEDIR.DLL+ 2004-04-19 15:43:00 471,752 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MODHELP.DLL+ 2004-05-18 22:47:26 6,631,624 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSACCESS.EXE+ 2003-07-15 07:13:58 130,112 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSAEXP30.DLL+ 2003-07-14 22:57:14 124,480 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSB1CORE.DLL+ 2003-07-14 23:12:22 47,872 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSB1XTOR.DLL+ 2003-07-14 22:58:04 230,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSCDM.DLL+ 2004-02-23 20:36:48 115,400 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSCONV97.DLL+ 2002-12-17 23:08:50 359,600 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSDMENG.DLL+ 2002-12-17 23:08:54 1,383,592 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSDMINE.DLL+ 2003-07-14 22:56:14 40,504 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSE7.EXE+ 2003-07-14 22:51:44 87,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSENCODE.DLL+ 2003-07-15 07:14:00 139,328 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSJSPP40.DLL+ 2002-04-09 20:14:36 187,560 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSMDUN80.DLL+ 2003-07-14 22:52:52 17,464 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSMH.DLL+ 2004-06-17 05:49:12 12,216,512 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSO.DLL+ 2003-07-14 22:57:16 120,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOAUTH.DLL+ 2004-03-11 20:02:44 107,200 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOCF.DLL+ 2004-03-11 20:00:10 128,192 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOCFU.DLL+ 2003-07-14 22:52:52 27,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSODCW.DLL+ 2003-07-14 22:44:06 25,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOEURO.DLL+ 2003-07-14 22:52:56 55,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOHTMED.EXE+ 2002-12-17 23:09:24 2,071,752 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOLAP80.DLL+ 2003-07-14 22:56:16 54,328 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOMSE.DLL+ 2003-07-11 06:15:48 1,292,872 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSONSEXT.DLL+ 2003-07-15 07:18:52 376,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSORUN.DLL+ 2003-07-14 22:52:54 28,224 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOSTYLE.DLL+ 2003-07-14 22:52:52 35,896 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOSV.DLL+ 2003-07-14 22:53:00 55,872 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOSVABW.DLL+ 2003-07-14 22:53:20 39,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOSVFBR.DLL+ 2003-07-14 22:46:16 42,040 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOXEV.DLL+ 2003-07-14 22:45:12 55,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOXMLED.EXE+ 2003-07-14 22:45:12 39,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSOXMLMF.DLL+ 2003-06-18 21:31:24 1,033,216 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSPCORE.DLL+ 2003-06-18 21:31:54 788,480 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSPFILT.DLL+ 2003-06-18 21:31:50 16,384 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSPGIMME.DLL+ 2003-06-19 20:05:52 128,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSPSCAN.EXE+ 2004-03-22 20:53:44 5,684,928 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSPUB.EXE+ 2003-06-19 20:05:50 364,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSPVIEW.EXE+ 2003-07-14 23:02:42 637,496 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSQRY32.EXE+ 2003-07-14 22:52:58 41,528 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSSH.DLL+ 2004-06-23 21:15:50 627,912 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSTORDB.EXE+ 2004-06-23 21:15:26 125,632 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSTORE.EXE+ 2004-06-23 21:15:54 484,040 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSTORES.DLL+ 2003-07-14 23:00:54 145,984 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\MSWEBCAP.DLL+ 2003-07-14 22:57:10 56,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\NAME.DLL+ 2003-07-14 22:56:52 13,888 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\NPOFFICE.DLL+ 2003-06-18 21:31:58 6,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OCRPS.DLL+ 2003-07-15 07:14:26 283,696 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OIS.EXE+ 2004-04-28 04:03:58 830,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OISAPP.DLL+ 2003-07-15 07:14:26 27,192 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OISCTRL.DLL+ 2003-07-15 07:14:26 242,240 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OISGRAPH.DLL+ 2003-07-14 23:05:24 1,054,264 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OMFC.DLL+ 2003-07-14 23:05:24 1,054,264 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OMFC.DLL_0002+ 2004-03-11 19:55:52 96,960 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OSA.EXE+ 2004-03-11 20:01:22 25,288 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OUTLACCT.DLL+ 2003-07-14 22:44:34 102,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OUTLCTL.DLL+ 2004-01-23 19:14:06 1,948,343 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OUTLFLTR.DAT+ 2003-07-08 15:48:00 115,288 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OUTLFLTR.DLL+ 2004-06-10 18:41:08 7,568,072 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OUTLLIB.DLL+ 2003-07-14 22:44:32 88,128 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OUTLMIME.DLL+ 2004-04-28 04:10:48 196,296 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OUTLOOK.EXE+ 2004-06-10 18:39:42 140,992 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OUTLPH.DLL+ 2003-07-14 22:43:18 64,056 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OUTLRPC.DLL+ 2003-07-14 22:43:16 49,208 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OUTLWAB.DLL+ 2004-04-23 05:30:56 7,334,592 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OWC10.DLL+ 2004-03-22 20:58:02 8,140,480 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\OWC11.DLL+ 2004-06-23 21:02:14 6,137,544 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\POWERPNT.EXE+ 2003-07-15 07:18:54 430,136 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\PP4X322.DLL+ 2003-07-15 07:18:44 93,752 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\PP7X32.DLL+ 2003-09-08 15:20:42 1,782,840 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\PPTVIEW.EXE+ 2004-02-23 20:16:58 130,240 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\PRTF9.DLL+ 2002-10-07 14:11:00 167,997 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\PSOM.DLL+ 2004-03-11 20:02:26 605,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\PTXT9.DLL+ 2004-03-11 20:00:40 555,720 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\PUBCONV.DLL+ 2003-07-14 22:40:16 51,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\PUBTRAP.DLL+ 2003-07-14 22:42:26 37,432 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\RECALL.DLL+ 2003-05-08 21:54:00 77,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\REFEDIT.DLL+ 2003-07-14 22:57:08 40,512 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\REFIEBAR.DLL+ 2002-10-07 13:49:42 81,984 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\REVERSE.DLL+ 2004-03-11 20:01:54 74,936 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\RM.DLL+ 2003-07-21 15:46:38 390,712 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\RTFHTML.DLL+ 2003-07-14 22:57:18 349,248 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\SELFCERT.EXE+ 2003-07-14 22:44:16 66,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\SENDTO.DLL+ 2003-07-14 22:57:08 58,944 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\SEQCHK10.DLL+ 2004-03-11 20:13:36 373,448 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\SETLANG.EXE+ 2003-07-14 22:53:14 11,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\SMARTTAGINSTALL.EXE+ 2004-03-22 20:31:30 444,608 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\SOA.DLL+ 2003-08-03 14:52:32 2,808,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\STSLIST.DLL+ 2002-10-07 13:53:04 106,561 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\THOCRAPI.DLL+ 2003-07-14 23:00:22 99,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\TRANSMGR.DLL+ 2002-10-07 13:50:44 241,729 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\TWCUTCHR.DLL+ 2002-10-07 13:51:04 180,289 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\TWCUTLIN.DLL+ 2002-10-07 13:51:14 147,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\TWLAY32.DLL+ 2002-10-07 13:51:20 102,467 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\TWORIENT.DLL+ 2002-10-07 13:50:04 118,847 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\TWRECE.DLL+ 2002-10-07 13:49:56 81,983 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\TWRECS.DLL+ 2002-10-07 13:51:44 221,252 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\TWSTRUCT.DLL+ 2003-07-14 22:57:40 59,960 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\UNBIND.EXE+ 2004-05-24 20:45:10 2,482,176 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\VBE6.DLL+ 2004-06-10 18:29:52 12,047,560 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\WINWORD.EXE+ 2002-10-07 14:03:34 1,794,113 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\XIMAGE3B.DLL+ 2003-04-30 15:52:32 1,581,120 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\XPAGE3C.DLL+ 2003-01-17 18:03:34 59,466 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.6361\XSCAN32.DAT+ 2007-03-23 00:07:56 91,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\ADDRPARS.DLL+ 2007-03-23 00:07:54 80,224 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\DLGSETP.DLL+ 2007-04-19 18:53:52 137,568 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\ENVELOPE.DLL+ 2007-05-31 18:41:06 10,352,472 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\EXCEL.EXE+ 2007-04-19 19:09:30 167,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\IETAG.DLL+ 2007-04-19 18:53:52 127,328 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\IMPMAIL.DLL+ 2007-04-19 18:54:04 183,136 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MIMEDIR.DLL+ 2007-06-18 22:16:32 12,259,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSO.DLL+ 2007-05-10 18:35:04 6,747,480 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\MSPUB.EXE+ 2007-05-31 18:43:46 7,613,280 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OUTLLIB.DLL+ 2007-04-19 18:53:44 106,336 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OUTLMIME.DLL+ 2007-05-31 18:42:14 200,032 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OUTLOOK.EXE+ 2007-04-19 18:53:56 149,856 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OUTLPH.DLL+ 2007-04-19 18:53:24 69,984 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\OUTLRPC.DLL+ 2007-05-31 18:35:22 6,420,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\POWERPNT.EXE+ 2007-05-31 18:35:46 133,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\PRTF9.DLL+ 2007-05-31 18:36:08 612,184 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\PTXT9.DLL+ 2007-05-10 18:34:48 562,528 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\PUBCONV.DLL+ 2007-03-23 00:07:10 41,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\RECALL.DLL+ 2007-03-23 00:07:54 78,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\RM.DLL+ 2007-03-23 00:22:02 103,264 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\TRANSMGR.DLL+ 2007-05-09 22:19:48 2,585,936 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\VBE6.DLL+ 2007-05-31 18:37:40 12,310,368 ----a-r c:\windows\Installer\$PatchCache$\Managed\9040110900063D11C8EF10054038389C\11.0.8173\WINWORD.EXE- 2008-06-16 21:27:09 593,920 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe+ 2009-02-19 00:01:14 593,920 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe- 2008-06-16 21:27:09 12,288 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe+ 2009-02-19 00:01:14 12,288 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe- 2008-06-16 21:27:09 86,016 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe+ 2009-02-19 00:01:14 86,016 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe- 2008-06-16 21:27:08 135,168 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe+ 2009-02-19 00:01:14 135,168 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe- 2008-06-16 21:27:09 11,264 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe+ 2009-02-19 00:01:14 11,264 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe- 2008-06-16 21:27:09 27,136 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe+ 2009-02-19 00:01:14 27,136 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe- 2008-06-16 21:27:09 4,096 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe+ 2009-02-19 00:01:14 4,096 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe- 2008-06-16 21:27:09 794,624 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe+ 2009-02-19 00:01:14 794,624 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe- 2008-06-16 21:27:09 249,856 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe+ 2009-02-19 00:01:14 249,856 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe- 2008-06-16 21:27:09 61,440 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe+ 2009-02-19 00:01:14 61,440 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe- 2008-06-16 21:27:09 23,040 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe+ 2009-02-19 00:01:15 23,040 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe- 2008-06-16 21:27:08 286,720 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe+ 2009-02-19 00:01:14 286,720 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe- 2008-06-16 21:27:08 409,600 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe+ 2009-02-19 00:01:14 409,600 ----a-r c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe- 2001-08-18 12:00:00 22,016 ----a-w c:\windows\msagent\agentanm.dll+ 2004-08-04 05:56:42 24,064 ----a-w c:\windows\msagent\agentanm.dll- 2001-08-18 12:00:00 204,288 ----a-w c:\windows\msagent\agentctl.dll+ 2004-08-04 05:56:42 214,016 ----a-w c:\windows\msagent\agentctl.dll- 2001-08-18 12:00:00 35,840 ----a-w c:\windows\msagent\agentdp2.dll+ 2004-08-04 05:56:42 41,984 ----a-w c:\windows\msagent\agentdp2.dll- 2001-08-18 12:00:00 50,688 ----a-w c:\windows\msagent\agentdpv.dll+ 2004-08-04 05:56:42 58,880 ----a-w c:\windows\msagent\agentdpv.dll- 2001-08-18 12:00:00 44,032 ----a-w c:\windows\msagent\agentmpx.dll+ 2004-08-04 05:56:42 49,152 ----a-w c:\windows\msagent\agentmpx.dll- 2001-08-18 12:00:00 21,504 ----a-w c:\windows\msagent\agentpsh.dll+ 2004-08-04 05:56:42 24,064 ----a-w c:\windows\msagent\agentpsh.dll- 2001-08-18 12:00:00 39,936 ----a-w c:\windows\msagent\agentsr.dll+ 2004-08-04 05:56:42 44,032 ----a-w c:\windows\msagent\agentsr.dll- 2001-08-18 12:00:00 235,008 ----a-w c:\windows\msagent\agentsvr.exe+ 2004-08-04 05:56:48 256,512 ----a-w c:\windows\msagent\agentsvr.exe- 2001-08-18 12:00:00 21,504 ----a-w c:\windows\msagent\agtintl.dll+ 2004-08-04 05:56:42 24,064 ----a-w c:\windows\msagent\agtintl.dll- 2001-08-18 12:00:00 36,352 ----a-w c:\windows\msagent\mslwvtts.dll+ 2004-08-04 05:56:44 39,936 ----a-w c:\windows\msagent\mslwvtts.dll- 2001-08-18 12:00:00 66,048 ----a-w c:\windows\NOTEPAD.EXE+ 2004-08-04 05:56:56 69,120 ----a-w c:\windows\notepad.exe- 2001-08-18 12:00:00 692,224 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\HelpCtr.exe+ 2004-08-04 05:56:50 768,512 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\helpctr.exe- 2001-08-18 12:00:00 694,272 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\HelpSvc.exe+ 2004-08-04 05:56:52 743,936 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\helpsvc.exe+ 2004-08-04 05:56:52 18,944 ------w c:\windows\PCHEALTH\HELPCTR\Binaries\hscupd.exe- 2001-08-18 12:00:00 145,408 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\msconfig.exe+ 2004-08-04 05:56:54 158,208 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\msconfig.exe- 2001-08-18 12:00:00 348,160 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\msinfo.dll+ 2004-08-04 05:56:44 376,320 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\msinfo.dll- 2001-08-18 12:00:00 97,792 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\pchshell.dll+ 2004-08-04 05:56:46 102,400 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\pchshell.dll- 2001-08-18 12:00:00 29,184 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\pchsvc.dll+ 2004-08-04 05:56:46 38,912 ----a-w c:\windows\PCHEALTH\HELPCTR\Binaries\pchsvc.dll- 2008-06-17 19:47:10 9,258 ----a-w c:\windows\PCHEALTH\HELPCTR\Config\Cntstore.bin+ 2009-02-19 17:04:59 9,492 ----a-w c:\windows\PCHEALTH\HELPCTR\Config\Cntstore.bin- 2008-06-17 19:47:25 71,627 ----a-w c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat+ 2009-02-19 17:07:10 77,423 ----a-w c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat- 2008-06-17 19:47:25 2,884 ----a-w c:\windows\PCHEALTH\HELPCTR\PackageStore\SkuStore.bin+ 2009-02-19 17:07:10 3,190 ----a-w c:\windows\PCHEALTH\HELPCTR\PackageStore\SkuStore.bin- 2001-08-18 12:00:00 138,752 ----a-w c:\windows\PCHEALTH\UploadLB\Binaries\UploadM.exe+ 2004-08-04 05:56:58 150,528 ----a-w c:\windows\PCHEALTH\UploadLB\Binaries\uploadm.exe+ 2004-08-04 05:56:46 151,552 ------w c:\windows\peernet\sqldb20.dll+ 2004-08-04 05:56:46 462,848 ------w c:\windows\peernet\sqlqp20.dll+ 2004-08-04 05:56:46 110,592 ------w c:\windows\peernet\sqlse20.dll- 2001-08-18 12:00:00 134,144 ----a-w c:\windows\regedit.exe+ 2004-08-04 05:56:56 146,432 ----a-w c:\windows\regedit.exe+ 2004-08-04 04:10:08 53,248 ------w c:\windows\ServicePackFiles\i386\1394bus.sys+ 2004-08-04 04:00:04 12,288 ------w c:\windows\ServicePackFiles\i386\4mmdat.sys+ 2004-08-04 04:10:12 48,128 ------w c:\windows\ServicePackFiles\i386\61883.sys+ 2004-08-04 05:56:42 100,352 ------w c:\windows\ServicePackFiles\i386\6to4svc.dll+ 2004-08-04 03:32:22 231,552 ------w c:\windows\ServicePackFiles\i386\ac97ali.sys+ 2004-08-04 03:32:32 84,480 ------w c:\windows\ServicePackFiles\i386\ac97via.sys+ 2004-08-04 05:56:48 183,808 ------w c:\windows\ServicePackFiles\i386\accwiz.exe+ 2004-08-04 05:56:42 1,852,416 ------w c:\windows\ServicePackFiles\i386\acgenral.dll+ 2004-08-04 05:56:42 450,048 ------w c:\windows\ServicePackFiles\i386\aclayers.dll+ 2004-08-04 05:56:42 137,728 ------w c:\windows\ServicePackFiles\i386\aclua.dll+ 2004-08-04 05:56:42 114,688 ------w c:\windows\ServicePackFiles\i386\aclui.dll+ 2004-08-04 04:07:38 187,776 ------w c:\windows\ServicePackFiles\i386\acpi.sys+ 2004-08-04 05:56:42 244,736 ------w c:\windows\ServicePackFiles\i386\acspecfc.dll+ 2004-08-04 05:56:42 194,048 ------w c:\windows\ServicePackFiles\i386\activeds.dll+ 2004-08-04 05:56:48 4,096 ------w c:\windows\ServicePackFiles\i386\actmovie.exe+ 2004-08-04 05:56:42 101,888 ------w c:\windows\ServicePackFiles\i386\actxprxy.dll+ 2004-08-04 05:56:42 116,224 ------w c:\windows\ServicePackFiles\i386\acxtrnal.dll+ 2004-08-04 05:56:42 20,540 ------w c:\windows\ServicePackFiles\i386\admin.dll+ 2004-08-04 05:56:48 16,439 ------w c:\windows\ServicePackFiles\i386\admin.exe+ 2004-08-04 03:32:24 10,880 ------w c:\windows\ServicePackFiles\i386\admjoy.sys+ 2004-08-04 05:56:42 61,440 ------w c:\windows\ServicePackFiles\i386\admparse.dll+ 2004-08-04 05:56:42 175,616 ------w c:\windows\ServicePackFiles\i386\adsldp.dll+ 2004-08-04 05:56:42 143,360 ------w c:\windows\ServicePackFiles\i386\adsldpc.dll+ 2004-08-04 05:56:42 68,096 ------w c:\windows\ServicePackFiles\i386\adsmsext.dll+ 2004-08-04 05:56:42 263,680 ------w c:\windows\ServicePackFiles\i386\adsnt.dll+ 2004-08-04 05:56:42 4,255 ------w c:\windows\ServicePackFiles\i386\adv01nt5.dll+ 2004-08-04 05:56:42 3,967 ------w c:\windows\ServicePackFiles\i386\adv02nt5.dll+ 2004-08-04 05:56:42 3,615 ------w c:\windows\ServicePackFiles\i386\adv05nt5.dll+ 2004-08-04 05:56:42 3,647 ------w c:\windows\ServicePackFiles\i386\adv07nt5.dll+ 2004-08-04 05:56:42 3,135 ------w c:\windows\ServicePackFiles\i386\adv08nt5.dll+ 2004-08-04 05:56:42 3,711 ------w c:\windows\ServicePackFiles\i386\adv09nt5.dll+ 2004-08-04 05:56:42 3,775 ------w c:\windows\ServicePackFiles\i386\adv11nt5.dll+ 2004-08-04 05:56:42 616,960 ------w c:\windows\ServicePackFiles\i386\advapi32.dll+ 2004-08-04 05:56:42 99,840 ------w c:\windows\ServicePackFiles\i386\advpack.dll+ 2004-08-04 03:39:38 142,464 ------w c:\windows\ServicePackFiles\i386\aec.sys+ 2004-08-04 04:14:16 138,496 ------w c:\windows\ServicePackFiles\i386\afd.sys+ 2004-08-04 05:56:42 24,064 ------w c:\windows\ServicePackFiles\i386\agentanm.dll+ 2004-08-04 05:56:42 214,016 ------w c:\windows\ServicePackFiles\i386\agentctl.dll+ 2004-08-04 05:56:42 41,984 ------w c:\windows\ServicePackFiles\i386\agentdp2.dll+ 2004-08-04 05:56:42 58,880 ------w c:\windows\ServicePackFiles\i386\agentdpv.dll+ 2004-08-04 05:56:42 49,152 ------w c:\windows\ServicePackFiles\i386\agentmpx.dll+ 2004-08-04 05:56:42 24,064 ------w c:\windows\ServicePackFiles\i386\agentpsh.dll+ 2004-08-04 05:56:42 44,032 ------w c:\windows\ServicePackFiles\i386\agentsr.dll+ 2004-08-04 05:56:48 256,512 ------w c:\windows\ServicePackFiles\i386\agentsvr.exe+ 2004-08-04 04:07:42 42,368 ------w c:\windows\ServicePackFiles\i386\agp440.sys+ 2004-08-04 04:07:44 44,928 ------w c:\windows\ServicePackFiles\i386\agpcpq.sys+ 2004-08-04 05:56:42 24,064 ------w c:\windows\ServicePackFiles\i386\agtintl.dll+ 2004-08-04 05:56:48 98,304 ------w c:\windows\ServicePackFiles\i386\ahui.exe+ 2004-08-04 05:56:48 44,544 ------w c:\windows\ServicePackFiles\i386\alg.exe+ 2004-08-04 04:07:42 42,752 ------w c:\windows\ServicePackFiles\i386\alim1541.sys+ 2004-08-04 05:56:42 17,408 ------w c:\windows\ServicePackFiles\i386\alrsvc.dll+ 2004-08-04 04:07:44 43,008 ------w c:\windows\ServicePackFiles\i386\amdagp.sys+ 2004-08-04 03:59:20 36,992 ------w c:\windows\ServicePackFiles\i386\amdk6.sys+ 2004-08-04 03:59:22 37,376 ------w c:\windows\ServicePackFiles\i386\amdk7.sys+ 2004-08-04 05:56:42 70,656 ------w c:\windows\ServicePackFiles\i386\amstream.dll+ 2004-08-04 03:31:20 36,224 ------w c:\windows\ServicePackFiles\i386\an983.sys+ 2004-08-04 05:56:42 126,976 ------w c:\windows\ServicePackFiles\i386\apphelp.dll+ 2004-08-04 05:56:42 331,264 ------w c:\windows\ServicePackFiles\i386\aqueue.dll+ 2004-08-04 03:58:30 60,800 ------w c:\windows\ServicePackFiles\i386\arp1394.sys+ 2004-08-04 05:56:00 8,192 ------w c:\windows\ServicePackFiles\i386\asferror.dll+ 2004-08-04 05:56:42 65,024 ------w c:\windows\ServicePackFiles\i386\asycfilt.dll+ 2004-08-04 04:05:04 14,336 ------w c:\windows\ServicePackFiles\i386\asyncmac.sys+ 2004-08-04 05:56:48 25,088 ------w c:\windows\ServicePackFiles\i386\at.exe+ 2004-08-04 03:59:44 95,360 ------w c:\windows\ServicePackFiles\i386\atapi.sys+ 2004-08-04 03:29:30 56,623 ------w c:\windows\ServicePackFiles\i386\ati1btxx.sys+ 2004-08-04 03:29:30 11,615 ------w c:\windows\ServicePackFiles\i386\ati1mdxx.sys+ 2004-08-04 03:29:30 12,047 ------w c:\windows\ServicePackFiles\i386\ati1pdxx.sys+ 2004-08-04 03:29:32 30,671 ------w c:\windows\ServicePackFiles\i386\ati1raxx.sys+ 2004-08-04 03:29:32 63,663 ------w c:\windows\ServicePackFiles\i386\ati1rvxx.sys+ 2004-08-04 03:29:32 26,367 ------w c:\windows\ServicePackFiles\i386\ati1snxx.sys+ 2004-08-04 03:29:32 21,343 ------w c:\windows\ServicePackFiles\i386\ati1ttxx.sys+ 2004-08-04 03:29:32 36,463 ------w c:\windows\ServicePackFiles\i386\ati1tuxx.sys+ 2004-08-04 03:29:32 29,455 ------w c:\windows\ServicePackFiles\i386\ati1xbxx.sys+ 2004-08-04 03:29:32 34,735 ------w c:\windows\ServicePackFiles\i386\ati1xsxx.sys+ 2004-08-04 05:56:42 229,376 ------w c:\windows\ServicePackFiles\i386\ati2cqag.dll+ 2004-08-04 05:56:42 377,984 ------w c:\windows\ServicePackFiles\i386\ati2dvaa.dll+ 2004-08-04 05:56:42 201,728 ------w c:\windows\ServicePackFiles\i386\ati2dvag.dll+ 2004-08-04 03:29:28 327,040 ------w c:\windows\ServicePackFiles\i386\ati2mtaa.sys+ 2004-08-04 03:29:28 701,440 ------w c:\windows\ServicePackFiles\i386\ati2mtag.sys+ 2004-08-04 05:56:42 870,784 ------w c:\windows\ServicePackFiles\i386\ati3d1ag.dll+ 2004-08-04 05:56:42 1,057,760 ------w c:\windows\ServicePackFiles\i386\ati3d2ag.dll+ 2004-08-04 05:56:42 1,888,992 ------w c:\windows\ServicePackFiles\i386\ati3duag.dll+ 2004-08-04 03:29:28 57,856 ------w c:\windows\ServicePackFiles\i386\atinbtxx.sys+ 2004-08-04 03:29:30 13,824 ------w c:\windows\ServicePackFiles\i386\atinmdxx.sys+ 2004-08-04 03:29:30 14,336 ------w c:\windows\ServicePackFiles\i386\atinpdxx.sys+ 2004-08-04 03:29:30 52,224 ------w c:\windows\ServicePackFiles\i386\atinraxx.sys+ 2004-08-04 03:29:32 104,960 ------w c:\windows\ServicePackFiles\i386\atinrvxx.sys+ 2004-08-04 03:29:32 28,672 ------w c:\windows\ServicePackFiles\i386\atinsnxx.sys+ 2004-08-04 03:29:32 13,824 ------w c:\windows\ServicePackFiles\i386\atinttxx.sys+ 2004-08-04 03:29:32 73,216 ------w c:\windows\ServicePackFiles\i386\atintuxx.sys+ 2004-08-04 03:29:32 31,744 ------w c:\windows\ServicePackFiles\i386\atinxbxx.sys+ 2004-08-04 03:29:32 63,488 ------w c:\windows\ServicePackFiles\i386\atinxsxx.sys+ 2004-08-04 05:56:42 32,768 ------w c:\windows\ServicePackFiles\i386\ativtmxx.dll+ 2004-08-04 05:56:42 516,768 ------w c:\windows\ServicePackFiles\i386\ativvaxx.dll+ 2004-08-04 05:56:42 58,880 ------w c:\windows\ServicePackFiles\i386\atl.dll+ 2004-08-04 05:56:48 11,264 ------w c:\windows\ServicePackFiles\i386\atmadm.exe+ 2004-08-04 03:58:32 59,904 ------w c:\windows\ServicePackFiles\i386\atmarpc.sys+ 2004-08-04 05:56:00 285,696 ------w c:\windows\ServicePackFiles\i386\atmfd.dll+ 2004-08-04 03:58:36 55,936 ------w c:\windows\ServicePackFiles\i386\atmlane.sys+ 2004-08-04 05:56:42 30,208 ------w c:\windows\ServicePackFiles\i386\atmlib.dll+ 2004-08-04 05:56:42 21,183 ------w c:\windows\ServicePackFiles\i386\atv01nt5.dll+ 2004-08-04 05:56:42 11,359 ------w c:\windows\ServicePackFiles\i386\atv02nt5.dll+ 2004-08-04 05:56:42 25,471 ------w c:\windows\ServicePackFiles\i386\atv04nt5.dll+ 2004-08-04 05:56:42 14,143 ------w c:\windows\ServicePackFiles\i386\atv06nt5.dll+ 2004-08-04 05:56:42 17,279 ------w c:\windows\ServicePackFiles\i386\atv10nt5.dll+ 2004-08-04 05:56:42 42,496 ------w c:\windows\ServicePackFiles\i386\audiosrv.dll+ 2004-08-04 05:56:48 14,336 ------w c:\windows\ServicePackFiles\i386\auditusr.exe+ 2004-08-04 05:56:42 20,540 ------w c:\windows\ServicePackFiles\i386\author.dll+ 2004-08-04 05:56:48 16,439 ------w c:\windows\ServicePackFiles\i386\author.exe+ 2004-08-04 05:56:42 56,832 ------w c:\windows\ServicePackFiles\i386\authz.dll+ 2004-08-04 05:56:48 588,800 ------w c:\windows\ServicePackFiles\i386\autochk.exe+ 2004-08-04 05:56:48 602,624 ------w c:\windows\ServicePackFiles\i386\autoconv.exe+ 2004-08-04 05:56:48 580,608 ------w c:\windows\ServicePackFiles\i386\autofmt.exe+ 2004-08-04 05:56:48 11,264 ------w c:\windows\ServicePackFiles\i386\autolfn.exe+ 2004-08-04 04:10:12 38,912 ------w c:\windows\ServicePackFiles\i386\avc.sys+ 2004-08-04 04:10:00 13,696 ------w c:\windows\ServicePackFiles\i386\avcstrm.sys+ 2004-08-04 05:56:42 84,992 ------w c:\windows\ServicePackFiles\i386\avifil32.dll+ 2004-08-04 05:56:42 52,736 ------w c:\windows\ServicePackFiles\i386\basesrv.dll+ 2004-08-04 05:56:42 28,672 ------w c:\windows\ServicePackFiles\i386\batmeter.dll+ 2004-08-04 05:56:42 8,704 ------w c:\windows\ServicePackFiles\i386\batt.dll+ 2004-08-04 04:10:14 11,776 ------w c:\windows\ServicePackFiles\i386\bdasup.sys+ 2004-08-04 05:56:42 17,408 ------w c:\windows\ServicePackFiles\i386\bidispl.dll+ 2004-08-04 05:56:42 8,192 ------w c:\windows\ServicePackFiles\i386\bitsprx2.dll+ 2004-08-04 05:56:42 7,168 ------w c:\windows\ServicePackFiles\i386\bitsprx3.dll+ 2004-08-04 05:56:42 286,208 ------w c:\windows\ServicePackFiles\i386\blackbox.dll+ 2004-08-04 05:56:48 71,680 ------w c:\windows\ServicePackFiles\i386\blastcln.exe+ 2004-08-04 03:59:58 71,552 ------w c:\windows\ServicePackFiles\i386\bridge.sys+ 2004-08-04 05:56:00 63,488 ------w c:\windows\ServicePackFiles\i386\browselc.dll+ 2004-08-04 05:56:42 77,312 ------w c:\windows\ServicePackFiles\i386\browser.dll+ 2004-08-04 05:56:42 1,016,832 ------w c:\windows\ServicePackFiles\i386\browseui.dll+ 2004-08-04 05:56:42 78,336 ------w c:\windows\ServicePackFiles\i386\browsewm.dll+ 2004-08-04 05:56:42 20,992 ------w c:\windows\ServicePackFiles\i386\bthci.dll+ 2004-08-04 04:10:40 17,024 ------w c:\windows\ServicePackFiles\i386\bthenum.sys+ 2004-08-04 04:10:40 38,016 ------w c:\windows\ServicePackFiles\i386\bthmodem.sys+ 2004-08-04 03:58:40 100,992 ------w c:\windows\ServicePackFiles\i386\bthpan.sys+ 2004-08-04 04:10:38 274,304 ------w c:\windows\ServicePackFiles\i386\bthport.sys+ 2004-08-04 04:10:38 35,456 ------w c:\windows\ServicePackFiles\i386\bthprint.sys+ 2004-08-04 05:56:42 30,208 ------w c:\windows\ServicePackFiles\i386\bthserv.dll+ 2004-08-04 04:10:36 18,944 ------w c:\windows\ServicePackFiles\i386\bthusb.sys+ 2004-08-04 05:56:42 50,688 ------w c:\windows\ServicePackFiles\i386\btpanui.dll+ 2004-08-04 05:56:42 59,904 ------w c:\windows\ServicePackFiles\i386\cabinet.dll+ 2004-08-04 05:56:42 84,480 ------w c:\windows\ServicePackFiles\i386\cabview.dll+ 2004-08-04 05:56:42 385,024 ------w c:\windows\ServicePackFiles\i386\callcont.dll+ 2004-08-04 05:56:42 50,688 ------w c:\windows\ServicePackFiles\i386\camocx.dll+ 2004-08-04 05:56:42 229,888 ------w c:\windows\ServicePackFiles\i386\catsrv.dll+ 2004-08-04 05:56:42 85,504 ------w c:\windows\ServicePackFiles\i386\catsrvps.dll+ 2004-08-04 05:56:42 628,224 ------w c:\windows\ServicePackFiles\i386\catsrvut.dll+ 2004-08-04 04:10:18 17,024 ------w c:\windows\ServicePackFiles\i386\ccdecode.sys+ 2004-08-04 04:14:12 63,744 ------w c:\windows\ServicePackFiles\i386\cdfs.sys+ 2004-08-04 05:56:42 150,528 ------w c:\windows\ServicePackFiles\i386\cdfview.dll+ 2004-08-04 05:56:42 66,560 ------w c:\windows\ServicePackFiles\i386\cdm.dll+ 2004-08-04 05:56:42 2,067,968 ------w c:\windows\ServicePackFiles\i386\cdosys.dll+ 2004-08-04 03:59:54 49,536 ------w c:\windows\ServicePackFiles\i386\cdrom.sys+ 2004-08-04 05:56:42 194,560 ------w c:\windows\ServicePackFiles\i386\certcli.dll+ 2004-08-04 05:56:42 457,728 ------w c:\windows\ServicePackFiles\i386\certmgr.dll+ 2004-08-04 05:56:42 159,232 ------w c:\windows\ServicePackFiles\i386\cewmdm.dll+ 2004-08-04 05:56:42 38,912 ------w c:\windows\ServicePackFiles\i386\cfgbkend.dll+ 2004-08-04 05:56:02 16,896 ------w c:\windows\ServicePackFiles\i386\cfgmgr32.dll+ 2004-08-04 05:56:48 188,480 ------w c:\windows\ServicePackFiles\i386\cfgwiz.exe+ 2004-08-04 05:56:42 15,423 ------w c:\windows\ServicePackFiles\i386\ch7xxnt5.dll+ 2004-08-04 04:00:14 8,192 ------w c:\windows\ServicePackFiles\i386\changer.sys+ 2004-08-04 05:56:42 1,352,192 ------w c:\windows\ServicePackFiles\i386\cimwin32.dll+ 2004-08-04 05:56:42 69,120 ------w c:\windows\ServicePackFiles\i386\ciodm.dll+ 2004-08-04 05:56:48 5,632 ------w c:\windows\ServicePackFiles\i386\cisvc.exe+ 2004-08-04 04:14:28 49,664 ------w c:\windows\ServicePackFiles\i386\classpnp.sys+ 2004-08-04 05:56:42 110,080 ------w c:\windows\ServicePackFiles\i386\clbcatex.dll+ 2004-08-04 05:56:42 501,248 ------w c:\windows\ServicePackFiles\i386\clbcatq.dll+ 2004-08-04 05:56:48 64,000 ------w c:\windows\ServicePackFiles\i386\cleanmgr.exe+ 2004-08-04 05:56:42 77,824 ------w c:\windows\ServicePackFiles\i386\cliconfg.dll+ 2004-08-04 05:56:48 20,480 ------w c:\windows\ServicePackFiles\i386\cliconfg.exe+ 2004-08-04 05:56:48 102,912 ------w c:\windows\ServicePackFiles\i386\clipbrd.exe+ 2004-08-04 05:56:48 33,280 ------w c:\windows\ServicePackFiles\i386\clipsrv.exe+ 2004-08-04 05:56:42 57,856 ------w c:\windows\ServicePackFiles\i386\clusapi.dll+ 2004-08-04 04:07:40 14,080 ------w c:\windows\ServicePackFiles\i386\cmbatt.sys+ 2004-08-04 05:56:42 15,872 ------w c:\windows\ServicePackFiles\i386\cmcfg32.dll+ 2004-08-04 05:56:50 388,608 ------w c:\windows\ServicePackFiles\i386\cmd.exe+ 2004-08-04 05:56:42 343,040 ------w c:\windows\ServicePackFiles\i386\cmdial32.dll+ 2004-08-04 05:56:50 47,104 ------w c:\windows\ServicePackFiles\i386\cmdl32.exe+ 2004-08-04 05:56:50 39,936 ------w c:\windows\ServicePackFiles\i386\cmmon32.exe+ 2004-08-04 05:56:42 185,344 ------w c:\windows\ServicePackFiles\i386\cmprops.dll+ 2004-08-04 05:56:42 13,824 ------w c:\windows\ServicePackFiles\i386\cmsetacl.dll+ 2004-08-04 05:56:50 63,488 ------w c:\windows\ServicePackFiles\i386\cmstp.exe+ 2004-08-04 05:56:42 39,936 ------w c:\windows\ServicePackFiles\i386\cmutil.dll+ 2004-08-04 05:56:42 47,104 ------w c:\windows\ServicePackFiles\i386\cnbjmon.dll+ 2004-08-04 05:56:42 79,360 ------w c:\windows\ServicePackFiles\i386\cnbjmon2.dll+ 2004-08-04 05:56:42 62,464 ------w c:\windows\ServicePackFiles\i386\colbact.dll+ 2004-08-04 05:56:42 195,584 ------w c:\windows\ServicePackFiles\i386\comadmin.dll+ 2004-08-04 05:56:42 611,328 ------w c:\windows\ServicePackFiles\i386\comctl32.dll+ 2004-08-04 05:56:42 276,992 ------w c:\windows\ServicePackFiles\i386\comdlg32.dll+ 2004-08-04 05:56:42 252,928 ------w c:\windows\ServicePackFiles\i386\compatui.dll+ 2004-08-04 05:56:42 229,376 ------w c:\windows\ServicePackFiles\i386\compstui.dll+ 2004-08-04 05:56:50 9,728 ------w c:\windows\ServicePackFiles\i386\comrepl.exe+ 2004-08-04 05:56:42 792,064 ------w c:\windows\ServicePackFiles\i386\comres.dll+ 2004-08-04 05:56:42 1,251,840 ------w c:\windows\ServicePackFiles\i386\comsvcs.dll+ 2004-08-04 05:56:42 540,160 ------w c:\windows\ServicePackFiles\i386\comuid.dll+ 2004-08-04 05:56:50 1,032,192 ------w c:\windows\ServicePackFiles\i386\conf.exe+ 2004-08-04 05:56:42 45,056 ------w c:\windows\ServicePackFiles\i386\confmrsl.dll+ 2004-08-04 05:56:50 27,648 ------w c:\windows\ServicePackFiles\i386\conime.exe+ 2004-08-04 05:56:42 35,328 ------w c:\windows\ServicePackFiles\i386\corpol.dll+ 2004-08-04 05:56:42 163,840 ------w c:\windows\ServicePackFiles\i386\credui.dll+ 2004-08-04 03:59:22 36,480 ------w c:\windows\ServicePackFiles\i386\crusoe.sys+ 2004-08-04 05:56:42 597,504 ------w c:\windows\ServicePackFiles\i386\crypt32.dll+ 2004-08-04 05:56:42 74,752 ------w c:\windows\ServicePackFiles\i386\cryptdlg.dll+ 2004-08-04 05:56:42 33,280 ------w c:\windows\ServicePackFiles\i386\cryptdll.dll+ 2004-08-04 05:56:42 53,760 ------w c:\windows\ServicePackFiles\i386\cryptext.dll+ 2004-08-04 05:56:42 63,488 ------w c:\windows\ServicePackFiles\i386\cryptnet.dll+ 2004-08-04 05:56:42 60,416 ------w c:\windows\ServicePackFiles\i386\cryptsvc.dll+ 2004-08-04 05:56:42 512,512 ------w c:\windows\ServicePackFiles\i386\cryptui.dll+ 2004-08-04 05:56:42 101,888 ------w c:\windows\ServicePackFiles\i386\cscdll.dll+ 2004-08-04 05:56:50 98,304 ------w c:\windows\ServicePackFiles\i386\cscript.exe+ 2004-08-04 05:56:42 326,656 ------w c:\windows\ServicePackFiles\i386\cscui.dll+ 2004-08-04 05:56:42 32,768 ------w c:\windows\ServicePackFiles\i386\csrsrv.dll+ 2004-08-04 05:56:50 6,144 ------w c:\windows\ServicePackFiles\i386\csrss.exe+ 2004-08-04 05:56:50 15,360 ------w c:\windows\ServicePackFiles\i386\ctfmon.exe+ 2004-08-04 05:56:42 249,856 ------w c:\windows\ServicePackFiles\i386\ctmasetp.dll+ 2004-08-04 05:56:42 28,672 ------w c:\windows\ServicePackFiles\i386\custsat.dll+ 2004-08-04 03:32:26 48,640 ------w c:\windows\ServicePackFiles\i386\cwrwdm.sys+ 2004-08-04 05:56:42 1,179,648 ------w c:\windows\ServicePackFiles\i386\d3d8.dll+ 2004-08-04 05:56:42 8,192 ------w c:\windows\ServicePackFiles\i386\d3d8thk.dll+ 2004-08-04 05:56:42 1,689,088 ------w c:\windows\ServicePackFiles\i386\d3d9.dll+ 2004-08-04 05:56:42 825,344 ------w c:\windows\ServicePackFiles\i386\d3dim700.dll+ 2004-08-04 05:56:42 1,053,696 ------w c:\windows\ServicePackFiles\i386\danim.dll+ 2004-08-04 05:56:44 561,179 ------w c:\windows\ServicePackFiles\i386\dao360.dll+ 2004-08-04 05:56:44 54,272 ------w c:\windows\ServicePackFiles\i386\dataclen.dll+ 2004-08-04 05:56:44 24,576 ------w c:\windows\ServicePackFiles\i386\davclnt.dll+ 2004-08-04 05:56:44 640,000 ------w c:\windows\ServicePackFiles\i386\dbghelp.dll+ 2004-08-04 05:56:44 24,576 ------w c:\windows\ServicePackFiles\i386\dbmsrpcn.dll+ 2004-08-04 05:56:44 110,592 ------w c:\windows\ServicePackFiles\i386\dbnetlib.dll+ 2004-08-04 05:56:44 28,672 ------w c:\windows\ServicePackFiles\i386\dbnmpntw.dll+ 2004-08-04 06:07:22 1,788 ------w c:\windows\ServicePackFiles\i386\dcache.bin+ 2004-08-04 05:56:44 40,960 ------w c:\windows\ServicePackFiles\i386\dcap32.dll+ 2004-08-04 05:56:44 8,704 ------w c:\windows\ServicePackFiles\i386\dciman32.dll+ 2004-08-04 05:56:50 30,208 ------w c:\windows\ServicePackFiles\i386\ddeshare.exe+ 2004-08-04 05:56:44 266,240 ------w c:\windows\ServicePackFiles\i386\ddraw.dll+ 2004-08-04 05:56:44 27,136 ------w c:\windows\ServicePackFiles\i386\ddrawex.dll+ 2004-08-04 05:56:50 25,088 ------w c:\windows\ServicePackFiles\i386\defrag.exe+ 2004-08-04 05:56:44 59,904 ------w c:\windows\ServicePackFiles\i386\devenum.dll+ 2004-08-04 05:56:44 282,624 ------w c:\windows\ServicePackFiles\i386\devmgr.dll+ 2004-08-04 05:56:50 82,432 ------w c:\windows\ServicePackFiles\i386\dfrgfat.exe+ 2004-08-04 05:56:50 104,960 ------w c:\windows\ServicePackFiles\i386\dfrgntfs.exe+ 2004-08-04 05:56:44 38,912 ------w c:\windows\ServicePackFiles\i386\dfrgsnap.dll+ 2004-08-04 05:56:44 123,904 ------w c:\windows\ServicePackFiles\i386\dfrgui.dll+ 2004-08-04 05:56:44 28,672 ------w c:\windows\ServicePackFiles\i386\dfsshlex.dll+ 2004-08-04 05:56:44 111,104 ------w c:\windows\ServicePackFiles\i386\dgnet.dll+ 2004-08-04 05:56:44 111,104 ------w c:\windows\ServicePackFiles\i386\dhcpcsvc.dll+ 2004-08-04 05:56:50 539,136 ------w c:\windows\ServicePackFiles\i386\dialer.exe+ 2004-08-04 05:56:50 85,504 ------w c:\windows\ServicePackFiles\i386\diantz.exe+ 2004-08-04 05:56:44 68,608 ------w c:\windows\ServicePackFiles\i386\digest.dll+ 2004-08-04 05:56:44 159,232 ------w c:\windows\ServicePackFiles\i386\dinput.dll+ 2004-08-04 05:56:44 181,760 ------w c:\windows\ServicePackFiles\i386\dinput8.dll+ 2004-08-04 05:56:44 81,408 ------w c:\windows\ServicePackFiles\i386\directdb.dll+ 2004-08-04 03:59:56 36,352 ------w c:\windows\ServicePackFiles\i386\disk.sys+ 2004-08-04 03:59:54 14,208 ------w c:\windows\ServicePackFiles\i386\diskdump.sys+ 2004-08-04 05:56:50 163,840 ------w c:\windows\ServicePackFiles\i386\diskpart.exe+ 2004-08-04 05:56:50 294,912 ------w c:\windows\ServicePackFiles\i386\dlimport.exe+ 2004-08-04 05:56:50 5,120 ------w c:\windows\ServicePackFiles\i386\dllhost.exe+ 2004-08-04 04:00:06 8,320 ------w c:\windows\ServicePackFiles\i386\dlttape.sys+ 2004-08-04 05:56:50 224,768 ------w c:\windows\ServicePackFiles\i386\dmadmin.exe+ 2004-08-04 05:56:44 28,672 ------w c:\windows\ServicePackFiles\i386\dmband.dll+ 2004-08-04 04:07:18 799,744 ------w c:\windows\ServicePackFiles\i386\dmboot.sys+ 2004-08-04 05:56:44 61,440 ------w c:\windows\ServicePackFiles\i386\dmcompos.dll+ 2004-08-04 05:56:44 200,704 ------w c:\windows\ServicePackFiles\i386\dmdskmgr.dll+ 2004-08-04 05:56:44 181,248 ------w c:\windows\ServicePackFiles\i386\dmime.dll+ 2004-08-04 04:07:18 153,344 ------w c:\windows\ServicePackFiles\i386\dmio.sys+ 2004-08-04 05:56:44 35,840 ------w c:\windows\ServicePackFiles\i386\dmloader.dll+ 2004-08-04 05:56:50 15,872 ------w c:\windows\ServicePackFiles\i386\dmremote.exe+ 2004-08-04 05:56:44 82,432 ------w c:\windows\ServicePackFiles\i386\dmscript.dll+ 2004-08-04 05:56:44 23,552 ------w c:\windows\ServicePackFiles\i386\dmserver.dll+ 2004-08-04 05:56:44 105,984 ------w c:\windows\ServicePackFiles\i386\dmstyle.dll+ 2004-08-04 05:56:44 103,424 ------w c:\windows\ServicePackFiles\i386\dmsynth.dll+ 2004-08-04 05:56:44 104,448 ------w c:\windows\ServicePackFiles\i386\dmusic.dll+ 2004-08-04 04:07:40 52,864 ------w c:\windows\ServicePackFiles\i386\dmusic.sys+ 2004-08-04 05:56:44 52,224 ------w c:\windows\ServicePackFiles\i386\dmutil.dll+ 2004-08-04 05:56:44 148,480 ------w c:\windows\ServicePackFiles\i386\dnsapi.dll+ 2004-08-04 05:56:44 45,568 ------w c:\windows\ServicePackFiles\i386\dnsrslvr.dll+ 2004-08-04 05:56:44 48,128 ------w c:\windows\ServicePackFiles\i386\docprop2.dll+ 2004-08-04 03:51:22 53,840 ------w c:\windows\ServicePackFiles\i386\dosx.exe+ 2004-08-04 03:58:30 207,360 ------w c:\windows\ServicePackFiles\i386\dot4.sys+ 2004-08-04 04:13:54 97,280 ------w c:\windows\ServicePackFiles\i386\dpcdll.dll+ 2004-08-04 05:56:50 30,208 ------w c:\windows\ServicePackFiles\i386\dplaysvr.exe+ 2004-08-04 05:56:44 229,888 ------w c:\windows\ServicePackFiles\i386\dplayx.dll+ 2004-08-04 05:56:44 23,552 ------w c:\windows\ServicePackFiles\i386\dpmodemx.dll+ 2004-08-04 05:56:04 3,584 ------w c:\windows\ServicePackFiles\i386\dpnaddr.dll+ 2004-08-04 05:56:44 375,296 ------w c:\windows\ServicePackFiles\i386\dpnet.dll+ 2004-08-04 05:56:44 35,328 ------w c:\windows\ServicePackFiles\i386\dpnhpast.dll+ 2004-08-04 05:56:44 60,928 ------w c:\windows\ServicePackFiles\i386\dpnhupnp.dll+ 2004-08-04 05:56:04 3,584 ------w c:\windows\ServicePackFiles\i386\dpnlobby.dll+ 2004-08-04 05:56:50 18,432 ------w c:\windows\ServicePackFiles\i386\dpnsvr.exe+ 2004-08-04 05:56:44 21,504 ------w c:\windows\ServicePackFiles\i386\dpvacm.dll+ 2004-08-04 05:56:44 212,480 ------w c:\windows\ServicePackFiles\i386\dpvoice.dll+ 2004-08-04 05:56:50 83,456 ------w c:\windows\ServicePackFiles\i386\dpvsetup.exe+ 2004-08-04 05:56:44 116,736 ------w c:\windows\ServicePackFiles\i386\dpvvox.dll+ 2004-08-04 05:56:44 57,344 ------w c:\windows\ServicePackFiles\i386\dpwsockx.dll+ 2004-08-04 05:57:06 299,520 ------w c:\windows\ServicePackFiles\i386\drmclien.dll+ 2004-08-04 04:08:00 60,288 ------w c:\windows\ServicePackFiles\i386\drmk.sys+ 2004-08-04 04:07:58 2,944 ------w c:\windows\ServicePackFiles\i386\drmkaud.sys+ 2004-08-04 05:56:44 87,040 ------w c:\windows\ServicePackFiles\i386\drmstor.dll+ 2004-08-04 05:57:04 695,296 ------w c:\windows\ServicePackFiles\i386\drmv2clt.dll+ 2004-08-04 05:56:44 14,336 ------w c:\windows\ServicePackFiles\i386\drprov.dll+ 2004-07-17 16:36:44 4,656 ------w c:\windows\ServicePackFiles\i386\ds16gt.dll+ 2004-08-04 05:56:44 16,384 ------w c:\windows\ServicePackFiles\i386\ds32gt.dll+ 2004-08-04 05:56:44 181,760 ------w c:\windows\ServicePackFiles\i386\dsdmo.dll+ 2004-08-04 05:56:44 71,680 ------w c:\windows\ServicePackFiles\i386\dsdmoprp.dll+ 2004-08-04 05:56:44 92,672 ------w c:\windows\ServicePackFiles\i386\dskquota.dll+ 2004-08-04 05:56:44 367,616 ------w c:\windows\ServicePackFiles\i386\dsound.dll+ 2004-08-04 05:56:44 1,294,336 ------w c:\windows\ServicePackFiles\i386\dsound3d.dll+ 2004-08-04 05:56:44 142,336 ------w c:\windows\ServicePackFiles\i386\dsprop.dll+ 2004-08-04 05:56:06 4,096 ------w c:\windows\ServicePackFiles\i386\dsprpres.dll+ 2004-08-04 05:56:44 239,104 ------w c:\windows\ServicePackFiles\i386\dsquery.dll+ 2004-08-04 05:56:44 51,200 ------w c:\windows\ServicePackFiles\i386\dssec.dll+ 2004-08-04 03:31:44 137,216 ------w c:\windows\ServicePackFiles\i386\dssenh.dll+ 2004-08-04 05:56:44 113,152 ------w c:\windows\ServicePackFiles\i386\dsuiext.dll+ 2004-08-04 05:56:44 19,456 ------w c:\windows\ServicePackFiles\i386\dswave.dll+ 2004-08-04 05:56:50 10,752 ------w c:\windows\ServicePackFiles\i386\dumprep.exe+ 2004-08-04 05:56:44 304,128 ------w c:\windows\ServicePackFiles\i386\duser.dll+ 2004-08-04 05:56:50 17,920 ------w c:\windows\ServicePackFiles\i386\dvdupgrd.exe+ 2004-08-04 05:56:50 180,224 ------w c:\windows\ServicePackFiles\i386\dwwin.exe+ 2004-08-04 05:56:44 619,008 ------w c:\windows\ServicePackFiles\i386\dx7vb.dll+ 2004-08-04 05:56:44 1,227,264 ------w c:\windows\ServicePackFiles\i386\dx8vb.dll+ 2004-08-04 05:56:50 1,298,432 ------w c:\windows\ServicePackFiles\i386\dxdiag.exe+ 2004-08-04 05:56:44 2,113,536 ------w c:\windows\ServicePackFiles\i386\dxdiagn.dll+ 2004-08-04 04:00:56 71,040 ------w c:\windows\ServicePackFiles\i386\dxg.sys+ 2004-08-04 05:56:44 498,205 ------w c:\windows\ServicePackFiles\i386\dxmasf.dll+ 2004-08-04 05:56:44 357,888 ------w c:\windows\ServicePackFiles\i386\dxtmsft.dll+ 2004-08-04 05:56:44 201,728 ------w c:\windows\ServicePackFiles\i386\dxtrans.dll+ 2004-08-04 05:56:44 183,296 ------w c:\windows\ServicePackFiles\i386\els.dll+ 2004-08-04 05:56:44 20,480 ------w c:\windows\ServicePackFiles\i386\encapi.dll+ 2004-08-04 05:56:44 186,368 ------w c:\windows\ServicePackFiles\i386\encdec.dll+ 2004-08-04 05:56:06 40,960 ------w c:\windows\ServicePackFiles\i386\ep9res.dll+ 2004-07-17 16:39:36 120,320 ------w c:\windows\ServicePackFiles\i386\epcl5res.dll+ 2004-08-04 05:56:44 23,040 ------w c:\windows\ServicePackFiles\i386\ersvc.dll+ 2004-08-04 05:56:44 243,200 ------w c:\windows\ServicePackFiles\i386\es.dll+ 2004-08-04 05:56:44 1,082,368 ------w c:\windows\ServicePackFiles\i386\esent.dll+ 2004-08-04 05:56:44 247,808 ------w c:\windows\ServicePackFiles\i386\esscli.dll+ 2004-08-04 03:32:28 137,088 ------w c:\windows\ServicePackFiles\i386\essm2e.sys+ 2004-08-04 05:56:50 193,024 ------w c:\windows\ServicePackFiles\i386\eudcedit.exe+ 2004-08-04 05:56:44 55,808 ------w c:\windows\ServicePackFiles\i386\eventlog.dll+ 2004-08-04 05:56:44 101,888 ------w c:\windows\ServicePackFiles\i386\evntagnt.dll+ 2004-08-04 05:56:50 24,064 ------w c:\windows\ServicePackFiles\i386\evntcmd.exe+ 2004-08-04 05:56:44 22,016 ------w c:\windows\ServicePackFiles\i386\evntrprv.dll+ 2004-08-04 05:56:50 92,160 ------w c:\windows\ServicePackFiles\i386\evntwin.exe+ 2004-08-04 05:56:50 1,032,192 ------w c:\windows\ServicePackFiles\i386\explorer.exe+ 2004-08-04 05:56:44 380,957 ------w c:\windows\ServicePackFiles\i386\expsrv.dll+ 2004-08-04 05:56:44 55,808 ------w c:\windows\ServicePackFiles\i386\extmgr.dll+ 2004-08-04 05:56:50 45,568 ------w c:\windows\ServicePackFiles\i386\extrac32.exe+ 2004-08-04 04:14:18 143,360 ------w c:\windows\ServicePackFiles\i386\fastfat.sys+ 2004-08-04 05:56:44 472,064 ------w c:\windows\ServicePackFiles\i386\fastprox.dll+ 2004-08-04 05:56:44 80,384 ------w c:\windows\ServicePackFiles\i386\faultrep.dll+ 2004-08-04 05:56:50 20,992 ------w c:\windows\ServicePackFiles\i386\faxpatch.exe+ 2004-08-04 03:59:28 27,392 ------w c:\windows\ServicePackFiles\i386\fdc.sys+ 2004-08-04 05:56:44 21,504 ------w c:\windows\ServicePackFiles\i386\feclient.dll+ 2004-08-04 05:56:44 337,920 ------w c:\windows\ServicePackFiles\i386\filemgmt.dll+ 2004-08-04 05:56:50 27,136 ------w c:\windows\ServicePackFiles\i386\findstr.exe+ 2004-08-04 05:56:44 87,552 ------w c:\windows\ServicePackFiles\i386\fldrclnr.dll+ 2004-08-04 03:59:28 20,480 ------w c:\windows\ServicePackFiles\i386\flpydisk.sys+ 2004-08-04 05:56:44 16,896 ------w c:\windows\ServicePackFiles\i386\fltlib.dll+ 2004-08-04 05:56:50 22,528 ------w c:\windows\ServicePackFiles\i386\fltmc.exe+ 2004-08-04 04:01:20 124,800 ------w c:\windows\ServicePackFiles\i386\fltmgr.sys+ 2004-08-04 05:56:44 382,976 ------w c:\windows\ServicePackFiles\i386\fontext.dll+ 2004-08-04 05:56:50 20,992 ------w c:\windows\ServicePackFiles\i386\fontview.exe+ 2004-08-04 03:31:24 34,173 ------w c:\windows\ServicePackFiles\i386\forehe.sys+ 2004-08-04 05:56:44 32,828 ------w c:\windows\ServicePackFiles\i386\fp40ext.dll+ 2004-08-04 05:56:44 184,435 ------w c:\windows\ServicePackFiles\i386\fp4amsft.dll+ 2004-08-04 05:56:44 82,035 ------w c:\windows\ServicePackFiles\i386\fp4anscp.dll+ 2004-08-04 05:56:44 147,513 ------w c:\windows\ServicePackFiles\i386\fp4apws.dll+ 2004-08-04 05:56:44 49,210 ------w c:\windows\ServicePackFiles\i386\fp4areg.dll+ 2004-08-04 05:56:44 102,509 ------w c:\windows\ServicePackFiles\i386\fp4atxt.dll+ 2004-08-04 05:56:44 618,605 ------w c:\windows\ServicePackFiles\i386\fp4autl.dll+ 2004-08-04 05:56:44 41,020 ------w c:\windows\ServicePackFiles\i386\fp4avnb.dll+ 2004-08-04 05:56:44 32,826 ------w c:\windows\ServicePackFiles\i386\fp4avss.dll+ 2004-08-04 05:56:44 49,212 ------w c:\windows\ServicePackFiles\i386\fp4awebs.dll+ 2004-08-04 05:56:44 876,653 ------w c:\windows\ServicePackFiles\i386\fp4awel.dll+ 2004-08-04 05:56:50 15,120 ------w c:\windows\ServicePackFiles\i386\fp98sadm.exe+ 2004-08-04 05:56:50 109,840 ------w c:\windows\ServicePackFiles\i386\fp98swin.exe+ 2004-08-04 05:56:50 24,632 ------w c:\windows\ServicePackFiles\i386\fpadmcgi.exe+ 2004-08-04 05:56:44 20,541 ------w c:\windows\ServicePackFiles\i386\fpadmdll.dll+ 2004-08-04 05:56:50 188,494 ------w c:\windows\ServicePackFiles\i386\fpcount.exe+ 2004-08-04 05:56:44 94,208 ------w c:\windows\ServicePackFiles\i386\fpencode.dll+ 2004-08-04 05:56:44 20,541 ------w c:\windows\ServicePackFiles\i386\fpexedll.dll+ 2004-08-04 05:56:44 598,071 ------w c:\windows\ServicePackFiles\i386\fpmmc.dll+ 2004-08-04 05:56:08 208,896 ------w c:\windows\ServicePackFiles\i386\fpmmcsat.dll+ 2004-08-04 05:56:50 20,538 ------w c:\windows\ServicePackFiles\i386\fpremadm.exe+ 2004-08-04 05:56:50 28,728 ------w c:\windows\ServicePackFiles\i386\fpsrvadm.exe+ 2004-08-04 05:56:08 9,344 ------w c:\windows\ServicePackFiles\i386\framebuf.dll+ 2004-08-04 05:56:44 185,856 ------w c:\windows\ServicePackFiles\i386\framedyn.dll+ 2004-08-04 05:56:50 193,024 ------w c:\windows\ServicePackFiles\i386\fsquirt.exe+ 2004-08-04 05:56:50 42,496 ------w c:\windows\ServicePackFiles\i386\ftp.exe+ 2004-08-04 05:56:44 60,416 ------w c:\windows\ServicePackFiles\i386\fwcfg.dll+ 2004-08-04 05:56:44 452,096 ------w c:\windows\ServicePackFiles\i386\fxsapi.dll+ 2004-08-04 05:56:50 143,360 ------w c:\windows\ServicePackFiles\i386\fxsclnt.exe+ 2004-08-04 05:56:44 72,192 ------w c:\windows\ServicePackFiles\i386\fxscom.dll+ 2004-08-04 05:56:44 285,184 ------w c:\windows\ServicePackFiles\i386\fxscomex.dll+ 2004-08-04 05:56:50 229,376 ------w c:\windows\ServicePackFiles\i386\fxscover.exe+ 2004-08-04 05:56:44 27,136 ------w c:\windows\ServicePackFiles\i386\fxsdrv.dll+ 2004-08-04 05:56:44 55,296 ------w c:\windows\ServicePackFiles\i386\fxsevent.dll+ 2004-08-04 05:56:44 23,552 ------w c:\windows\ServicePackFiles\i386\fxsext32.dll+ 2004-08-04 05:56:44 23,552 ------w c:\windows\ServicePackFiles\i386\fxsmon.dll+ 2004-08-04 05:56:44 132,608 ------w c:\windows\ServicePackFiles\i386\fxsocm.dll+ 2004-08-04 05:56:44 8,704 ------w c:\windows\ServicePackFiles\i386\fxsperf.dll+ 2004-08-04 05:56:08 6,656 ------w c:\windows\ServicePackFiles\i386\fxsres.dll+ 2004-08-04 05:56:44 562,176 ------w c:\windows\ServicePackFiles\i386\fxsst.dll+ 2004-08-04 05:56:50 267,776 ------w c:\windows\ServicePackFiles\i386\fxssvc.exe+ 2004-08-04 05:56:44 246,272 ------w c:\windows\ServicePackFiles\i386\fxst30.dll+ 2004-08-04 05:56:44 397,312 ------w c:\windows\ServicePackFiles\i386\fxstiff.dll+ 2004-08-04 05:56:44 154,112 ------w c:\windows\ServicePackFiles\i386\fxsui.dll+ 2004-08-04 05:56:44 192,512 ------w c:\windows\ServicePackFiles\i386\fxswzrd.dll+ 2004-08-04 05:56:44 400,384 ------w c:\windows\ServicePackFiles\i386\fxsxp32.dll+ 2004-08-04 04:07:44 46,464 ------w c:\windows\ServicePackFiles\i386\gagp30kx.sys+ 2004-08-04 04:08:22 10,624 ------w c:\windows\ServicePackFiles\i386\gameenum.sys+ 2004-08-04 04:08:30 59,136 ------w c:\windows\ServicePackFiles\i386\gckernel.sys+ 2004-08-04 05:56:44 278,016 ------w c:\windows\ServicePackFiles\i386\gdi32.dll+ 2004-08-04 05:56:44 122,880 ------w c:\windows\ServicePackFiles\i386\glu32.dll+ 2004-08-04 03:31:44 101,888 ------w c:\windows\ServicePackFiles\i386\gpkcsp.dll+ 2004-08-04 05:56:08 9,728 ------w c:\windows\ServicePackFiles\i386\gpkrsrc.dll+ 2004-08-04 05:56:50 39,424 ------w c:\windows\ServicePackFiles\i386\grpconv.exe+ 2004-08-04 03:59:20 28,288 ------w c:\windows\ServicePackFiles\i386\grserial.sys+ 2004-08-04 05:56:44 123,904 ------w c:\windows\ServicePackFiles\i386\guitrn.dll+ 2004-08-04 05:56:44 108,544 ------w c:\windows\ServicePackFiles\i386\guitrn_a.dll+ 2004-08-04 05:56:44 57,344 ------w c:\windows\ServicePackFiles\i386\h323cc.dll+ 2004-08-04 05:56:44 614,912 ------w c:\windows\ServicePackFiles\i386\h323msp.dll+ 2004-08-04 03:59:20 105,472 ------w c:\windows\ServicePackFiles\i386\hal.dll+ 2004-08-04 03:59:10 131,968 ------w c:\windows\ServicePackFiles\i386\halaacpi.dll+ 2004-08-04 03:59:08 81,280 ------w c:\windows\ServicePackFiles\i386\halacpi.dll+ 2004-08-04 03:59:14 150,656 ------w c:\windows\ServicePackFiles\i386\halapic.dll+ 2004-08-04 03:59:14 134,400 ------w c:\windows\ServicePackFiles\i386\halmacpi.dll+ 2004-08-04 03:59:20 152,704 ------w c:\windows\ServicePackFiles\i386\halmps.dll+ 2004-08-04 03:59:20 77,696 ------w c:\windows\ServicePackFiles\i386\halsp.dll+ 2004-08-04 05:56:44 7,168 ------w c:\windows\ServicePackFiles\i386\hccoin.dll+ 2004-08-04 05:56:50 768,512 ------w c:\windows\ServicePackFiles\i386\helpctr.exe+ 2004-08-04 05:56:52 743,936 ------w c:\windows\ServicePackFiles\i386\helpsvc.exe+ 2004-08-04 05:56:52 10,752 ------w c:\windows\ServicePackFiles\i386\hh.exe+ 2004-08-04 05:56:44 38,912 ------w c:\windows\ServicePackFiles\i386\hhsetup.dll+ 2004-08-04 05:56:44 20,992 ------w c:\windows\ServicePackFiles\i386\hid.dll+ 2004-08-04 04:10:38 25,600 ------w c:\windows\ServicePackFiles\i386\hidbth.sys+ 2004-08-04 04:08:20 36,224 ------w c:\windows\ServicePackFiles\i386\hidclass.sys+ 2004-08-04 04:08:20 15,104 ------w c:\windows\ServicePackFiles\i386\hidir.sys+ 2004-08-04 04:08:18 24,960 ------w c:\windows\ServicePackFiles\i386\hidparse.sys+ 2004-08-04 05:56:44 21,504 ------w c:\windows\ServicePackFiles\i386\hidserv.dll+ 2004-08-04 05:56:44 38,912 ------w c:\windows\ServicePackFiles\i386\hmmapi.dll+ 2004-08-04 05:56:44 344,064 ------w c:\windows\ServicePackFiles\i386\hnetcfg.dll+ 2004-08-04 05:56:44 330,752 ------w c:\windows\ServicePackFiles\i386\hnetwiz.dll+ 2004-08-04 05:56:44 39,936 ------w c:\windows\ServicePackFiles\i386\hostmib.dll+ 2004-08-04 05:56:44 144,896 ------w c:\windows\ServicePackFiles\i386\hotplug.dll+ 2004-08-04 05:56:44 10,752 ------w c:\windows\ServicePackFiles\i386\hpcjrr.dll+ 2004-08-04 05:56:44 10,240 ------w c:\windows\ServicePackFiles\i386\hpcjrrps.dll+ 2004-08-04 05:56:44 87,552 ------w c:\windows\ServicePackFiles\i386\hpfud50.dll+ 2004-08-04 05:56:52 18,944 ------w c:\windows\ServicePackFiles\i386\hscupd.exe+ 2004-08-04 03:41:48 220,032 ------w c:\windows\ServicePackFiles\i386\hsfbs2s2.sys+ 2004-08-04 05:56:44 32,285 ------w c:\windows\ServicePackFiles\i386\hsfcisp2.dll+ 2004-08-04 03:41:50 685,056 ------w c:\windows\ServicePackFiles\i386\hsfcxts2.sys+ 2004-08-04 03:41:56 1,041,536 ------w c:\windows\ServicePackFiles\i386\hsfdpsp2.sys+ 2004-08-04 04:00:14 263,040 ------w c:\windows\ServicePackFiles\i386\http.sys+ 2004-08-04 05:56:44 24,576 ------w c:\windows\ServicePackFiles\i386\httpapi.dll+ 2004-08-04 05:56:44 41,984 ------w c:\windows\ServicePackFiles\i386\htui.dll+ 2004-08-04 05:56:44 345,088 ------w c:\windows\ServicePackFiles\i386\hypertrm.dll+ 2004-08-04 04:00:52 8,192 ------w c:\windows\ServicePackFiles\i386\i2omgmt.sys+ 2004-08-04 04:00:52 18,560 ------w c:\windows\ServicePackFiles\i386\i2omp.sys+ 2004-08-04 04:14:38 52,736 ------w c:\windows\ServicePackFiles\i386\i8042prt.sys+ 2004-08-04 05:56:44 702,845 ------w c:\windows\ServicePackFiles\i386\i81xdnt5.dll+ 2004-08-04 03:29:38 161,020 ------w c:\windows\ServicePackFiles\i386\i81xnt5.sys+ 2004-08-04 05:56:44 119,808 ------w c:\windows\ServicePackFiles\i386\iasrad.dll+ 2004-08-04 05:56:44 11,264 ------w c:\windows\ServicePackFiles\i386\icaapi.dll+ 2004-08-04 05:56:44 80,384 ------w c:\windows\ServicePackFiles\i386\iccvid.dll+ 2004-08-04 05:56:44 253,952 ------w c:\windows\ServicePackFiles\i386\icm32.dll+ 2004-08-04 05:56:08 3,584 ------w c:\windows\ServicePackFiles\i386\icmp.dll+ 2004-08-04 05:56:44 4,096 ------w c:\windows\ServicePackFiles\i386\iconlib.dll+ 2004-08-04 05:56:44 61,440 ------w c:\windows\ServicePackFiles\i386\icwconn.dll+ 2004-08-04 05:56:52 214,528 ------w c:\windows\ServicePackFiles\i386\icwconn1.exe+ 2004-08-04 05:56:52 86,016 ------w c:\windows\ServicePackFiles\i386\icwconn2.exe+ 2004-08-04 05:56:44 73,728 ------w c:\windows\ServicePackFiles\i386\icwdial.dll+ 2004-08-04 05:56:44 32,768 ------w c:\windows\ServicePackFiles\i386\icwdl.dll+ 2004-08-04 05:56:44 172,032 ------w c:\windows\ServicePackFiles\i386\icwhelp.dll+ 2004-08-04 05:56:44 65,536 ------w c:\windows\ServicePackFiles\i386\icwphbk.dll+ 2004-08-04 05:56:52 24,576 ------w c:\windows\ServicePackFiles\i386\icwrmind.exe+ 2004-08-04 05:56:44 49,152 ------w c:\windows\ServicePackFiles\i386\icwutil.dll+ 2004-08-04 05:56:44 120,832 ------w c:\windows\ServicePackFiles\i386\idq.dll+ 2004-08-04 05:56:52 34,304 ------w c:\windows\ServicePackFiles\i386\ie4uinit.exe+ 2004-08-04 05:56:44 139,264 ------w c:\windows\ServicePackFiles\i386\ieakeng.dll+ 2004-08-04 05:56:44 216,576 ------w c:\windows\ServicePackFiles\i386\ieaksie.dll+ 2004-08-04 05:56:44 323,584 ------w c:\windows\ServicePackFiles\i386\iedkcs32.dll+ 2004-08-04 05:56:52 18,432 ------w c:\windows\ServicePackFiles\i386\iedw.exe+ 2004-08-04 05:56:44 81,920 ------w c:\windows\ServicePackFiles\i386\ieencode.dll+ 2004-08-04 05:56:44 249,344 ------w c:\windows\ServicePackFiles\i386\iepeers.dll+ 2004-08-04 05:56:44 48,640 ------w c:\windows\ServicePackFiles\i386\iernonce.dll+ 2004-08-04 05:56:44 62,976 ------w c:\windows\ServicePackFiles\i386\iesetup.dll+ 2004-08-04 05:56:52 93,184 ------w c:\windows\ServicePackFiles\i386\iexplore.exe+ 2004-08-04 05:56:52 114,688 ------w c:\windows\ServicePackFiles\i386\iexpress.exe+ 2004-08-04 05:56:44 135,680 ------w c:\windows\ServicePackFiles\i386\ifmon.dll+ 2004-08-04 05:56:44 8,192 ------w c:\windows\ServicePackFiles\i386\igmpagnt.dll+ 2004-08-04 05:56:44 505,344 ------w c:\windows\ServicePackFiles\i386\iis.dll+ 2004-08-04 05:56:44 81,920 ------w c:\windows\ServicePackFiles\i386\ils.dll+ 2004-08-04 05:56:44 144,384 ------w c:\windows\ServicePackFiles\i386\imagehlp.dll+ 2004-08-04 05:56:52 150,016 ------w c:\windows\ServicePackFiles\i386\imapi.exe+ 2004-08-04 04:00:16 41,856 ------w c:\windows\ServicePackFiles\i386\imapi.sys+ 2004-08-04 05:56:44 36,921 ------w c:\windows\ServicePackFiles\i386\imeshare.dll+ 2004-08-04 05:56:44 35,840 ------w c:\windows\ServicePackFiles\i386\imgutil.dll+ 2004-08-04 05:56:44 110,080 ------w c:\windows\ServicePackFiles\i386\imm32.dll+ 2004-08-04 05:56:44 274,432 ------w c:\windows\ServicePackFiles\i386\inetcfg.dll+ 2004-08-04 05:56:44 678,400 ------w c:\windows\ServicePackFiles\i386\inetcomm.dll+ 2004-08-04 05:56:44 33,280 ------w c:\windows\ServicePackFiles\i386\inetmib1.dll+ 2004-08-04 05:56:44 75,264 ------w c:\windows\ServicePackFiles\i386\inetpp.dll+ 2004-08-04 05:56:44 15,872 ------w c:\windows\ServicePackFiles\i386\inetppui.dll+ 2004-08-04 05:56:10 48,128 ------w c:\windows\ServicePackFiles\i386\inetres.dll+ 2004-08-04 05:56:52 20,480 ------w c:\windows\ServicePackFiles\i386\inetwiz.exe+ 2004-08-04 05:56:44 147,456 ------w c:\windows\ServicePackFiles\i386\initpki.dll+ 2004-08-04 05:56:44 123,392 ------w c:\windows\ServicePackFiles\i386\input.dll+ 2004-08-04 05:56:44 96,256 ------w c:\windows\ServicePackFiles\i386\inseng.dll+ 2004-08-04 03:59:42 5,504 ------w c:\windows\ServicePackFiles\i386\intelide.sys+ 2004-08-04 03:59:20 36,096 ------w c:\windows\ServicePackFiles\i386\intelppm.sys+ 2004-08-04 04:00:08 29,056 ------w c:\windows\ServicePackFiles\i386\ip6fw.sys+ 2004-08-04 05:56:52 55,808 ------w c:\windows\ServicePackFiles\i386\ipconfig.exe+ 2004-08-04 05:56:06 97,280 ------w c:\windows\ServicePackFiles\i386\ipevldpc.dll+ 2004-08-04 05:56:06 24,064 ------w c:\windows\ServicePackFiles\i386\ipevlpid.dll+ 2004-08-04 05:56:44 94,720 ------w c:\windows\ServicePackFiles\i386\iphlpapi.dll+ 2004-08-04 04:04:46 20,992 ------w c:\windows\ServicePackFiles\i386\ipinip.sys+ 2004-08-04 05:56:12 96,768 ------w c:\windows\ServicePackFiles\i386\ipmntdpc.dll+ 2004-08-04 04:04:52 134,912 ------w c:\windows\ServicePackFiles\i386\ipnat.sys+ 2004-08-04 05:56:44 331,264 ------w c:\windows\ServicePackFiles\i386\ipnathlp.dll+ 2004-08-04 05:56:44 330,752 ------w c:\windows\ServicePackFiles\i386\ippromon.dll+ 2004-08-04 05:56:44 35,328 ------w c:\windows\ServicePackFiles\i386\iprip.dll+ 2004-08-04 04:14:30 74,752 ------w c:\windows\ServicePackFiles\i386\ipsec.sys+ 2004-08-04 05:56:44 349,696 ------w c:\windows\ServicePackFiles\i386\ipsecsnp.dll+ 2004-08-04 05:56:44 182,784 ------w c:\windows\ServicePackFiles\i386\ipsecsvc.dll+ 2004-08-04 05:56:28 96,768 ------w c:\windows\ServicePackFiles\i386\ipseldpc.dll+ 2004-08-04 05:56:06 24,064 ------w c:\windows\ServicePackFiles\i386\ipselpid.dll+ 2004-08-04 05:56:44 384,000 ------w c:\windows\ServicePackFiles\i386\ipsmsnap.dll+ 2004-08-04 05:56:52 53,248 ------w c:\windows\ServicePackFiles\i386\ipv6.exe+ 2004-08-04 05:56:44 59,904 ------w c:\windows\ServicePackFiles\i386\ipv6mon.dll+ 2004-08-04 05:56:52 23,552 ------w c:\windows\ServicePackFiles\i386\ipxroute.exe+ 2004-08-04 05:56:44 120,320 ------w c:\windows\ServicePackFiles\i386\ir41_qc.dll+ 2004-08-04 05:56:44 338,432 ------w c:\windows\ServicePackFiles\i386\ir41_qcx.dll+ 2004-08-04 05:56:44 755,200 ------w c:\windows\ServicePackFiles\i386\ir50_32.dll+ 2004-08-04 05:56:44 200,192 ------w c:\windows\ServicePackFiles\i386\ir50_qc.dll+ 2004-08-04 05:56:44 183,808 ------w c:\windows\ServicePackFiles\i386\ir50_qcx.dll+ 2004-08-04 04:00:54 87,424 ------w c:\windows\ServicePackFiles\i386\irda.sys+ 2004-08-04 04:00:48 11,264 ------w c:\windows\ServicePackFiles\i386\irenum.sys+ 2004-08-04 05:56:52 152,576 ------w c:\windows\ServicePackFiles\i386\irftp.exe+ 2004-08-04 05:56:44 27,136 ------w c:\windows\ServicePackFiles\i386\irmon.dll+ 2004-08-04 05:56:44 81,920 ------w c:\windows\ServicePackFiles\i386\isign32.dll+ 2004-08-04 05:56:44 32,768 ------w c:\windows\ServicePackFiles\i386\isrdbg32.dll+ 2004-08-04 05:56:44 143,872 ------w c:\windows\ServicePackFiles\i386\itircl.dll+ 2004-08-04 05:56:44 134,144 ------w c:\windows\ServicePackFiles\i386\itss.dll+ 2004-08-04 05:56:44 192,000 ------w c:\windows\ServicePackFiles\i386\iuengine.dll+ 2004-08-04 05:56:44 54,272 ------w c:\windows\ServicePackFiles\i386\ixsso.dll+ 2004-08-04 05:56:44 47,616 ------w c:\windows\ServicePackFiles\i386\iyuv_32.dll+ 2004-08-04 05:56:44 450,560 ------w c:\windows\ServicePackFiles\i386\jscript.dll+ 2004-08-04 05:56:44 15,872 ------w c:\windows\ServicePackFiles\i386\jsproxy.dll+ 2004-08-04 03:58:34 24,576 ------w c:\windows\ServicePackFiles\i386\kbdclass.sys+ 2004-08-04 05:56:12 7,168 ------w c:\windows\ServicePackFiles\i386\kbdfi1.dll+ 2004-08-04 03:58:36 14,848 ------w c:\windows\ServicePackFiles\i386\kbdhid.sys+ 2004-08-04 05:56:12 6,144 ------w c:\windows\ServicePackFiles\i386\kbdinbe1.dll+ 2004-08-04 05:56:12 6,656 ------w c:\windows\ServicePackFiles\i386\kbdinben.dll+ 2004-08-04 05:56:12 6,656 ------w c:\windows\ServicePackFiles\i386\kbdinmal.dll+ 2004-08-04 05:56:12 5,632 ------w c:\windows\ServicePackFiles\i386\kbdmaori.dll+ 2004-08-04 05:56:12 6,144 ------w c:\windows\ServicePackFiles\i386\kbdmlt47.dll+ 2004-08-04 05:56:12 6,144 ------w c:\windows\ServicePackFiles\i386\kbdmlt48.dll+ 2004-08-04 05:56:12 7,168 ------w c:\windows\ServicePackFiles\i386\kbdno1.dll+ 2004-08-04 05:56:12 7,680 ------w c:\windows\ServicePackFiles\i386\kbdsmsfi.dll+ 2004-08-04 05:56:12 7,680 ------w c:\windows\ServicePackFiles\i386\kbdsmsno.dll+ 2004-08-04 05:56:12 7,168 ------w c:\windows\ServicePackFiles\i386\kbdukx.dll+ 2004-08-04 03:59:24 7,424 ------w c:\windows\ServicePackFiles\i386\kd1394.dll+ 2004-08-04 05:56:44 294,400 ------w c:\windows\ServicePackFiles\i386\kerberos.dll+ 2004-08-04 05:56:44 983,552 ------w c:\windows\ServicePackFiles\i386\kernel32.dll+ 2004-08-04 03:46:56 42,537 ------w c:\windows\ServicePackFiles\i386\keyboard.sys+ 2004-08-04 05:56:44 150,528 ------w c:\windows\ServicePackFiles\i386\keymgr.dll+ 2004-08-04 04:07:50 171,776 ------w c:\windows\ServicePackFiles\i386\kmixer.sys+ 2004-08-04 03:49:34 92,224 ------w c:\windows\ServicePackFiles\i386\krnl386.exe+ 2004-08-04 05:56:44 24,576 ------w c:\windows\ServicePackFiles\i386\krnlprov.dll+ 2004-08-04 04:15:22 140,928 ------w c:\windows\ServicePackFiles\i386\ks.sys+ 2004-08-04 03:59:48 92,032 ------w c:\windows\ServicePackFiles\i386\ksecdd.sys+ 2004-08-04 05:56:44 4,096 ------w c:\windows\ServicePackFiles\i386\ksuser.dll+ 2004-08-04 03:31:52 97,792 ------w c:\windows\ServicePackFiles\i386\lang\chtmbx.dll+ 2004-08-04 03:31:54 56,320 ------w c:\windows\ServicePackFiles\i386\lang\chtskdic.dll+ 2004-08-04 03:31:54 173,568 ------w c:\windows\ServicePackFiles\i386\lang\chtskf.dll+ 2004-08-04 03:31:54 198,656 ------w c:\windows\ServicePackFiles\i386\lang\cintime.dll+ 2004-08-04 03:31:56 480,256 ------w c:\windows\ServicePackFiles\i386\lang\cintsetp.exe+ 2004-08-04 03:31:40 57,399 ------w c:\windows\ServicePackFiles\i386\lang\cplexe.exe+ 2004-08-04 04:04:38 106,496 ------w c:\windows\ServicePackFiles\i386\lang\imekrcic.dll+ 2004-08-04 04:04:34 86,016 ------w c:\windows\ServicePackFiles\i386\lang\imekrmbx.dll+ 2004-08-04 03:31:50 811,064 ------w c:\windows\ServicePackFiles\i386\lang\imjp81k.dll+ 2004-08-04 03:31:52 368,696 ------w c:\windows\ServicePackFiles\i386\lang\imjpcic.dll+ 2004-08-04 03:31:52 716,856 ------w c:\windows\ServicePackFiles\i386\lang\imjpcus.dll+ 2004-08-04 03:31:54 81,976 ------w c:\windows\ServicePackFiles\i386\lang\imjpdct.dll+ 2004-08-04 03:31:54 307,257 ------w c:\windows\ServicePackFiles\i386\lang\imjpdct.exe+ 2004-08-04 03:31:56 155,705 ------w c:\windows\ServicePackFiles\i386\lang\imjpdsvr.exe+ 2004-08-04 03:31:58 196,665 ------w c:\windows\ServicePackFiles\i386\lang\imjpinst.exe+ 2004-08-04 03:32:00 208,952 ------w c:\windows\ServicePackFiles\i386\lang\imjpmig.exe+ 2004-08-04 03:32:12 233,527 ------w c:\windows\ServicePackFiles\i386\lang\imjprw.exe+ 2004-08-04 03:32:16 262,200 ------w c:\windows\ServicePackFiles\i386\lang\imjputy.exe+ 2004-08-04 03:32:16 274,489 ------w c:\windows\ServicePackFiles\i386\lang\imjputyc.dll+ 2004-08-04 03:32:28 102,456 ------w c:\windows\ServicePackFiles\i386\lang\imlang.dll+ 2004-08-04 03:31:50 59,392 ------w c:\windows\ServicePackFiles\i386\lang\imscinst.exe+ 2004-08-04 03:32:12 15,872 ------w c:\windows\ServicePackFiles\i386\lang\padrs404.dll+ 2004-08-04 03:31:50 15,360 ------w c:\windows\ServicePackFiles\i386\lang\padrs804.dll+ 2004-08-04 03:31:50 175,104 ------w c:\windows\ServicePackFiles\i386\lang\pintlcsa.dll+ 2004-08-04 03:31:50 53,760 ------w c:\windows\ServicePackFiles\i386\lang\pintlcsd.dll+ 2004-08-04 03:31:50 70,144 ------w c:\windows\ServicePackFiles\i386\lang\pintlphr.exe+ 2004-08-04 03:31:50 67,584 ------w c:\windows\ServicePackFiles\i386\lang\pmigrate.dll+ 2004-08-04 03:32:16 44,032 ------w c:\windows\ServicePackFiles\i386\lang\tintlphr.exe+ 2004-08-04 03:32:16 455,168 ------w c:\windows\ServicePackFiles\i386\lang\tintsetp.exe+ 2004-08-04 03:32:14 10,240 ------w c:\windows\ServicePackFiles\i386\lang\tmigrate.dll+ 2004-08-04 04:04:12 76,288 ------w c:\windows\ServicePackFiles\i386\lang\uniime.dll+ 2004-08-04 03:32:36 426,041 ------w c:\windows\ServicePackFiles\i386\lang\voicepad.dll+ 2004-08-04 03:32:36 86,073 ------w c:\windows\ServicePackFiles\i386\lang\voicesub.dll+ 2004-08-04 05:56:44 6,656 ------w c:\windows\ServicePackFiles\i386\laprxy.dll+ 2004-08-04 03:59:34 34,688 ------w c:\windows\ServicePackFiles\i386\lbrtfdc.sys+ 2004-08-04 05:56:44 423,936 ------w c:\windows\ServicePackFiles\i386\licdll.dll+ 2004-08-04 05:56:44 22,016 ------w c:\windows\ServicePackFiles\i386\licmgr10.dll+ 2004-08-04 05:56:44 58,880 ------w c:\windows\ServicePackFiles\i386\licwmi.dll+ 2004-08-04 05:56:44 18,944 ------w c:\windows\ServicePackFiles\i386\linkinfo.dll+ 2004-08-04 05:56:44 13,824 ------w c:\windows\ServicePackFiles\i386\lmhsvc.dll+ 2004-08-04 05:56:44 33,792 ------w c:\windows\ServicePackFiles\i386\lmmib2.dll+ 2004-08-04 05:56:44 399,872 ------w c:\windows\ServicePackFiles\i386\lmrt.dll+ 2004-08-04 05:56:44 97,280 ------w c:\windows\ServicePackFiles\i386\loadperf.dll+ 2004-08-04 05:56:44 221,696 ------w c:\windows\ServicePackFiles\i386\localsec.dll+ 2004-08-04 05:56:44 341,504 ------w c:\windows\ServicePackFiles\i386\localspl.dll+ 2004-08-04 05:56:44 11,776 ------w c:\windows\ServicePackFiles\i386\localui.dll+ 2004-08-04 05:56:52 75,264 ------w c:\windows\ServicePackFiles\i386\locator.exe+ 2004-08-04 05:56:44 19,968 ------w c:\windows\ServicePackFiles\i386\log.dll+ 2004-08-04 05:56:52 103,936 ------w c:\windows\ServicePackFiles\i386\logagent.exe+ 2004-08-04 05:56:52 59,392 ------w c:\windows\ServicePackFiles\i386\logman.exe+ 2004-08-04 05:56:58 220,672 ------w c:\windows\ServicePackFiles\i386\logon.scr+ 2004-08-04 05:56:52 514,560 ------w c:\windows\ServicePackFiles\i386\logonui.exe+ 2004-08-04 05:56:44 22,528 ------w c:\windows\ServicePackFiles\i386\lpdsvc.dll+ 2004-08-04 05:56:44 22,016 ------w c:\windows\ServicePackFiles\i386\lpk.dll+ 2004-08-04 05:56:44 10,240 ------w c:\windows\ServicePackFiles\i386\lprhelp.dll+ 2004-08-04 05:56:44 18,944 ------w c:\windows\ServicePackFiles\i386\lprmon.dll+ 2004-08-04 05:56:44 721,920 ------w c:\windows\ServicePackFiles\i386\lsasrv.dll+ 2004-08-04 05:56:52 13,312 ------w c:\windows\ServicePackFiles\i386\lsass.exe+ 2004-08-04 03:41:36 606,684 ------w c:\windows\ServicePackFiles\i386\ltmdmnt.sys+ 2004-08-04 03:41:38 420,992 ------w c:\windows\ServicePackFiles\i386\ltmdmntt.sys+ 2004-08-04 04:00:08 7,040 ------w c:\windows\ServicePackFiles\i386\ltotape.sys+ 2004-08-04 03:39:32 20,864 ------w c:\windows\ServicePackFiles\i386\lwadihid.sys+ 2004-08-04 05:56:52 72,704 ------w c:\windows\ServicePackFiles\i386\magnify.exe+ 2004-08-04 05:56:52 85,504 ------w c:\windows\ServicePackFiles\i386\makecab.exe+ 2004-08-04 05:56:44 14,848 ------w c:\windows\ServicePackFiles\i386\mcastmib.dll+ 2004-08-04 05:56:44 84,480 ------w c:\windows\ServicePackFiles\i386\mciavi32.dll+ 2004-08-04 05:56:44 35,328 ------w c:\windows\ServicePackFiles\i386\mciqtz32.dll+ 2004-08-04 05:56:44 23,040 ------w c:\windows\ServicePackFiles\i386\mciseq.dll+ 2004-08-04 05:56:44 23,552 ------w c:\windows\ServicePackFiles\i386\mciwave.dll+ 2004-08-04 05:56:44 118,272 ------w c:\windows\ServicePackFiles\i386\mdminst.dll+ 2004-08-04 05:56:44 86,016 ------w c:\windows\ServicePackFiles\i386\mdmxsdk.dll+ 2004-08-04 03:41:56 11,868 ------w c:\windows\ServicePackFiles\i386\mdmxsdk.sys+ 2004-08-04 04:00:50 26,112 ------w c:\windows\ServicePackFiles\i386\memstpci.sys+ 2004-08-04 04:07:46 63,744 ------w c:\windows\ServicePackFiles\i386\mf.sys+ 2004-08-04 05:56:44 39,936 ------w c:\windows\ServicePackFiles\i386\mf3216.dll+ 2004-08-04 05:56:44 1,028,096 ------w c:\windows\ServicePackFiles\i386\mfc42.dll+ 2004-08-04 05:56:44 1,024,000 ------w c:\windows\ServicePackFiles\i386\mfc42u.dll+ 2004-08-04 05:56:44 22,528 ------w c:\windows\ServicePackFiles\i386\mfcsubs.dll+ 2004-08-04 05:56:44 14,848 ------w c:\windows\ServicePackFiles\i386\mgmtapi.dll+ 2004-08-04 05:56:44 18,944 ------w c:\windows\ServicePackFiles\i386\midimap.dll+ 2004-08-04 05:56:44 201,216 ------w c:\windows\ServicePackFiles\i386\migism.dll+ 2004-08-04 05:56:44 192,512 ------w c:\windows\ServicePackFiles\i386\migism_a.dll+ 2004-08-04 05:56:44 60,928 ------w c:\windows\ServicePackFiles\i386\miglibnt.dll+ 2004-08-04 05:56:52 103,424 ------w c:\windows\ServicePackFiles\i386\migload.exe+ 2004-08-04 05:56:52 786,432 ------w c:\windows\ServicePackFiles\i386\migrate.exe+ 2004-08-04 05:56:52 7,680 ------w c:\windows\ServicePackFiles\i386\migregdb.exe+ 2004-08-04 05:56:52 240,128 ------w c:\windows\ServicePackFiles\i386\migwiz.exe+ 2004-08-04 05:56:52 236,032 ------w c:\windows\ServicePackFiles\i386\migwiz_a.exe+ 2004-08-04 05:56:44 586,240 ------w c:\windows\ServicePackFiles\i386\mlang.dll+ 2004-08-04 05:56:52 815,104 ------w c:\windows\ServicePackFiles\i386\mmc.exe+ 2004-08-04 05:56:44 70,656 ------w c:\windows\ServicePackFiles\i386\mmcbase.dll+ 2004-08-04 05:56:44 1,192,960 ------w c:\windows\ServicePackFiles\i386\mmcndmgr.dll+ 2004-08-04 05:56:44 50,688 ------w c:\windows\ServicePackFiles\i386\mmcshext.dll+ 2004-08-04 05:56:44 17,408 ------w c:\windows\ServicePackFiles\i386\mmfutil.dll+ 2004-08-04 03:51:12 68,768 ------w c:\windows\ServicePackFiles\i386\mmsystem.dll+ 2004-08-04 05:56:44 34,560 ------w c:\windows\ServicePackFiles\i386\mnmdd.dll+ 2004-08-04 05:56:52 32,768 ------w c:\windows\ServicePackFiles\i386\mnmsrvc.exe+ 2004-08-04 05:56:44 207,360 ------w c:\windows\ServicePackFiles\i386\mobsync.dll+ 2004-08-04 05:56:52 143,360 ------w c:\windows\ServicePackFiles\i386\mobsync.exe+ 2004-08-04 04:08:06 30,080 ------w c:\windows\ServicePackFiles\i386\modem.sys+ 2004-08-04 05:56:44 153,600 ------w c:\windows\ServicePackFiles\i386\modemui.dll+ 2004-08-04 05:56:52 16,384 ------w c:\windows\ServicePackFiles\i386\mofcomp.exe+ 2004-08-04 05:56:44 123,904 ------w c:\windows\ServicePackFiles\i386\mofd.dll+ 2004-08-04 05:56:12 216,064 ------w c:\windows\ServicePackFiles\i386\moricons.dll+ 2004-08-04 03:58:34 23,040 ------w c:\windows\ServicePackFiles\i386\mouclass.sys+ 2004-08-04 03:58:32 42,240 ------w c:\windows\ServicePackFiles\i386\mountmgr.sys+ 2004-08-04 05:56:54 3,555,328 ------w c:\windows\ServicePackFiles\i386\moviemk.exe+ 2004-08-04 05:56:44 310,272 ------w c:\windows\ServicePackFiles\i386\mp43dmod.dll+ 2004-08-04 05:56:44 384,512 ------w c:\windows\ServicePackFiles\i386\mp4sdmod.dll+ 2004-08-04 04:10:14 15,360 ------w c:\windows\ServicePackFiles\i386\mpe.sys+ 2004-08-04 05:56:44 240,640 ------w c:\windows\ServicePackFiles\i386\mpg4dmod.dll+ 2004-08-04 05:56:54 123,392 ------w c:\windows\ServicePackFiles\i386\mplay32.exe+ 2004-08-04 05:56:54 4,639 ------w c:\windows\ServicePackFiles\i386\mplayer2.exe+ 2004-08-04 05:56:44 59,904 ------w c:\windows\ServicePackFiles\i386\mpr.dll+ 2004-08-04 05:56:44 87,040 ------w c:\windows\ServicePackFiles\i386\mprapi.dll+ 2004-08-04 05:56:44 368,640 ------w c:\windows\ServicePackFiles\i386\mpvis.dll+ 2004-08-04 04:00:58 181,248 ------w c:\windows\ServicePackFiles\i386\mrxdav.sys+ 2004-08-04 04:15:18 451,456 ------w c:\windows\ServicePackFiles\i386\mrxsmb.sys+ 2004-08-04 05:56:44 71,680 ------w c:\windows\ServicePackFiles\i386\msacm32.dll+ 2004-08-04 05:56:44 331,776 ------w c:\windows\ServicePackFiles\i386\msadce.dll+ 2004-08-04 05:56:14 20,480 ------w c:\windows\ServicePackFiles\i386\msadcer.dll+ 2004-08-04 05:56:44 61,440 ------w c:\windows\ServicePackFiles\i386\msadcf.dll+ 2004-08-04 05:56:14 16,384 ------w c:\windows\ServicePackFiles\i386\msadcfr.dll+ 2004-08-04 05:56:44 143,360 ------w c:\windows\ServicePackFiles\i386\msadco.dll+ 2004-08-04 05:56:14 16,384 ------w c:\windows\ServicePackFiles\i386\msadcor.dll+ 2004-08-04 05:56:44 53,248 ------w c:\windows\ServicePackFiles\i386\msadcs.dll+ 2004-08-04 05:56:44 155,648 ------w c:\windows\ServicePackFiles\i386\msadds.dll+ 2004-08-04 05:56:14 24,576 ------w c:\windows\ServicePackFiles\i386\msaddsr.dll+ 2004-08-04 05:56:14 24,576 ------w c:\windows\ServicePackFiles\i386\msader15.dll+ 2004-08-04 05:56:44 536,576 ------w c:\windows\ServicePackFiles\i386\msado15.dll+ 2004-08-04 05:56:44 180,224 ------w c:\windows\ServicePackFiles\i386\msadomd.dll+ 2004-08-04 05:56:44 57,344 ------w c:\windows\ServicePackFiles\i386\msador15.dll+ 2004-08-04 05:56:44 200,704 ------w c:\windows\ServicePackFiles\i386\msadox.dll+ 2004-08-04 05:56:44 57,344 ------w c:\windows\ServicePackFiles\i386\msadrh15.dll+ 2004-08-04 05:56:14 3,584 ------w c:\windows\ServicePackFiles\i386\msafd.dll+ 2004-08-04 05:56:44 86,016 ------w c:\windows\ServicePackFiles\i386\msapsspc.dll+ 2004-08-04 05:56:44 57,344 ------w c:\windows\ServicePackFiles\i386\msasn1.dll+ 2004-08-04 05:56:44 220,160 ------w c:\windows\ServicePackFiles\i386\mscandui.dll+ 2004-08-04 05:56:44 73,728 ------w c:\windows\ServicePackFiles\i386\mscms.dll+ 2004-08-04 05:56:44 69,632 ------w c:\windows\ServicePackFiles\i386\msconf.dll+ 2004-08-04 05:56:54 158,208 ------w c:\windows\ServicePackFiles\i386\msconfig.exe+ 2004-07-17 16:42:20 116,288 ------w c:\windows\ServicePackFiles\i386\msconv97.dll+ 2004-08-04 05:56:14 12,288 ------w c:\windows\ServicePackFiles\i386\mscpx32r.dll+ 2004-08-04 05:56:44 36,864 ------w c:\windows\ServicePackFiles\i386\mscpxl32.dll+ 2004-08-04 05:56:44 294,400 ------w c:\windows\ServicePackFiles\i386\msctf.dll+ 2004-08-04 05:56:44 69,120 ------w c:\windows\ServicePackFiles\i386\msctfp.dll+ 2004-08-04 05:56:44 4,096 ------w c:\windows\ServicePackFiles\i386\msdadc.dll+ 2004-08-04 05:56:44 118,784 ------w c:\windows\ServicePackFiles\i386\msdadiag.dll+ 2004-08-04 05:56:44 4,096 ------w c:\windows\ServicePackFiles\i386\msdaenum.dll+ 2004-08-04 05:56:44 4,096 ------w c:\windows\ServicePackFiles\i386\msdaer.dll+ 2004-08-04 05:56:44 532,480 ------w c:\windows\ServicePackFiles\i386\msdaipp.dll+ 2004-08-04 05:56:44 233,472 ------w c:\windows\ServicePackFiles\i386\msdaora.dll+ 2004-08-04 05:56:14 16,384 ------w c:\windows\ServicePackFiles\i386\msdaorar.dll+ 2004-08-04 05:56:44 77,824 ------w c:\windows\ServicePackFiles\i386\msdaosp.dll+ 2004-08-04 05:56:14 16,384 ------w c:\windows\ServicePackFiles\i386\msdaprsr.dll+ 2004-08-04 05:56:44 200,704 ------w c:\windows\ServicePackFiles\i386\msdaprst.dll+ 2004-08-04 05:56:44 204,800 ------w c:\windows\ServicePackFiles\i386\msdaps.dll+ 2004-08-04 05:56:44 118,784 ------w c:\windows\ServicePackFiles\i386\msdarem.dll+ 2004-08-04 05:56:14 16,384 ------w c:\windows\ServicePackFiles\i386\msdaremr.dll+ 2004-08-04 05:56:44 151,552 ------w c:\windows\ServicePackFiles\i386\msdart.dll+ 2004-08-04 05:56:44 4,096 ------w c:\windows\ServicePackFiles\i386\msdasc.dll+ 2004-08-04 05:56:44 315,392 ------w c:\windows\ServicePackFiles\i386\msdasql.dll+ 2004-08-04 05:56:14 16,384 ------w c:\windows\ServicePackFiles\i386\msdasqlr.dll+ 2004-08-04 05:56:44 94,208 ------w c:\windows\ServicePackFiles\i386\msdatl3.dll+ 2004-08-04 05:56:44 20,480 ------w c:\windows\ServicePackFiles\i386\msdatt.dll+ 2004-08-04 05:56:44 4,096 ------w c:\windows\ServicePackFiles\i386\msdaurl.dll+ 2004-08-04 05:56:44 36,864 ------w c:\windows\ServicePackFiles\i386\msdfmap.dll+ 2004-08-04 05:56:44 14,336 ------w c:\windows\ServicePackFiles\i386\msdmo.dll+ 2004-08-04 05:56:54 6,144 ------w c:\windows\ServicePackFiles\i386\msdtc.exe+ 2004-08-04 05:56:44 58,880 ------w c:\windows\ServicePackFiles\i386\msdtclog.dll+ 2004-08-04 05:56:44 425,472 ------w c:\windows\ServicePackFiles\i386\msdtcprx.dll+ 2004-08-04 05:56:44 949,248 ------w c:\windows\ServicePackFiles\i386\msdtctm.dll+ 2004-08-04 05:56:44 161,280 ------w c:\windows\ServicePackFiles\i386\msdtcuiu.dll+ 2004-08-04 04:10:00 51,328 ------w c:\windows\ServicePackFiles\i386\msdv.sys+ 2004-08-04 05:56:14 4,126 ------w c:\windows\ServicePackFiles\i386\msdxmlc.dll+ 2004-08-04 05:56:44 512,029 ------w c:\windows\ServicePackFiles\i386\msexch40.dll+ 2004-08-04 05:56:44 319,517 ------w c:\windows\ServicePackFiles\i386\msexcl40.dll+ 2004-08-04 04:00:42 19,072 ------w c:\windows\ServicePackFiles\i386\msfs.sys+ 2004-08-04 05:56:44 537,088 ------w c:\windows\ServicePackFiles\i386\msftedit.dll+ 2004-08-04 05:56:44 994,304 ------w c:\windows\ServicePackFiles\i386\msgina.dll+ 2004-08-04 04:04:14 35,072 ------w c:\windows\ServicePackFiles\i386\msgpc.sys+ 2004-08-04 05:56:44 3,166,208 ------w c:\windows\ServicePackFiles\i386\msgr3en.dll+ 2004-08-04 05:56:44 15,360 ------w c:\windows\ServicePackFiles\i386\msgrocm.dll+ 2004-08-04 05:56:44 82,944 ------w c:\windows\ServicePackFiles\i386\msgsc.dll+ 2004-08-04 05:56:14 180,224 ------w c:\windows\ServicePackFiles\i386\msgslang.dll+ 2004-08-04 05:56:44 33,792 ------w c:\windows\ServicePackFiles\i386\msgsvc.dll+ 2004-08-04 05:56:58 188,416 ------w c:\windows\ServicePackFiles\i386\msh261.drv+ 2004-08-04 05:56:58 294,912 ------w c:\windows\ServicePackFiles\i386\msh263.drv+ 2004-08-04 05:56:54 29,184 ------w c:\windows\ServicePackFiles\i386\mshta.exe+ 2004-08-04 05:56:44 3,003,392 ------w c:\windows\ServicePackFiles\i386\mshtml.dll+ 2004-08-04 05:56:44 448,512 ------w c:\windows\ServicePackFiles\i386\mshtmled.dll+ 2004-08-04 05:56:16 56,832 ------w c:\windows\ServicePackFiles\i386\mshtmler.dll+ 2004-08-04 05:56:44 2,804,224 ------w c:\windows\ServicePackFiles\i386\msi.dll+ 2004-08-04 05:56:44 51,712 ------w c:\windows\ServicePackFiles\i386\msident.dll+ 2004-08-04 05:56:44 6,656 ------w c:\windows\ServicePackFiles\i386\msidle.dll+ 2004-08-04 05:56:44 248,832 ------w c:\windows\ServicePackFiles\i386\msieftp.dll+ 2004-08-04 05:56:54 77,312 ------w c:\windows\ServicePackFiles\i386\msiexec.exe+ 2004-08-04 05:56:44 331,264 ------w c:\windows\ServicePackFiles\i386\msihnd.dll+ 2004-08-04 05:56:44 4,608 ------w c:\windows\ServicePackFiles\i386\msimg32.dll+ 2004-08-04 05:56:54 60,416 ------w c:\windows\ServicePackFiles\i386\msimn.exe+ 2004-08-04 05:56:18 884,736 ------w c:\windows\ServicePackFiles\i386\msimsg.dll+ 2004-08-04 05:56:44 159,232 ------w c:\windows\ServicePackFiles\i386\msimtf.dll+ 2004-08-04 05:56:44 376,320 ------w c:\windows\ServicePackFiles\i386\msinfo.dll+ 2004-08-04 04:00:48 22,016 ------w c:\windows\ServicePackFiles\i386\msircomm.sys+ 2004-08-04 05:56:54 40,960 ------w c:\windows\ServicePackFiles\i386\msiregmv.exe+ 2004-08-04 05:56:44 44,032 ------w c:\windows\ServicePackFiles\i386\msisip.dll+ 2004-08-04 05:56:44 1,507,356 ------w c:\windows\ServicePackFiles\i386\msjet40.dll+ 2004-07-17 16:34:48 358,976 ------w c:\windows\ServicePackFiles\i386\msjetol1.dll+ 2004-08-04 05:56:44 151,583 ------w c:\windows\ServicePackFiles\i386\msjint40.dll+ 2004-08-04 05:56:44 102,400 ------w c:\windows\ServicePackFiles\i386\msjro.dll+ 2004-08-04 05:56:44 53,279 ------w c:\windows\ServicePackFiles\i386\msjter40.dll+ 2004-08-04 05:56:44 241,693 ------w c:\windows\ServicePackFiles\i386\msjtes40.dll+ 2004-08-04 03:58:42 7,552 ------w c:\windows\ServicePackFiles\i386\mskssrv.sys+ 2004-08-04 05:56:44 25,088 ------w c:\windows\ServicePackFiles\i386\mslbui.dll+ 2004-08-04 05:56:44 213,023 ------w c:\windows\ServicePackFiles\i386\msltus40.dll+ 2004-08-04 05:56:44 39,936 ------w c:\windows\ServicePackFiles\i386\mslwvtts.dll+ 2004-08-04 05:56:54 1,667,584 ------w c:\windows\ServicePackFiles\i386\msmsgs.exe+ 2004-08-04 05:57:02 259,072 ------w c:\windows\ServicePackFiles\i386\msnetobj.dll+ 2004-08-04 05:56:44 290,816 ------w c:\windows\ServicePackFiles\i386\msnsspc.dll+ 2004-08-04 05:56:44 122,368 ------w c:\windows\ServicePackFiles\i386\msobcomm.dll+ 2004-08-04 05:56:44 16,384 ------w c:\windows\ServicePackFiles\i386\msobdl.dll+ 2004-08-04 05:56:44 561,664 ------w c:\windows\ServicePackFiles\i386\msobmain.dll+ 2004-08-04 05:56:44 30,720 ------w c:\windows\ServicePackFiles\i386\msobshel.dll+ 2004-08-04 05:56:44 18,944 ------w c:\windows\ServicePackFiles\i386\msobweb.dll+ 2004-08-04 05:56:44 1,311,232 ------w c:\windows\ServicePackFiles\i386\msoe.dll+ 2004-08-04 05:56:44 252,928 ------w c:\windows\ServicePackFiles\i386\msoeacct.dll+ 2004-08-04 05:56:20 2,479,616 ------w c:\windows\ServicePackFiles\i386\msoeres.dll+ 2004-08-04 05:56:44 105,984 ------w c:\windows\ServicePackFiles\i386\msoert2.dll+ 2004-08-04 05:56:20 20,480 ------w c:\windows\ServicePackFiles\i386\msorc32r.dll+ 2004-08-04 05:56:44 143,360 ------w c:\windows\ServicePackFiles\i386\msorcl32.dll+ 2004-08-04 05:56:54 343,040 ------w c:\windows\ServicePackFiles\i386\mspaint.exe+ 2004-08-04 05:56:44 30,208 ------w c:\windows\ServicePackFiles\i386\mspatcha.dll+ 2004-08-04 05:56:44 348,189 ------w c:\windows\ServicePackFiles\i386\mspbde40.dll+ 2004-08-04 03:58:40 5,376 ------w c:\windows\ServicePackFiles\i386\mspclock.sys+ 2004-08-04 05:56:44 52,224 ------w c:\windows\ServicePackFiles\i386\mspmsnsv.dll+ 2004-08-04 05:56:44 201,728 ------w c:\windows\ServicePackFiles\i386\mspmsp.dll+ 2004-08-04 03:58:42 4,992 ------w c:\windows\ServicePackFiles\i386\mspqm.sys+ 2004-08-04 05:56:20 48,128 ------w c:\windows\ServicePackFiles\i386\msprivs.dll+ 2004-08-04 05:56:44 146,432 ------w c:\windows\ServicePackFiles\i386\msrating.dll+ 2004-08-04 05:56:44 421,919 ------w c:\windows\ServicePackFiles\i386\msrd2x40.dll+ 2004-08-04 05:56:44 315,423 ------w c:\windows\ServicePackFiles\i386\msrd3x40.dll+ 2004-08-04 05:56:44 552,989 ------w c:\windows\ServicePackFiles\i386\msrepl40.dll+ 2004-08-04 05:56:44 11,264 ------w c:\windows\ServicePackFiles\i386\msrle32.dll+ 2004-08-04 05:56:44 134,656 ------w c:\windows\ServicePackFiles\i386\mssap.dll+ 2004-08-04 05:57:02 356,352 ------w c:\windows\ServicePackFiles\i386\msscp.dll+ 2004-08-04 04:07:48 15,488 ------w c:\windows\ServicePackFiles\i386\mssmbios.sys+ 2004-08-04 05:56:44 274,432 ------w c:\windows\ServicePackFiles\i386\mst120.dll+ 2004-08-04 05:56:44 57,344 ------w c:\windows\ServicePackFiles\i386\mst123.dll+ 2004-08-04 04:10:00 49,024 ------w c:\windows\ServicePackFiles\i386\mstape.sys+ 2004-08-04 05:56:44 274,944 ------w c:\windows\ServicePackFiles\i386\mstask.dll+ 2004-08-04 03:58:40 5,504 ------w c:\windows\ServicePackFiles\i386\mstee.sys+ 2004-08-04 05:56:44 258,077 ------w c:\windows\ServicePackFiles\i386\mstext40.dll+ 2004-08-04 05:56:44 530,432 ------w c:\windows\ServicePackFiles\i386\mstime.dll+ 2004-08-04 05:56:54 12,288 ------w c:\windows\ServicePackFiles\i386\mstinit.exe+ 2004-08-04 05:56:44 115,712 ------w c:\windows\ServicePackFiles\i386\mstlsapi.dll+ 2004-08-04 03:59:42 407,552 ------w c:\windows\ServicePackFiles\i386\mstsc.exe+ 2004-08-04 03:59:44 655,360 ------w c:\windows\ServicePackFiles\i386\mstscax.dll+ 2004-08-04 05:56:44 195,072 ------w c:\windows\ServicePackFiles\i386\msutb.dll+ 2004-08-04 05:56:44 129,536 ------w c:\windows\ServicePackFiles\i386\msv1_0.dll+ 2004-08-04 05:56:44 1,392,671 ------w c:\windows\ServicePackFiles\i386\msvbvm60.dll+ 2004-08-04 05:56:44 54,784 ------w c:\windows\ServicePackFiles\i386\msvcirt.dll+ 2004-08-04 05:56:44 413,696 ------w c:\windows\ServicePackFiles\i386\msvcp60.dll+ 2004-08-04 05:56:44 343,040 ------w c:\windows\ServicePackFiles\i386\msvcrt.dll+ 2004-08-04 03:58:26 61,440 ------w c:\windows\ServicePackFiles\i386\msvcrt40.dll+ 2004-08-04 05:56:44 120,832 ------w c:\windows\ServicePackFiles\i386\msvfw32.dll+ 2004-08-04 05:56:44 1,428,480 ------w c:\windows\ServicePackFiles\i386\msvidctl.dll+ 2004-08-04 05:56:44 72,704 ------w c:\windows\ServicePackFiles\i386\msw3prt.dll+ 2004-08-04 05:56:46 831,519 ------w c:\windows\ServicePackFiles\i386\mswdat10.dll+ 2004-08-04 05:56:46 204,288 ------w c:\windows\ServicePackFiles\i386\mswebdvd.dll+ 2004-08-04 05:56:46 245,760 ------w c:\windows\ServicePackFiles\i386\mswmdm.dll+ 2004-08-04 05:56:46 245,248 ------w c:\windows\ServicePackFiles\i386\mswsock.dll+ 2004-08-04 05:56:46 614,429 ------w c:\windows\ServicePackFiles\i386\mswstr10.dll+ 2004-08-04 05:56:46 24,576 ------w c:\windows\ServicePackFiles\i386\msxactps.dll+ 2004-08-04 05:56:46 348,189 ------w c:\windows\ServicePackFiles\i386\msxbde40.dll+ 2004-08-04 05:56:46 506,368 ------w c:\windows\ServicePackFiles\i386\msxml.dll+ 2004-08-04 05:56:46 701,440 ------w c:\windows\ServicePackFiles\i386\msxml2.dll+ 2004-08-04 05:56:46 1,236,480 ------w c:\windows\ServicePackFiles\i386\msxml3.dll+ 2004-08-04 05:56:46 17,408 ------w c:\windows\ServicePackFiles\i386\msyuv.dll+ 2004-08-04 03:41:40 126,686 ------w c:\windows\ServicePackFiles\i386\mtlmnt5.sys+ 2004-08-04 03:41:38 1,309,184 ------w c:\windows\ServicePackFiles\i386\mtlstrm.sys+ 2004-08-04 05:56:46 66,560 ------w c:\windows\ServicePackFiles\i386\mtxclu.dll+ 2004-08-04 05:56:46 90,112 ------w c:\windows\ServicePackFiles\i386\mtxoci.dll+ 2004-08-04 05:56:46 1,737,856 ------w c:\windows\ServicePackFiles\i386\mtxparhd.dll+ 2004-08-04 03:29:38 452,736 ------w c:\windows\ServicePackFiles\i386\mtxparhm.sys+ 2004-08-04 05:56:54 90,624 ------w c:\windows\ServicePackFiles\i386\muisetup.exe+ 2004-08-04 04:15:22 107,904 ------w c:\windows\ServicePackFiles\i386\mup.sys+ 2004-08-04 04:04:52 12,672 ------w c:\windows\ServicePackFiles\i386\mutohpen.sys+ 2004-08-04 05:56:46 90,624 ------w c:\windows\ServicePackFiles\i386\mydocs.dll+ 2004-08-04 04:10:30 85,376 ------w c:\windows\ServicePackFiles\i386\nabtsfec.sys+ 2004-08-04 05:56:46 221,184 ------w c:\windows\ServicePackFiles\i386\nac.dll+ 2004-08-04 05:56:56 53,760 ------w c:\windows\ServicePackFiles\i386\narrator.exe+ 2004-08-04 05:56:46 36,352 ------w c:\windows\ServicePackFiles\i386\ncobjapi.dll+ 2004-08-04 05:56:46 47,104 ------w c:\windows\ServicePackFiles\i386\ncprov.dll+ 2004-08-04 05:56:46 9,728 ------w c:\windows\ServicePackFiles\i386\ncpsres.dll+ 2004-08-04 05:56:46 17,920 ------w c:\windows\ServicePackFiles\i386\nddeapi.dll+ 2004-08-04 05:56:56 4,096 ------w c:\windows\ServicePackFiles\i386\nddeapir.exe+ 2004-08-04 05:56:46 18,944 ------w c:\windows\ServicePackFiles\i386\nddenb32.dll+ 2004-08-04 04:14:30 182,912 ------w c:\windows\ServicePackFiles\i386\ndis.sys+ 2004-08-04 04:10:14 10,880 ------w c:\windows\ServicePackFiles\i386\ndisip.sys+ 2004-08-04 05:56:46 57,344 ------w c:\windows\ServicePackFiles\i386\ndisnpp.dll+ 2004-08-04 04:03:14 12,928 ------w c:\windows\ServicePackFiles\i386\ndisuio.sys+ 2004-08-04 04:14:32 91,776 ------w c:\windows\ServicePackFiles\i386\ndiswan.sys+ 2004-08-04 05:56:56 42,496 ------w c:\windows\ServicePackFiles\i386\net.exe+ 2004-08-04 05:56:56 124,928 ------w c:\windows\ServicePackFiles\i386\net1.exe+ 2004-08-04 05:56:46 332,288 ------w c:\windows\ServicePackFiles\i386\netapi32.dll+ 2004-08-04 04:03:22 34,560 ------w c:\windows\ServicePackFiles\i386\netbios.sys+ 2004-08-04 04:14:38 162,816 ------w c:\windows\ServicePackFiles\i386\netbt.sys+ 2004-08-04 05:56:46 622,080 ------w c:\windows\ServicePackFiles\i386\netcfgx.dll+ 2004-08-04 05:56:56 111,104 ------w c:\windows\ServicePackFiles\i386\netdde.exe+ 2004-08-04 05:56:46 139,264 ------w c:\windows\ServicePackFiles\i386\netid.dll+ 2004-08-04 05:56:46 407,040 ------w c:\windows\ServicePackFiles\i386\netlogon.dll+ 2004-08-04 05:56:46 198,144 ------w c:\windows\ServicePackFiles\i386\netman.dll+ 2004-08-04 05:56:46 77,312 ------w c:\windows\ServicePackFiles\i386\netoc.dll+ 2004-08-04 05:56:46 875,008 ------w c:\windows\ServicePackFiles\i386\netplwiz.dll+ 2004-08-04 05:56:46 12,288 ------w c:\windows\ServicePackFiles\i386\netrap.dll+ 2004-08-04 06:02:46 329,728 ------w c:\windows\ServicePackFiles\i386\netsetup.exe+ 2004-08-04 05:56:56 86,016 ------w c:\windows\ServicePackFiles\i386\netsh.exe+ 2004-08-04 05:56:46 1,708,032 ------w c:\windows\ServicePackFiles\i386\netshell.dll+ 2004-08-04 05:56:56 36,864 ------w c:\windows\ServicePackFiles\i386\netstat.exe+ 2004-08-04 05:56:46 80,896 ------w c:\windows\ServicePackFiles\i386\netui0.dll+ 2004-08-04 05:56:46 245,760 ------w c:\windows\ServicePackFiles\i386\netui1.dll+ 2004-08-04 03:31:42 132,695 ------w c:\windows\ServicePackFiles\i386\netwlan5.sys+ 2004-08-04 05:56:46 248,832 ------w c:\windows\ServicePackFiles\i386\newdev.dll+ 2004-08-04 03:58:30 61,824 ------w c:\windows\ServicePackFiles\i386\nic1394.sys+ 2004-08-04 05:56:46 103,936 ------w c:\windows\ServicePackFiles\i386\nlhtml.dll+ 2004-08-04 05:56:46 229,376 ------w c:\windows\ServicePackFiles\i386\nmas.dll+ 2004-08-04 05:56:46 28,672 ------w c:\windows\ServicePackFiles\i386\nmasnt.dll+ 2004-08-04 05:56:46 81,920 ------w c:\windows\ServicePackFiles\i386\nmchat.dll+ 2004-08-04 05:56:46 77,824 ------w c:\windows\ServicePackFiles\i386\nmcom.dll+ 2004-08-04 05:56:46 151,552 ------w c:\windows\ServicePackFiles\i386\nmft.dll+ 2004-08-04 05:56:46 28,672 ------w c:\windows\ServicePackFiles\i386\nmmkcert.dll+ 2004-08-04 03:59:52 40,320 ------w c:\windows\ServicePackFiles\i386\nmnt.sys+ 2004-08-04 05:56:46 172,032 ------w c:\windows\ServicePackFiles\i386\nmoldwb.dll+ 2004-08-04 05:56:46 188,416 ------w c:\windows\ServicePackFiles\i386\nmwb.dll+ 2004-08-04 05:56:56 69,120 ------w c:\windows\ServicePackFiles\i386\notepad.exe+ 2004-08-04 05:57:02 226,816 ------w c:\windows\ServicePackFiles\i386\npdrmv2.dll+ 2004-08-04 05:56:46 364,544 ------w c:\windows\ServicePackFiles\i386\npdsplay.dll+ 2004-08-04 04:00:44 30,848 ------w c:\windows\ServicePackFiles\i386\npfs.sys+ 2004-08-04 05:56:56 15,360 ------w c:\windows\ServicePackFiles\i386\nppagent.exe+ 2004-08-04 05:56:46 54,784 ------w c:\windows\ServicePackFiles\i386\npptools.dll+ 2004-08-04 05:56:46 10,240 ------w c:\windows\ServicePackFiles\i386\npwmsdrm.dll+ 2004-08-04 04:00:52 28,672 ------w c:\windows\ServicePackFiles\i386\nscirda.sys+ 2004-08-04 05:56:56 76,800 ------w c:\windows\ServicePackFiles\i386\nslookup.exe+ 2004-08-04 03:38:34 47,564 ------w c:\windows\ServicePackFiles\i386\ntdetect.com+ 2004-08-04 05:56:38 708,096 ------w c:\windows\ServicePackFiles\i386\ntdll.dll+ 2004-08-04 05:56:46 67,072 ------w c:\windows\ServicePackFiles\i386\ntdsapi.dll+ 2004-08-04 05:56:46 212,992 ------w c:\windows\ServicePackFiles\i386\ntevt.dll+ 2004-08-04 04:15:10 574,592 ------w c:\windows\ServicePackFiles\i386\ntfs.sys+ 2004-08-04 03:45:10 33,840 ------w c:\windows\ServicePackFiles\i386\ntio.sys+ 2004-08-04 03:45:16 34,560 ------w c:\windows\ServicePackFiles\i386\ntio404.sys+ 2004-08-04 03:45:12 35,648 ------w c:\windows\ServicePackFiles\i386\ntio411.sys+ 2004-08-04 03:45:16 35,424 ------w c:\windows\ServicePackFiles\i386\ntio412.sys+ 2004-08-04 03:45:14 34,560 ------w c:\windows\ServicePackFiles\i386\ntio804.sys+ 2004-08-04 04:18:32 2,148,352 ------w c:\windows\ServicePackFiles\i386\ntkrnlmp.exe+ 2004-08-04 03:59:00 2,056,832 ------w c:\windows\ServicePackFiles\i386\ntkrnlpa.exe+ 2004-08-04 03:59:02 2,015,232 ------w c:\windows\ServicePackFiles\i386\ntkrpamp.exe+ 2004-08-04 05:56:46 43,520 ------w c:\windows\ServicePackFiles\i386\ntlanman.dll+ 2004-08-04 05:56:46 8,192 ------w c:\windows\ServicePackFiles\i386\ntlsapi.dll+ 2004-08-04 05:56:46 118,784 ------w c:\windows\ServicePackFiles\i386\ntmarta.dll+ 2004-08-04 05:56:46 40,960 ------w c:\windows\ServicePackFiles\i386\ntmsapi.dll+ 2004-08-04 05:56:46 179,712 ------w c:\windows\ServicePackFiles\i386\ntmsdba.dll+ 2004-08-04 05:56:46 488,448 ------w c:\windows\ServicePackFiles\i386\ntmsmgr.dll+ 2004-08-04 05:56:46 435,200 ------w c:\windows\ServicePackFiles\i386\ntmssvc.dll+ 2004-08-04 03:41:40 180,360 ------w c:\windows\ServicePackFiles\i386\ntmtlfax.sys+ 2004-08-04 05:56:46 62,976 ------w c:\windows\ServicePackFiles\i386\ntoc.dll+ 2004-08-04 04:20:00 2,180,992 ------w c:\windows\ServicePackFiles\i386\ntoskrnl.exe+ 2004-08-04 05:56:46 91,136 ------w c:\windows\ServicePackFiles\i386\ntprint.dll+ 2004-08-04 05:56:46 143,872 ------w c:\windows\ServicePackFiles\i386\ntshrui.dll+ 2004-08-04 05:56:56 419,840 ------w c:\windows\ServicePackFiles\i386\ntvdm.exe+ 2004-08-04 05:56:46 4,274,816 ------w c:\windows\ServicePackFiles\i386\nv4_disp.dll+ 2004-08-04 03:29:56 1,897,408 ------w c:\windows\ServicePackFiles\i386\nv4_mini.sys+ 2004-08-04 04:03:36 88,448 ------w c:\windows\ServicePackFiles\i386\nwlnkipx.sys+ 2004-08-04 05:56:46 144,384 ------w c:\windows\ServicePackFiles\i386\nwprovau.dll+ 2004-08-04 05:56:46 266,752 ------w c:\windows\ServicePackFiles\i386\oakley.dll+ 2004-08-04 05:56:46 285,696 ------w c:\windows\ServicePackFiles\i386\objsel.dll+ 2004-08-04 05:56:24 405,504 ------w c:\windows\ServicePackFiles\i386\obrb041b.dll+ 2004-08-04 05:56:24 408,576 ------w c:\windows\ServicePackFiles\i386\obrb0424.dll+ 2004-08-04 05:56:46 96,256 ------w c:\windows\ServicePackFiles\i386\occache.dll+ 2004-08-04 05:56:46 15,872 ------w c:\windows\ServicePackFiles\i386\ocgen.dll+ 2004-08-04 05:56:46 17,408 ------w c:\windows\ServicePackFiles\i386\ocmsn.dll+ 2004-07-17 16:36:44 26,224 ------w c:\windows\ServicePackFiles\i386\odbc16gt.dll+ 2004-08-04 05:56:46 249,856 ------w c:\windows\ServicePackFiles\i386\odbc32.dll+ 2004-08-04 05:56:46 16,384 ------w c:\windows\ServicePackFiles\i386\odbc32gt.dll+ 2004-08-04 05:56:56 32,768 ------w c:\windows\ServicePackFiles\i386\odbcad32.exe+ 2004-08-04 05:56:46 24,576 ------w c:\windows\ServicePackFiles\i386\odbcbcp.dll+ 2004-08-04 05:56:46 135,168 ------w c:\windows\ServicePackFiles\i386\odbcconf.dll+ 2004-08-04 05:56:56 69,632 ------w c:\windows\ServicePackFiles\i386\odbcconf.exe+ 2004-08-04 05:56:46 106,496 ------w c:\windows\ServicePackFiles\i386\odbccp32.dll+ 2004-08-04 05:56:46 65,536 ------w c:\windows\ServicePackFiles\i386\odbccr32.dll+ 2004-08-04 05:56:46 65,536 ------w c:\windows\ServicePackFiles\i386\odbccu32.dll+ 2004-08-04 05:56:24 94,208 ------w c:\windows\ServicePackFiles\i386\odbcint.dll+ 2004-08-04 05:56:24 53,279 ------w c:\windows\ServicePackFiles\i386\odbcji32.dll+ 2004-08-04 05:56:46 278,559 ------w c:\windows\ServicePackFiles\i386\odbcjt32.dll+ 2004-08-04 05:56:24 12,288 ------w c:\windows\ServicePackFiles\i386\odbcp32r.dll+ 2004-08-04 05:56:46 147,456 ------w c:\windows\ServicePackFiles\i386\odbctrac.dll+ 2004-08-04 05:56:46 20,511 ------w c:\windows\ServicePackFiles\i386\oddbse32.dll+ 2004-08-04 05:56:46 20,510 ------w c:\windows\ServicePackFiles\i386\odexl32.dll+ 2004-08-04 05:56:46 20,510 ------w c:\windows\ServicePackFiles\i386\odfox32.dll+ 2004-08-04 05:56:46 20,510 ------w c:\windows\ServicePackFiles\i386\odpdx32.dll+ 2004-08-04 05:56:46 20,511 ------w c:\windows\ServicePackFiles\i386\odtext32.dll+ 2004-08-04 05:56:46 104,448 ------w c:\windows\ServicePackFiles\i386\oeimport.dll+ 2004-08-04 05:56:56 60,416 ------w c:\windows\ServicePackFiles\i386\oemig50.exe+ 2004-08-04 05:56:46 35,328 ------w c:\windows\ServicePackFiles\i386\oemiglib.dll+ 2004-08-04 05:56:46 120,832 ------w c:\windows\ServicePackFiles\i386\offfilt.dll+ 2004-08-04 04:10:10 61,056 ------w c:\windows\ServicePackFiles\i386\ohci1394.sys+ 2004-08-04 05:56:46 1,281,536 ------w c:\windows\ServicePackFiles\i386\ole32.dll+ 2004-08-04 05:56:46 553,472 ------w c:\windows\ServicePackFiles\i386\oleaut32.dll+ 2004-08-04 05:56:46 487,424 ------w c:\windows\ServicePackFiles\i386\oledb32.dll+ 2004-08-04 05:56:46 65,536 ------w c:\windows\ServicePackFiles\i386\oledb32r.dll+ 2004-08-04 05:56:46 107,008 ------w c:\windows\ServicePackFiles\i386\oleprn.dll+ 2004-08-04 05:56:46 83,456 ------w c:\windows\ServicePackFiles\i386\olepro32.dll+ 2004-08-04 05:56:56 51,200 ------w c:\windows\ServicePackFiles\i386\oobebaln.exe+ 2004-08-04 05:56:46 713,728 ------w c:\windows\ServicePackFiles\i386\opengl32.dll+ 2004-08-04 04:00:22 166,400 ------w c:\windows\ServicePackFiles\i386\oschoice.exe+ 2004-08-04 05:56:56 215,552 ------w c:\windows\ServicePackFiles\i386\osk.exe+ 2004-08-04 03:59:34 230,400 ------w c:\windows\ServicePackFiles\i386\osloader.exe+ 2004-08-04 05:56:46 67,584 ------w c:\windows\ServicePackFiles\i386\osuninst.dll+ 2004-08-04 05:56:46 116,224 ------w c:\windows\ServicePackFiles\i386\p2p.dll+ 2004-08-04 05:56:46 86,016 ------w c:\windows\ServicePackFiles\i386\p2pgasvc.dll+ 2004-08-04 05:56:46 312,320 ------w c:\windows\ServicePackFiles\i386\p2pgraph.dll+ 2004-08-04 05:56:46 88,064 ------w c:\windows\ServicePackFiles\i386\p2pnetsh.dll+ 2004-08-04 05:56:46 526,848 ------w c:\windows\ServicePackFiles\i386\p2psvc.dll+ 2004-08-04 03:59:20 42,496 ------w c:\windows\ServicePackFiles\i386\p3.sys+ 2004-08-04 05:56:56 58,368 ------w c:\windows\ServicePackFiles\i386\packager.exe+ 2004-08-04 03:59:08 80,128 ------w c:\windows\ServicePackFiles\i386\parport.sys+ 2004-08-04 05:56:46 62,976 ------w c:\windows\ServicePackFiles\i386\pautoenr.dll+ 2004-08-04 03:31:24 29,502 ------w c:\windows\ServicePackFiles\i386\pca200e.sys+ 2004-08-04 05:56:46 102,400 ------w c:\windows\ServicePackFiles\i386\pchshell.dll+ 2004-08-04 05:56:46 38,912 ------w c:\windows\ServicePackFiles\i386\pchsvc.dll+ 2004-08-04 04:07:48 68,224 ------w c:\windows\ServicePackFiles\i386\pci.sys+ 2004-08-04 03:59:42 25,088 ------w c:\windows\ServicePackFiles\i386\pciidex.sys+ 2004-08-04 05:56:24 676,864 ------w c:\windows\ServicePackFiles\i386\pcl5eres.dll+ 2004-08-04 05:56:24 169,472 ------w c:\windows\ServicePackFiles\i386\pclxl.dll+ 2004-08-04 04:07:48 119,936 ------w c:\windows\ServicePackFiles\i386\pcmcia.sys+ 2004-08-04 03:06:18 169,984 ------w c:\windows\ServicePackFiles\i386\pcx500.sys+ 2004-08-04 05:56:46 283,648 ------w c:\windows\ServicePackFiles\i386\pdh.dll+ 2004-08-04 05:56:46 39,936 ------w c:\windows\ServicePackFiles\i386\perfctrs.dll+ 2004-08-04 05:56:46 26,624 ------w c:\windows\ServicePackFiles\i386\perfdisk.dll+ 2004-08-04 05:56:56 15,872 ------w c:\windows\ServicePackFiles\i386\perfmon.exe+ 2004-08-04 05:56:46 25,088 ------w c:\windows\ServicePackFiles\i386\perfos.dll+ 2004-08-04 05:56:46 34,816 ------w c:\windows\ServicePackFiles\i386\perfproc.dll+ 2004-08-04 04:06:56 27,904 ------w c:\windows\ServicePackFiles\i386\perm2.sys+ 2004-08-04 05:56:24 211,712 ------w c:\windows\ServicePackFiles\i386\perm2dll.dll+ 2004-08-04 04:06:58 28,032 ------w c:\windows\ServicePackFiles\i386\perm3.sys+ 2004-08-04 05:56:24 259,328 ------w c:\windows\ServicePackFiles\i386\perm3dd.dll+ 2004-08-04 05:56:46 176,128 ------w c:\windows\ServicePackFiles\i386\photowiz.dll+ 2004-08-04 05:56:46 35,328 ------w c:\windows\ServicePackFiles\i386\pid.dll+ 2004-08-04 04:04:42 24,064 ------w c:\windows\ServicePackFiles\i386\pidgen.dll+ 2004-08-04 05:56:56 281,088 ------w c:\windows\ServicePackFiles\i386\pinball.exe+ 2004-08-04 05:56:56 17,920 ------w c:\windows\ServicePackFiles\i386\ping.exe+ 2004-08-04 05:56:46 15,360 ------w c:\windows\ServicePackFiles\i386\pjlmon.dll+ 2004-08-04 05:56:46 44,544 ------w c:\windows\ServicePackFiles\i386\plotter.dll+ 2004-08-04 05:56:46 52,736 ------w c:\windows\ServicePackFiles\i386\plotui.dll+ 2004-08-04 05:56:46 39,424 ------w c:\windows\ServicePackFiles\i386\pngfilt.dll+ 2004-08-04 05:56:46 48,640 ------w c:\windows\ServicePackFiles\i386\pnrpnsp.dll+ 2004-08-04 05:56:46 105,472 ------w c:\windows\ServicePackFiles\i386\polstore.dll+ 2004-08-04 04:15:50 145,792 ------w c:\windows\ServicePackFiles\i386\portcls.sys+ 2004-08-04 05:56:56 49,152 ------w c:\windows\ServicePackFiles\i386\powercfg.exe+ 2004-08-04 05:56:46 17,408 ------w c:\windows\ServicePackFiles\i386\powrprof.dll+ 2004-08-04 04:00:18 17,664 ------w c:\windows\ServicePackFiles\i386\ppa3.sys+ 2004-08-04 05:56:46 560,640 ------w c:\windows\ServicePackFiles\i386\printui.dll+ 2004-08-04 03:59:18 35,328 ------w c:\windows\ServicePackFiles\i386\processr.sys+ 2004-08-04 05:56:46 27,648 ------w c:\windows\ServicePackFiles\i386\profmap.dll+ 2004-08-04 05:56:56 109,568 ------w c:\windows\ServicePackFiles\i386\progman.exe+ 2004-08-04 05:56:56 50,176 ------w c:\windows\ServicePackFiles\i386\proquota.exe+ 2004-08-04 05:56:46 237,056 ------w c:\windows\ServicePackFiles\i386\provthrd.dll+ 2004-08-04 05:56:56 9,216 ------w c:\windows\ServicePackFiles\i386\proxycfg.exe+ 2004-08-04 05:56:46 132,608 ------w c:\windows\ServicePackFiles\i386\ps5ui.dll+ 2004-08-04 05:56:46 23,040 ------w c:\windows\ServicePackFiles\i386\psapi.dll+ 2004-08-04 05:56:46 96,768 ------w c:\windows\ServicePackFiles\i386\psbase.dll+ 2004-08-04 04:04:20 69,120 ------w c:\windows\ServicePackFiles\i386\psched.sys+ 2004-08-04 05:56:46 464,384 ------w c:\windows\ServicePackFiles\i386\pscript5.dll+ 2004-08-04 05:56:46 363,520 ------w c:\windows\ServicePackFiles\i386\psisdecd.dll+ 2004-08-04 05:56:46 43,520 ------w c:\windows\ServicePackFiles\i386\pstorec.dll+ 2004-08-04 05:56:46 34,304 ------w c:\windows\ServicePackFiles\i386\pstorsvc.dll+ 2004-08-04 05:56:46 159,232 ------w c:\windows\ServicePackFiles\i386\ptpusd.dll+ 2004-08-04 05:56:46 237,568 ------w c:\windows\ServicePackFiles\i386\qasf.dll+ 2004-08-04 05:56:46 192,512 ------w c:\windows\ServicePackFiles\i386\qcap.dll+ 2004-08-04 05:56:46 279,040 ------w c:\windows\ServicePackFiles\i386\qdv.dll+ 2004-08-04 05:56:46 385,024 ------w c:\windows\ServicePackFiles\i386\qdvd.dll+ 2004-08-04 05:56:46 562,176 ------w c:\windows\ServicePackFiles\i386\qedit.dll+ 2004-08-04 05:56:26 733,696 ------w c:\windows\ServicePackFiles\i386\qedwipes.dll+ 2004-08-04 04:00:06 6,016 ------w c:\windows\ServicePackFiles\i386\qic157.sys+ 2004-08-04 05:56:46 382,464 ------w c:\windows\ServicePackFiles\i386\qmgr.dll+ 2004-08-04 05:56:46 18,944 ------w c:\windows\ServicePackFiles\i386\qmgrprxy.dll+ 2004-08-04 05:56:56 20,480 ------w c:\windows\ServicePackFiles\i386\qprocess.exe+ 2004-08-04 05:56:46 1,287,680 ------w c:\windows\ServicePackFiles\i386\quartz.dll+ 2004-08-04 05:56:46 1,435,648 ------w c:\windows\ServicePackFiles\i386\query.dll+ 2004-08-04 05:56:46 43,520 ------w c:\windows\ServicePackFiles\i386\racpldlg.dll+ 2004-08-04 04:00:52 20,736 ------w c:\windows\ServicePackFiles\i386\ramdisk.sys+ 2004-08-04 05:56:46 8,192 ------w c:\windows\ServicePackFiles\i386\rasadhlp.dll+ 2004-08-04 05:56:46 236,544 ------w c:\windows\ServicePackFiles\i386\rasapi32.dll+ 2004-08-04 05:56:46 89,088 ------w c:\windows\ServicePackFiles\i386\rasauto.dll+ 2004-08-04 05:56:46 69,632 ------w c:\windows\ServicePackFiles\i386\raschap.dll+ 2004-08-04 05:56:46 657,920 ------w c:\windows\ServicePackFiles\i386\rasdlg.dll+ 2004-08-04 04:14:24 51,328 ------w c:\windows\ServicePackFiles\i386\rasl2tp.sys+ 2004-08-04 05:56:46 61,440 ------w c:\windows\ServicePackFiles\i386\rasman.dll+ 2004-08-04 05:56:46 174,080 ------w c:\windows\ServicePackFiles\i386\rasmans.dll+ 2004-08-04 05:56:56 56,832 ------w c:\windows\ServicePackFiles\i386\rasphone.exe+ 2004-08-04 05:56:46 206,336 ------w c:\windows\ServicePackFiles\i386\rasppp.dll+ 2004-08-04 04:05:08 41,472 ------w c:\windows\ServicePackFiles\i386\raspppoe.sys+ 2004-08-04 04:14:28 48,384 ------w c:\windows\ServicePackFiles\i386\raspptp.sys+ 2004-08-04 05:56:46 16,896 ------w c:\windows\ServicePackFiles\i386\rassapi.dll+ 2004-08-04 05:56:46 58,880 ------w c:\windows\ServicePackFiles\i386\rastapi.dll+ 2004-08-04 05:56:46 112,128 ------w c:\windows\ServicePackFiles\i386\rastls.dll+ 2004-08-04 05:56:46 102,400 ------w c:\windows\ServicePackFiles\i386\rcbdyctl.dll+ 2004-08-04 05:56:56 35,840 ------w c:\windows\ServicePackFiles\i386\rcimlby.exe+ 2004-08-04 05:56:56 21,504 ------w c:\windows\ServicePackFiles\i386\rcp.exe+ 2004-08-04 04:20:08 176,512 ------w c:\windows\ServicePackFiles\i386\rdbss.sys+ 2004-08-04 05:56:46 147,968 ------w c:\windows\ServicePackFiles\i386\rdchost.dll+ 2004-08-04 05:56:56 62,464 ------w c:\windows\ServicePackFiles\i386\rdpclip.exe+ 2004-08-04 06:01:08 92,168 ------w c:\windows\ServicePackFiles\i386\rdpdd.dll+ 2004-08-04 04:01:16 196,864 ------w c:\windows\ServicePackFiles\i386\rdpdr.sys+ 2004-08-04 05:56:46 19,968 ------w c:\windows\ServicePackFiles\i386\rdpsnd.dll+ 2004-08-04 06:01:10 139,400 ------w c:\windows\ServicePackFiles\i386\rdpwd.sys+ 2004-08-04 06:01:10 87,176 ------w c:\windows\ServicePackFiles\i386\rdpwsx.dll+ 2004-08-04 05:56:56 13,824 ------w c:\windows\ServicePackFiles\i386\rdsaddin.exe+ 2004-08-04 05:56:56 67,072 ------w c:\windows\ServicePackFiles\i386\rdshost.exe+ 2004-08-04 03:41:40 13,776 ------w c:\windows\ServicePackFiles\i386\recagent.sys+ 2004-08-04 03:59:38 57,472 ------w c:\windows\ServicePackFiles\i386\redbook.sys+ 2004-08-04 03:48:46 3,338 ------w c:\windows\ServicePackFiles\i386\redir.exe+ 2004-08-04 05:56:56 50,176 ------w c:\windows\ServicePackFiles\i386\reg.exe+ 2004-08-04 05:56:46 49,664 ------w c:\windows\ServicePackFiles\i386\regapi.dll+ 2004-08-04 05:56:56 146,432 ------w c:\windows\ServicePackFiles\i386\regedit.exe+ 2004-08-04 05:56:46 59,904 ------w c:\windows\ServicePackFiles\i386\regsvc.dll+ 2004-08-04 05:56:56 11,776 ------w c:\windows\ServicePackFiles\i386\regsvr32.exe+ 2004-08-04 05:56:46 397,824 ------w c:\windows\ServicePackFiles\i386\regwizc.dll+ 2004-08-04 05:56:46 60,416 ------w c:\windows\ServicePackFiles\i386\remotepg.dll+ 2004-08-04 05:56:46 177,152 ------w c:\windows\ServicePackFiles\i386\repdrvfs.dll+ 2004-08-04 05:56:46 58,880 ------w c:\windows\ServicePackFiles\i386\resutils.dll+ 2004-08-04 05:56:56 13,824 ------w c:\windows\ServicePackFiles\i386\rexec.exe+ 2004-08-04 04:10:40 59,648 ------w c:\windows\ServicePackFiles\i386\rfcomm.sys+ 2004-08-04 05:56:46 123,392 ------w c:\windows\ServicePackFiles\i386\riafres.dll+ 2004-08-04 05:56:46 11,776 ------w c:\windows\ServicePackFiles\i386\riafui1.dll+ 2004-08-04 05:56:46 11,776 ------w c:\windows\ServicePackFiles\i386\riafui2.dll+ 2004-08-04 05:56:46 431,616 ------w c:\windows\ServicePackFiles\i386\riched20.dll+ 2004-08-04 04:04:32 30,080 ------w c:\windows\ServicePackFiles\i386\rndismp.sys+ 2004-08-04 04:04:32 30,080 ------w c:\windows\ServicePackFiles\i386\rndismpx.sys+ 2004-08-04 03:59:12 79,104 ------w c:\windows\ServicePackFiles\i386\rocket.sys+ 2004-08-04 05:56:46 581,120 ------w c:\windows\ServicePackFiles\i386\rpcrt4.dll+ 2004-08-04 05:56:46 395,776 ------w c:\windows\ServicePackFiles\i386\rpcss.dll+ 2004-08-04 05:56:46 61,440 ------w c:\windows\ServicePackFiles\i386\rrcm.dll+ 2004-08-04 03:31:44 152,576 ------w c:\windows\ServicePackFiles\i386\rsaenh.dll+ 2004-08-04 05:56:56 14,848 ------w c:\windows\ServicePackFiles\i386\rsh.exe+ 2004-08-04 05:56:46 39,936 ------w c:\windows\ServicePackFiles\i386\rshx32.dll+ 2004-08-04 05:56:46 18,944 ------w c:\windows\ServicePackFiles\i386\rsmps.dll+ 2004-08-04 05:56:56 380,416 ------w c:\windows\ServicePackFiles\i386\rstrui.exe+ 2004-08-04 05:56:56 77,312 ------w c:\windows\ServicePackFiles\i386\rtcshare.exe+ 2004-08-04 05:56:46 31,744 ------w c:\windows\ServicePackFiles\i386\rtipxmib.dll+ 2004-08-04 03:31:34 20,992 ------w c:\windows\ServicePackFiles\i386\rtl8139.sys+ 2004-08-04 05:56:46 44,032 ------w c:\windows\ServicePackFiles\i386\rtutils.dll+ 2004-08-04 05:56:56 33,280 ------w c:\windows\ServicePackFiles\i386\rundll32.exe+ 2004-08-04 05:56:56 14,336 ------w c:\windows\ServicePackFiles\i386\runonce.exe+ 2004-08-04 05:56:46 397,056 ------w c:\windows\ServicePackFiles\i386\s3gnb.dll+ 2004-08-04 03:29:52 166,912 ------w c:\windows\ServicePackFiles\i386\s3gnbm.sys+ 2004-08-04 05:56:46 43,520 ------w c:\windows\ServicePackFiles\i386\safrcdlg.dll+ 2004-08-04 05:56:46 29,696 ------w c:\windows\ServicePackFiles\i386\safrdm.dll+ 2004-08-04 05:56:46 45,568 ------w c:\windows\ServicePackFiles\i386\safrslv.dll+ 2004-08-04 05:56:46 64,000 ------w c:\windows\ServicePackFiles\i386\samlib.dll+ 2004-08-04 05:56:46 415,744 ------w c:\windows\ServicePackFiles\i386\samsrv.dll+ 2004-08-04 05:56:46 741,376 ------w c:\windows\ServicePackFiles\i386\sapi.dll+ 2004-08-04 05:56:56 13,312 ------w c:\windows\ServicePackFiles\i386\savedump.exe+ 2004-08-04 05:56:46 270,848 ------w c:\windows\ServicePackFiles\i386\sbe.dll+ 2004-08-04 05:56:46 159,232 ------w c:\windows\ServicePackFiles\i386\sbeio.dll+ 2004-08-04 03:59:58 43,136 ------w c:\windows\ServicePackFiles\i386\sbp2port.sys+ 2004-08-04 05:56:46 69,632 ------w c:\windows\ServicePackFiles\i386\scarddlg.dll+ 2004-08-04 05:56:56 95,744 ------w c:\windows\ServicePackFiles\i386\scardsvr.exe+ 2004-08-04 03:31:44 169,984 ------w c:\windows\ServicePackFiles\i386\sccbase.dll+ 2004-08-04 05:56:46 171,008 ------w c:\windows\ServicePackFiles\i386\sccsccp.dll+ 2004-08-04 05:56:46 180,224 ------w c:\windows\ServicePackFiles\i386\scecli.dll+ 2004-08-04 05:56:46 313,856 ------w c:\windows\ServicePackFiles\i386\scesrv.dll+ 2004-08-04 05:56:46 144,896 ------w c:\windows\ServicePackFiles\i386\schannel.dll+ 2004-08-04 05:56:46 190,976 ------w c:\windows\ServicePackFiles\i386\schedsvc.dll+ 2004-08-04 05:56:46 20,992 ------w c:\windows\ServicePackFiles\i386\sclgntfy.dll+ 2004-08-04 05:56:56 36,864 ------w c:\windows\ServicePackFiles\i386\scrcons.exe+ 2004-08-04 05:56:46 202,752 ------w c:\windows\ServicePackFiles\i386\script.dll+ 2004-08-04 05:56:46 188,416 ------w c:\windows\ServicePackFiles\i386\script_a.dll+ 2004-08-04 05:56:58 9,216 ------w c:\windows\ServicePackFiles\i386\scrnsave.scr+ 2004-08-04 05:56:46 159,744 ------w c:\windows\ServicePackFiles\i386\scrobj.dll+ 2004-08-04 05:56:46 151,552 ------w c:\windows\ServicePackFiles\i386\scrrun.dll+ 2004-08-04 03:59:42 96,256 ------w c:\windows\ServicePackFiles\i386\scsiport.sys+ 2004-08-04 05:56:56 77,312 ------w c:\windows\ServicePackFiles\i386\sdbinst.exe+ 2004-08-04 04:07:48 67,584 ------w c:\windows\ServicePackFiles\i386\sdbus.sys+ 2004-08-04 05:56:46 29,184 ------w c:\windows\ServicePackFiles\i386\sdhcinst.dll+ 2004-07-17 16:36:38 27,440 ------w c:\windows\ServicePackFiles\i386\secdrv.sys+ 2004-08-04 05:56:46 18,944 ------w c:\windows\ServicePackFiles\i386\seclogon.dll+ 2004-08-02 19:20:40 4,569 ------w c:\windows\ServicePackFiles\i386\secupd.dat+ 2004-08-04 05:56:46 55,808 ------w c:\windows\ServicePackFiles\i386\secur32.dll+ 2004-08-04 05:56:46 5,632 ------w c:\windows\ServicePackFiles\i386\security.dll+ 2004-08-04 05:56:46 29,184 ------w c:\windows\ServicePackFiles\i386\sendcmsg.dll+ 2004-08-04 05:56:46 55,296 ------w c:\windows\ServicePackFiles\i386\sendmail.dll+ 2004-08-04 05:56:46 38,912 ------w c:\windows\ServicePackFiles\i386\sens.dll+ 2004-08-04 05:56:46 6,656 ------w c:\windows\ServicePackFiles\i386\sensapi.dll+ 2004-08-04 03:59:08 15,488 ------w c:\windows\ServicePackFiles\i386\serenum.sys+ 2004-08-04 04:15:54 64,896 ------w c:\windows\ServicePackFiles\i386\serial.sys+ 2004-08-04 05:56:46 56,320 ------w c:\windows\ServicePackFiles\i386\servdeps.dll+ 2004-08-04 05:56:56 108,032 ------w c:\windows\ServicePackFiles\i386\services.exe+ 2004-08-04 05:56:58 140,800 ------w c:\windows\ServicePackFiles\i386\sessmgr.exe+ 2004-08-04 05:56:58 31,232 ------w c:\windows\ServicePackFiles\i386\sethc.exe+ 2004-08-04 05:56:58 23,040 ------w c:\windows\ServicePackFiles\i386\setup.exe+ 2004-08-04 05:56:58 774,144 ------w c:\windows\ServicePackFiles\i386\setup_wm.exe+ 2004-08-04 05:56:58 73,216 ------w c:\windows\ServicePackFiles\i386\setup50.exe+ 2004-08-04 05:56:46 983,552 ------w c:\windows\ServicePackFiles\i386\setupapi.dll+ 2004-08-04 05:56:46 101,376 ------w c:\windows\ServicePackFiles\i386\setupqry.dll+ 2004-08-04 05:56:46 5,120 ------w c:\windows\ServicePackFiles\i386\sfc.dll+ 2004-08-04 05:56:46 140,288 ------w c:\windows\ServicePackFiles\i386\sfc_os.dll+ 2004-08-04 05:56:46 1,580,544 ------w c:\windows\ServicePackFiles\i386\sfcfiles.dll+ 2004-08-04 03:59:56 11,136 ------w c:\windows\ServicePackFiles\i386\sffdisk.sys+ 2004-08-04 03:59:56 10,240 ------w c:\windows\ServicePackFiles\i386\sffp_sd.sys+ 2004-08-04 03:59:56 11,392 ------w c:\windows\ServicePackFiles\i386\sfloppy.sys+ 2004-08-04 05:56:28 549,376 ------w c:\windows\ServicePackFiles\i386\shdoclc.dll+ 2004-08-04 05:56:46 1,483,264 ------w c:\windows\ServicePackFiles\i386\shdocvw.dll+ 2004-08-04 05:56:46 8,384,000 ------w c:\windows\ServicePackFiles\i386\shell32.dll+ 2004-08-04 05:56:46 25,088 ------w c:\windows\ServicePackFiles\i386\shfolder.dll+ 2004-08-04 05:56:46 68,096 ------w c:\windows\ServicePackFiles\i386\shgina.dll+ 2004-08-04 05:56:46 65,536 ------w c:\windows\ServicePackFiles\i386\shimeng.dll+ 2004-08-04 05:56:46 438,272 ------w c:\windows\ServicePackFiles\i386\shimgvw.dll+ 2004-08-04 05:56:46 473,600 ------w c:\windows\ServicePackFiles\i386\shlwapi.dll+ 2004-08-04 05:56:46 151,552 ------w c:\windows\ServicePackFiles\i386\shmedia.dll+ 2004-08-04 05:56:58 42,496 ------w c:\windows\ServicePackFiles\i386\shmgrate.exe+ 2004-08-04 05:56:58 77,824 ------w c:\windows\ServicePackFiles\i386\shrpubw.exe+ 2004-08-04 05:56:46 27,648 ------w c:\windows\ServicePackFiles\i386\shscrap.dll+ 2004-08-04 05:56:46 134,656 ------w c:\windows\ServicePackFiles\i386\shsvcs.dll+ 2004-08-04 05:56:46 20,536 ------w c:\windows\ServicePackFiles\i386\shtml.dll+ 2004-08-04 05:56:58 16,437 ------w c:\windows\ServicePackFiles\i386\shtml.exe+ 2004-08-04 05:56:58 19,456 ------w c:\windows\ServicePackFiles\i386\shutdown.exe+ 2004-08-04 05:56:46 13,312 ------w c:\windows\ServicePackFiles\i386\sigtab.dll+ 2004-08-04 05:56:58 70,144 ------w c:\windows\ServicePackFiles\i386\sigverif.exe+ 2004-08-04 05:56:46 3,901 ------w c:\windows\ServicePackFiles\i386\siint5.dll+ 2004-08-04 04:07:44 41,088 ------w c:\windows\ServicePackFiles\i386\sisagp.sys+ 2004-08-04 03:31:36 32,768 ------w c:\windows\ServicePackFiles\i386\sisnic.sys+ 2004-08-04 05:56:58 26,112 ------w c:\windows\ServicePackFiles\i386\skeys.exe+ 2004-08-04 03:31:42 63,547 ------w c:\windows\ServicePackFiles\i386\sla30nd5.sys+ 2004-08-04 05:56:46 25,088 ------w c:\windows\ServicePackFiles\i386\slayerxp.dll+ 2004-08-04 03:31:44 306,176 ------w c:\windows\ServicePackFiles\i386\slbcsp.dll+ 2004-08-04 05:56:46 98,304 ------w c:\windows\ServicePackFiles\i386\slbiop.dll+ 2004-08-04 05:56:46 73,832 ------w c:\windows\ServicePackFiles\i386\slcoinst.dll+ 2004-08-04 05:56:46 286,792 ------w c:\windows\ServicePackFiles\i386\slextspk.dll+ 2004-08-04 05:56:46 188,508 ------w c:\windows\ServicePackFiles\i386\slgen.dll+ 2004-08-04 04:10:18 11,136 ------w c:\windows\ServicePackFiles\i386\slip.sys+ 2004-08-04 03:41:42 129,535 ------w c:\windows\ServicePackFiles\i386\slnt7554.sys+ 2004-08-04 03:41:44 404,990 ------w c:\windows\ServicePackFiles\i386\slntamr.sys+ 2004-08-04 03:41:46 95,424 ------w c:\windows\ServicePackFiles\i386\slnthal.sys+ 2004-08-04 05:56:58 32,866 ------w c:\windows\ServicePackFiles\i386\slrundll.exe+ 2004-08-04 05:56:58 73,796 ------w c:\windows\ServicePackFiles\i386\slserv.exe+ 2004-08-04 03:41:46 13,240 ------w c:\windows\ServicePackFiles\i386\slwdmsup.sys+ 2004-08-04 04:07:38 6,016 ------w c:\windows\ServicePackFiles\i386\smbali.sys+ 2004-08-04 04:07:36 16,128 ------w c:\windows\ServicePackFiles\i386\smbbatt.sys+ 2004-08-04 04:07:36 6,912 ------w c:\windows\ServicePackFiles\i386\smbclass.sys+ 2004-08-04 05:56:58 8,192 ------w c:\windows\ServicePackFiles\i386\smbinst.exe+ 2004-08-04 05:56:58 236,544 ------w c:\windows\ServicePackFiles\i386\smi2smir.exe+ 2004-08-04 05:56:46 363,008 ------w c:\windows\ServicePackFiles\i386\smlogcfg.dll+ 2004-08-04 05:56:58 89,600 ------w c:\windows\ServicePackFiles\i386\smlogsvc.exe+ 2004-08-04 05:56:58 50,688 ------w c:\windows\ServicePackFiles\i386\smss.exe+ 2004-08-04 05:56:46 456,704 ------w c:\windows\ServicePackFiles\i386\smtpsvc.dll+ 2004-08-04 05:56:58 131,584 ------w c:\windows\ServicePackFiles\i386\sndrec32.exe+ 2004-08-04 05:56:46 34,816 ------w c:\windows\ServicePackFiles\i386\sniffpol.dll+ 2004-08-04 05:56:58 32,768 ------w c:\windows\ServicePackFiles\i386\snmp.exe+ 2004-08-04 05:56:46 18,944 ------w c:\windows\ServicePackFiles\i386\snmpapi.dll+ 2004-08-04 05:56:46 259,072 ------w c:\windows\ServicePackFiles\i386\snmpcl.dll+ 2004-08-04 05:56:46 358,400 ------w c:\windows\ServicePackFiles\i386\snmpincl.dll+ 2004-08-04 05:56:46 6,144 ------w c:\windows\ServicePackFiles\i386\snmpmib.dll+ 2004-08-04 05:56:46 188,416 ------w c:\windows\ServicePackFiles\i386\snmpsmir.dll+ 2004-08-04 05:56:46 182,272 ------w c:\windows\ServicePackFiles\i386\snmpsnap.dll+ 2004-08-04 05:56:46 40,448 ------w c:\windows\ServicePackFiles\i386\snmpthrd.dll+ 2004-08-04 05:56:58 8,704 ------w c:\windows\ServicePackFiles\i386\snmptrap.exe+ 2004-08-04 05:56:46 130,048 ------w c:\windows\ServicePackFiles\i386\softkbd.dll+ 2004-08-04 04:00:06 7,552 ------w c:\windows\ServicePackFiles\i386\sonyait.sys+ 2004-08-04 04:09:56 25,472 ------w c:\windows\ServicePackFiles\i386\sonydcam.sys+ 2004-08-04 05:56:58 8,192 ------w c:\windows\ServicePackFiles\i386\spdwnwxp.exe+ 2004-08-04 05:56:30 62,976 ------w c:\windows\ServicePackFiles\i386\spgrmr.dll+ 2004-08-04 05:56:58 538,624 ------w c:\windows\ServicePackFiles\i386\spider.exe+ 2004-08-04 04:07:48 6,400 ------w c:\windows\ServicePackFiles\i386\splitter.sys+ 2004-08-04 05:56:58 11,776 ------w c:\windows\ServicePackFiles\i386\spnpinst.exe+ 2004-08-04 05:56:46 74,752 ------w c:\windows\ServicePackFiles\i386\spoolss.dll+ 2004-08-04 05:56:58 57,856 ------w c:\windows\ServicePackFiles\i386\spoolsv.exe+ 2004-08-04 05:56:30 193,024 ------w c:\windows\ServicePackFiles\i386\spra041b.dll+ 2004-08-04 05:56:30 192,512 ------w c:\windows\ServicePackFiles\i386\spra0424.dll+ 2004-08-04 05:56:30 757,248 ------w c:\windows\ServicePackFiles\i386\sprb041b.dll+ 2004-08-04 05:56:32 732,160 ------w c:\windows\ServicePackFiles\i386\sprb0424.dll+ 2004-08-04 05:56:46 250,880 ------w c:\windows\ServicePackFiles\i386\sptip.dll+ 2004-08-04 05:56:58 21,504 ------w c:\windows\ServicePackFiles\i386\spupdwxp.exe+ 2004-08-04 05:56:46 151,552 ------w c:\windows\ServicePackFiles\i386\sqldb20.dll+ 2004-08-04 05:56:46 528,384 ------w c:\windows\ServicePackFiles\i386\sqloledb.dll+ 2004-08-04 05:56:46 462,848 ------w c:\windows\ServicePackFiles\i386\sqlqp20.dll+ 2004-08-04 05:56:46 110,592 ------w c:\windows\ServicePackFiles\i386\sqlse20.dll+ 2004-08-04 05:56:46 442,368 ------w c:\windows\ServicePackFiles\i386\sqlsrv32.dll+ 2004-08-04 05:56:46 180,800 ------w c:\windows\ServicePackFiles\i386\sqlunirl.dll+ 2004-08-04 05:56:46 217,088 ------w c:\windows\ServicePackFiles\i386\sqlxmlx.dll+ 2004-08-04 04:06:26 73,472 ------w c:\windows\ServicePackFiles\i386\sr.sys+ 2004-08-04 05:56:46 58,434 ------w c:\windows\ServicePackFiles\i386\srchctls.dll+ 2004-08-04 05:56:46 725,566 ------w c:\windows\ServicePackFiles\i386\srchui.dll+ 2004-08-04 05:56:46 67,584 ------w c:\windows\ServicePackFiles\i386\srclient.dll+ 2004-08-04 05:56:46 239,104 ------w c:\windows\ServicePackFiles\i386\srrstr.dll+ 2004-08-04 05:56:46 170,496 ------w c:\windows\ServicePackFiles\i386\srsvc.dll+ 2004-08-04 04:14:46 336,256 ------w c:\windows\ServicePackFiles\i386\srv.sys+ 2004-08-04 05:56:46 96,768 ------w c:\windows\ServicePackFiles\i386\srvsvc.dll+ 2004-08-04 05:56:58 704,512 ------w c:\windows\ServicePackFiles\i386\ss3dfo.scr+ 2004-08-04 05:56:58 19,968 ------w c:\windows\ServicePackFiles\i386\ssbezier.scr+ 2004-08-04 05:56:46 34,816 ------w c:\windows\ServicePackFiles\i386\ssdpapi.dll+ 2004-08-04 05:56:46 71,680 ------w c:\windows\ServicePackFiles\i386\ssdpsrv.dll+ 2004-08-04 05:56:58 393,216 ------w c:\windows\ServicePackFiles\i386\ssflwbox.scr+ 2004-08-04 05:56:58 20,992 ------w c:\windows\ServicePackFiles\i386\ssmarque.scr+ 2004-08-04 05:56:58 47,104 ------w c:\windows\ServicePackFiles\i386\ssmypics.scr+ 2004-08-04 05:56:58 18,944 ------w c:\windows\ServicePackFiles\i386\ssmyst.scr+ 2004-08-04 05:56:58 610,304 ------w c:\windows\ServicePackFiles\i386\sspipes.scr+ 2004-08-04 05:56:58 14,336 ------w c:\windows\ServicePackFiles\i386\ssstars.scr+ 2004-08-04 05:56:58 679,936 ------w c:\windows\ServicePackFiles\i386\sstext3d.scr+ 2004-08-04 05:56:46 33,280 ------w c:\windows\ServicePackFiles\i386\sstub.dll+ 2004-08-04 05:56:46 22,016 ------w c:\windows\ServicePackFiles\i386\startoc.dll+ 2004-08-04 05:56:46 86,528 ------w c:\windows\ServicePackFiles\i386\stdprov.dll+ 2004-08-04 05:56:46 67,584 ------w c:\windows\ServicePackFiles\i386\sti.dll+ 2004-08-04 05:56:46 136,704 ------w c:\windows\ServicePackFiles\i386\sti_ci.dll+ 2004-08-04 05:56:58 14,848 ------w c:\windows\ServicePackFiles\i386\stimon.exe+ 2004-08-04 05:56:46 121,856 ------w c:\windows\ServicePackFiles\i386\stobject.dll+ 2004-08-04 05:56:46 74,752 ------w c:\windows\ServicePackFiles\i386\storprop.dll+ 2004-08-04 04:08:04 48,640 ------w c:\windows\ServicePackFiles\i386\stream.sys+ 2004-08-04 04:10:14 15,360 ------w c:\windows\ServicePackFiles\i386\streamip.sys+ 2004-08-04 05:56:46 246,302 ------w c:\windows\ServicePackFiles\i386\strmdll.dll+ 2004-08-04 05:56:46 75,776 ------w c:\windows\ServicePackFiles\i386\strmfilt.dll+ 2004-08-04 05:56:58 16,449 ------w c:\windows\ServicePackFiles\i386\stub_fpsrvadm.exe+ 2004-08-04 05:56:58 65,601 ------w c:\windows\ServicePackFiles\i386\stub_fpsrvwin.exe+ 2004-08-04 05:56:58 14,336 ------w c:\windows\ServicePackFiles\i386\svchost.exe+ 2004-08-04 03:58:42 4,352 ------w c:\windows\ServicePackFiles\i386\swenum.sys+ 2004-08-04 05:56:48 713,216 ------w c:\windows\ServicePackFiles\i386\sxs.dll+ 2004-08-04 05:56:48 57,856 ------w c:\windows\ServicePackFiles\i386\synceng.dll+ 2004-08-04 05:56:48 191,488 ------w c:\windows\ServicePackFiles\i386\syncui.dll+ 2004-08-04 04:15:56 60,800 ------w c:\windows\ServicePackFiles\i386\sysaudio.sys+ 2004-08-04 05:56:48 168,960 ------w c:\windows\ServicePackFiles\i386\sysmod.dll+ 2004-08-04 05:56:48 155,648 ------w c:\windows\ServicePackFiles\i386\sysmod_a.dll+ 2004-08-04 05:56:58 105,984 ------w c:\windows\ServicePackFiles\i386\sysocmgr.exe+ 2004-08-04 05:56:48 984,576 ------w c:\windows\ServicePackFiles\i386\syssetup.dll+ 2004-08-04 05:56:48 210,432 ------w c:\windows\ServicePackFiles\i386\t2embed.dll+ 2004-08-04 04:00:00 14,976 ------w c:\windows\ServicePackFiles\i386\tape.sys+ 2004-08-04 05:56:48 858,624 ------w c:\windows\ServicePackFiles\i386\tapi3.dll+ 2004-08-04 05:56:48 181,760 ------w c:\windows\ServicePackFiles\i386\tapi32.dll+ 2004-08-04 05:56:48 246,272 ------w c:\windows\ServicePackFiles\i386\tapisrv.dll+ 2004-08-04 05:56:58 135,680 ------w c:\windows\ServicePackFiles\i386\taskmgr.exe+ 2004-08-04 04:14:42 359,040 ------w c:\windows\ServicePackFiles\i386\tcpip.sys+ 2004-08-04 04:07:46 223,616 ------w c:\windows\ServicePackFiles\i386\tcpip6.sys+ 2004-08-04 05:56:48 14,848 ------w c:\windows\ServicePackFiles\i386\tcpmib.dll+ 2004-08-04 05:56:48 45,568 ------w c:\windows\ServicePackFiles\i386\tcpmon.dll+ 2004-08-04 05:56:48 45,568 ------w c:\windows\ServicePackFiles\i386\tcpmonui.dll+ 2004-08-04 05:56:58 32,827 ------w c:\windows\ServicePackFiles\i386\tcptest.exe+ 2004-08-04 05:56:36 16,384 ------w c:\windows\ServicePackFiles\i386\tcptsat.dll+ 2004-08-04 04:07:50 18,560 ------w c:\windows\ServicePackFiles\i386\tdi.sys+ 2004-08-04 06:01:08 12,040 ------w c:\windows\ServicePackFiles\i386\tdpipe.sys+ 2004-08-04 06:01:08 21,896 ------w c:\windows\ServicePackFiles\i386\tdtcp.sys+ 2004-08-04 05:56:58 75,264 ------w c:\windows\ServicePackFiles\i386\telnet.exe+ 2004-08-04 06:01:08 40,840 ------w c:\windows\ServicePackFiles\i386\termdd.sys+ 2004-08-04 05:56:48 358,400 ------w c:\windows\ServicePackFiles\i386\termmgr.dll+ 2004-08-04 05:56:48 295,424 ------w c:\windows\ServicePackFiles\i386\termsrv.dll+ 2004-08-04 04:00:06 149,376 ------w c:\windows\ServicePackFiles\i386\tffsport.sys+ 2004-08-04 05:56:48 385,536 ------w c:\windows\ServicePackFiles\i386\themeui.dll+ 2004-08-04 05:56:58 347,136 ------w c:\windows\ServicePackFiles\i386\tourstrt.exe+ 2004-08-04 05:56:58 82,432 ------w c:\windows\ServicePackFiles\i386\tp4mon.exe+ 2004-08-04 05:56:58 12,288 ------w c:\windows\ServicePackFiles\i386\tracert.exe+ 2004-08-04 05:56:48 153,088 ------w c:\windows\ServicePackFiles\i386\triedit.dll+ 2004-08-04 05:56:48 90,624 ------w c:\windows\ServicePackFiles\i386\trkwks.dll+ 2004-08-04 05:56:48 93,696 ------w c:\windows\ServicePackFiles\i386\tscfgwmi.dll+ 2004-08-04 03:59:28 44,544 ------w c:\windows\ServicePackFiles\i386\tscupgrd.exe+ 2004-08-04 06:01:08 12,168 ------w c:\windows\ServicePackFiles\i386\tsddd.dll+ 2004-08-04 05:56:48 279,040 ------w c:\windows\ServicePackFiles\i386\tshoot.dll+ 2004-08-04 05:56:48 121,856 ------w c:\windows\ServicePackFiles\i386\tsoc.dll+ 2004-08-04 05:56:48 8,704 ------w c:\windows\ServicePackFiles\i386\tty.dll+ 2004-08-04 05:56:36 39,936 ------w c:\windows\ServicePackFiles\i386\ttyres.dll+ 2004-08-04 05:56:48 16,384 ------w c:\windows\ServicePackFiles\i386\ttyui.dll+ 2004-08-04 04:03:18 12,416 ------w c:\windows\ServicePackFiles\i386\tunmp.sys+ 2004-08-04 05:56:48 50,688 ------w c:\windows\ServicePackFiles\i386\twain_32.dll+ 2004-08-04 05:56:48 44,032 ------w c:\windows\ServicePackFiles\i386\twext.dll+ 2004-08-04 05:56:48 101,376 ------w c:\windows\ServicePackFiles\i386\txflog.dll+ 2004-08-04 04:07:44 44,672 ------w c:\windows\ServicePackFiles\i386\uagp35.sys+ 2004-08-04 04:00:32 66,176 ------w c:\windows\ServicePackFiles\i386\udfs.sys+ 2004-08-04 05:56:48 25,600 ------w c:\windows\ServicePackFiles\i386\udhisapi.dll+ 2004-08-04 05:56:48 275,456 ------w c:\windows\ServicePackFiles\i386\ulib.dll+ 2004-08-04 05:56:48 35,840 ------w c:\windows\ServicePackFiles\i386\umandlg.dll+ 2004-08-04 05:56:48 118,272 ------w c:\windows\ServicePackFiles\i386\umpnpmgr.dll+ 2004-08-04 05:56:48 264,704 ------w c:\windows\ServicePackFiles\i386\unidrv.dll+ 2004-08-04 05:56:48 197,120 ------w c:\windows\ServicePackFiles\i386\unidrvui.dll+ 2004-08-04 05:56:48 74,240 ------w c:\windows\ServicePackFiles\i386\unimdmat.dll+ 2004-08-04 05:56:48 13,824 ------w c:\windows\ServicePackFiles\i386\uniplat.dll+ 2004-08-04 05:56:36 619,520 ------w c:\windows\ServicePackFiles\i386\unires.dll+ 2004-08-04 05:56:58 208,896 ------w c:\windows\ServicePackFiles\i386\unregmp2.exe+ 2004-08-04 05:56:48 316,416 ------w c:\windows\ServicePackFiles\i386\untfs.dll+ 2004-08-04 03:58:34 209,408 ------w c:\windows\ServicePackFiles\i386\update.sys+ 2004-08-04 05:56:58 150,528 ------w c:\windows\ServicePackFiles\i386\uploadm.exe+ 2004-08-04 05:56:48 132,608 ------w c:\windows\ServicePackFiles\i386\upnp.dll+ 2004-08-04 05:56:58 16,896 ------w c:\windows\ServicePackFiles\i386\upnpcont.exe+ 2004-08-04 05:56:48 185,344 ------w c:\windows\ServicePackFiles\i386\upnphost.dll+ 2004-08-04 05:56:48 239,616 ------w c:\windows\ServicePackFiles\i386\upnpui.dll+ 2004-08-04 05:56:58 18,432 ------w c:\windows\ServicePackFiles\i386\ups.exe+ 2004-08-04 05:56:48 37,888 ------w c:\windows\ServicePackFiles\i386\url.dll+ 2004-08-04 05:56:48 601,088 ------w c:\windows\ServicePackFiles\i386\urlmon.dll+ 2004-08-04 03:31:26 32,384 ------w c:\windows\ServicePackFiles\i386\usb101et.sys+ 2004-08-04 04:04:34 12,672 ------w c:\windows\ServicePackFiles\i386\usb8023.sys+ 2004-08-04 04:04:34 12,672 ------w c:\windows\ServicePackFiles\i386\usb8023x.sys+ 2004-08-04 04:07:56 59,264 ------w c:\windows\ServicePackFiles\i386\usbaudio.sys+ 2004-08-04 04:08:48 31,616 ------w c:\windows\ServicePackFiles\i386\usbccgp.sys+ 2004-08-04 04:08:38 26,624 ------w c:\windows\ServicePackFiles\i386\usbehci.sys+ 2004-08-04 04:08:44 57,600 ------w c:\windows\ServicePackFiles\i386\usbhub.sys+ 2004-08-04 04:08:58 16,000 ------w c:\windows\ServicePackFiles\i386\usbintel.sys+ 2004-08-04 05:56:48 16,896 ------w c:\windows\ServicePackFiles\i386\usbmon.dll+ 2004-08-04 04:08:38 17,024 ------w c:\windows\ServicePackFiles\i386\usbohci.sys+ 2004-08-04 04:08:44 142,976 ------w c:\windows\ServicePackFiles\i386\usbport.sys+ 2004-08-04 04:01:26 25,856 ------w c:\windows\ServicePackFiles\i386\usbprint.sys+ 2004-08-04 03:58:46 15,104 ------w c:\windows\ServicePackFiles\i386\usbscan.sys+ 2004-08-04 04:08:44 25,600 ------w c:\windows\ServicePackFiles\i386\usbser.sys+ 2004-08-04 04:08:48 26,496 ------w c:\windows\ServicePackFiles\i386\usbstor.sys+ 2004-08-04 04:08:38 20,480 ------w c:\windows\ServicePackFiles\i386\usbuhci.sys+ 2004-08-04 05:56:48 74,240 ------w c:\windows\ServicePackFiles\i386\usbui.dll+ 2004-08-04 04:10:12 78,464 ------w c:\windows\ServicePackFiles\i386\usbvideo.sys+ 2004-08-04 05:56:48 577,024 ------w c:\windows\ServicePackFiles\i386\user32.dll+ 2004-08-04 05:56:48 723,456 ------w c:\windows\ServicePackFiles\i386\userenv.dll+ 2004-08-04 05:56:58 24,576 ------w c:\windows\ServicePackFiles\i386\userinit.exe+ 2004-08-04 05:56:48 406,528 ------w c:\windows\ServicePackFiles\i386\usp10.dll+ 2004-08-04 05:56:58 50,176 ------w c:\windows\ServicePackFiles\i386\utilman.exe+ 2004-08-04 05:56:48 218,624 ------w c:\windows\ServicePackFiles\i386\uxtheme.dll+ 2004-08-04 05:56:48 30,749 ------w c:\windows\ServicePackFiles\i386\vbajet32.dll+ 2004-08-04 05:56:48 417,792 ------w c:\windows\ServicePackFiles\i386\vbscript.dll+ 2004-08-04 05:56:48 11,325 ------w c:\windows\ServicePackFiles\i386\vchnt5.dll+ 2004-08-04 05:56:48 26,112 ------w c:\windows\ServicePackFiles\i386\vdmdbg.dll+ 2004-08-04 05:56:48 51,712 ------w c:\windows\ServicePackFiles\i386\vdmredir.dll+ 2004-08-04 05:56:48 18,944 ------w c:\windows\ServicePackFiles\i386\version.dll+ 2004-08-04 05:56:48 53,760 ------w c:\windows\ServicePackFiles\i386\vfwwdm32.dll+ 2004-08-04 04:07:08 20,992 ------w c:\windows\ServicePackFiles\i386\vga.sys+ 2004-08-04 05:56:48 848,384 ------w c:\windows\ServicePackFiles\i386\vgx.dll+ 2004-08-04 04:07:44 42,240 ------w c:\windows\ServicePackFiles\i386\viaagp.sys+ 2004-08-04 03:59:44 5,376 ------w c:\windows\ServicePackFiles\i386\viaide.sys+ 2004-08-04 04:07:06 79,744 ------w c:\windows\ServicePackFiles\i386\videoprt.sys+ 2004-08-04 05:56:48 131,584 ------w c:\windows\ServicePackFiles\i386\viewprov.dll+ 2004-08-04 04:00:18 52,352 ------w c:\windows\ServicePackFiles\i386\volsnap.sys+ 2004-08-04 05:56:48 430,592 ------w c:\windows\ServicePackFiles\i386\vssapi.dll+ 2004-08-04 05:56:58 289,792 ------w c:\windows\ServicePackFiles\i386\vssvc.exe+ 2004-08-04 05:56:48 174,592 ------w c:\windows\ServicePackFiles\i386\w32time.dll+ 2004-08-04 05:56:48 15,872 ------w c:\windows\ServicePackFiles\i386\w3ssl.dll+ 2004-08-04 05:56:48 483,840 ------w c:\windows\ServicePackFiles\i386\w95upgnt.dll+ 2004-08-04 05:56:58 46,080 ------w c:\windows\ServicePackFiles\i386\wab.exe+ 2004-08-04 05:56:48 504,832 ------w c:\windows\ServicePackFiles\i386\wab32.dll+ 2004-08-04 05:56:36 249,856 ------w c:\windows\ServicePackFiles\i386\wab32res.dll+ 2004-08-04 05:56:48 32,768 ------w c:\windows\ServicePackFiles\i386\wabfind.dll+ 2004-08-04 05:56:48 84,992 ------w c:\windows\ServicePackFiles\i386\wabimp.dll+ 2004-08-04 05:56:58 30,208 ------w c:\windows\ServicePackFiles\i386\wabmig.exe+ 2004-08-04 04:04:54 13,568 ------w c:\windows\ServicePackFiles\i386\wacompen.sys+ 2004-08-04 03:29:38 12,415 ------w c:\windows\ServicePackFiles\i386\wadv01nt.sys+ 2004-08-04 03:29:38 12,127 ------w c:\windows\ServicePackFiles\i386\wadv02nt.sys+ 2004-08-04 03:29:38 11,775 ------w c:\windows\ServicePackFiles\i386\wadv05nt.sys+ 2004-08-04 03:29:40 11,807 ------w c:\windows\ServicePackFiles\i386\wadv07nt.sys+ 2004-08-04 03:29:40 11,295 ------w c:\windows\ServicePackFiles\i386\wadv08nt.sys+ 2004-08-04 03:29:42 11,871 ------w c:\windows\ServicePackFiles\i386\wadv09nt.sys+ 2004-08-04 03:29:42 11,935 ------w c:\windows\ServicePackFiles\i386\wadv11nt.sys+ 2004-08-04 04:04:58 34,560 ------w c:\windows\ServicePackFiles\i386\wanarp.sys+ 2004-08-04 04:07:34 17,664 ------w c:\windows\ServicePackFiles\i386\watchdog.sys+ 2004-08-04 03:29:42 29,311 ------w c:\windows\ServicePackFiles\i386\watv01nt.sys+ 2004-08-04 03:29:44 19,551 ------w c:\windows\ServicePackFiles\i386\watv02nt.sys+ 2004-08-04 03:29:44 33,599 ------w c:\windows\ServicePackFiles\i386\watv04nt.sys+ 2004-08-04 03:29:46 22,271 ------w c:\windows\ServicePackFiles\i386\watv06nt.sys+ 2004-08-04 03:29:46 25,471 ------w c:\windows\ServicePackFiles\i386\watv10nt.sys+ 2004-08-04 05:56:48 196,608 ------w c:\windows\ServicePackFiles\i386\wbemcntl.dll+ 2004-08-04 05:56:48 214,528 ------w c:\windows\ServicePackFiles\i386\wbemcomn.dll+ 2004-08-04 05:56:48 71,680 ------w c:\windows\ServicePackFiles\i386\wbemcons.dll+ 2004-08-04 05:56:48 530,944 ------w c:\windows\ServicePackFiles\i386\wbemcore.dll+ 2004-08-04 05:56:48 178,176 ------w c:\windows\ServicePackFiles\i386\wbemdisp.dll+ 2004-08-04 05:56:48 273,920 ------w c:\windows\ServicePackFiles\i386\wbemess.dll+ 2004-08-04 05:56:48 43,008 ------w c:\windows\ServicePackFiles\i386\wbemperf.dll+ 2004-08-04 05:56:48 18,944 ------w c:\windows\ServicePackFiles\i386\wbemprox.dll+ 2004-08-04 05:56:48 43,520 ------w c:\windows\ServicePackFiles\i386\wbemsvc.dll+ 2004-08-04 05:56:58 116,224 ------w c:\windows\ServicePackFiles\i386\wbemtest.exe+ 2004-08-04 05:56:48 197,120 ------w c:\windows\ServicePackFiles\i386\wbemupgd.dll+ 2004-08-04 04:08:48 31,744 ------w c:\windows\ServicePackFiles\i386\wceusbsh.sys+ 2004-08-04 03:29:46 23,615 ------w c:\windows\ServicePackFiles\i386\wch7xxnt.sys+ 2004-08-04 05:56:48 49,152 ------w c:\windows\ServicePackFiles\i386\wdigest.dll+ 2004-08-04 05:56:58 23,552 ------w c:\windows\ServicePackFiles\i386\wdmaud.drv+ 2004-08-04 04:15:06 82,944 ------w c:\windows\ServicePackFiles\i386\wdmaud.sys+ 2004-08-04 05:56:48 276,480 ------w c:\windows\ServicePackFiles\i386\webcheck.dll+ 2004-08-04 05:56:48 67,584 ------w c:\windows\ServicePackFiles\i386\webclnt.dll+ 2004-08-04 05:56:48 135,680 ------w c:\windows\ServicePackFiles\i386\webvw.dll+ 2004-08-04 05:56:58 65,536 ------w c:\windows\ServicePackFiles\i386\wextract.exe+ 2004-08-04 05:56:58 433,664 ------w c:\windows\ServicePackFiles\i386\wiaacmgr.exe+ 2004-08-04 05:56:48 463,360 ------w c:\windows\ServicePackFiles\i386\wiadefui.dll+ 2004-08-04 05:56:48 124,416 ------w c:\windows\ServicePackFiles\i386\wiadss.dll+ 2004-08-04 05:56:48 75,776 ------w c:\windows\ServicePackFiles\i386\wiascr.dll+ 2004-08-04 05:56:48 333,312 ------w c:\windows\ServicePackFiles\i386\wiaservc.dll+ 2004-08-04 05:56:48 589,312 ------w c:\windows\ServicePackFiles\i386\wiashext.dll+ 2004-08-04 05:56:48 111,104 ------w c:\windows\ServicePackFiles\i386\wiavideo.dll+ 2004-08-04 04:17:42 1,835,904 ------w c:\windows\ServicePackFiles\i386\win32k.sys+ 2004-08-04 05:56:48 101,888 ------w c:\windows\ServicePackFiles\i386\win32spl.dll+ 2004-08-04 05:56:36 937,984 ------w c:\windows\ServicePackFiles\i386\winbrand.dll+ 2004-08-04 05:56:58 283,648 ------w c:\windows\ServicePackFiles\i386\winhlp32.exe+ 2004-08-04 05:56:48 351,232 ------w c:\windows\ServicePackFiles\i386\winhttp.dll+ 2004-08-04 05:56:48 656,384 ------w c:\windows\ServicePackFiles\i386\wininet.dll+ 2004-08-04 05:56:48 32,768 ------w c:\windows\ServicePackFiles\i386\winipsec.dll+ 2004-08-04 05:56:58 502,272 ------w c:\windows\ServicePackFiles\i386\winlogon.exe+ 2004-08-04 05:56:48 176,128 ------w c:\windows\ServicePackFiles\i386\winmm.dll+ 2004-08-04 03:51:20 5,120 ------w c:\windows\ServicePackFiles\i386\winnls.dll+ 2004-08-04 05:56:36 764,928 ------w c:\windows\ServicePackFiles\i386\winntbbu.dll+ 2004-08-04 05:56:48 16,896 ------w c:\windows\ServicePackFiles\i386\winrnr.dll+ 2004-08-04 05:56:48 99,328 ------w c:\windows\ServicePackFiles\i386\winscard.dll+ 2004-08-04 05:56:48 17,408 ------w c:\windows\ServicePackFiles\i386\winshfhc.dll+ 2004-08-04 05:56:58 146,432 ------w c:\windows\ServicePackFiles\i386\winspool.drv+ 2004-08-04 05:56:48 290,816 ------w c:\windows\ServicePackFiles\i386\winsrv.dll+ 2004-08-04 05:56:48 53,760 ------w c:\windows\ServicePackFiles\i386\winsta.dll+ 2004-08-04 05:56:48 176,640 ------w c:\windows\ServicePackFiles\i386\wintrust.dll+ 2004-08-04 05:56:58 5,632 ------w c:\windows\ServicePackFiles\i386\winver.exe+ 2004-08-04 05:56:48 132,096 ------w c:\windows\ServicePackFiles\i386\wkssvc.dll+ 2004-08-04 05:56:48 172,032 ------w c:\windows\ServicePackFiles\i386\wldap32.dll+ 2004-08-04 03:31:28 154,624 ------w c:\windows\ServicePackFiles\i386\wlluc48.sys+ 2004-08-04 05:56:48 92,672 ------w c:\windows\ServicePackFiles\i386\wlnotify.dll+ 2004-08-04 05:56:48 408,064 ------w c:\windows\ServicePackFiles\i386\wmadmod.dll+ 2004-08-04 05:56:48 670,720 ------w c:\windows\ServicePackFiles\i386\wmadmoe.dll+ 2004-08-04 05:56:48 230,400 ------w c:\windows\ServicePackFiles\i386\wmasf.dll+ 2004-08-04 05:56:48 27,136 ------w c:\windows\ServicePackFiles\i386\wmdmlog.dll+ 2004-08-04 05:56:48 23,552 ------w c:\windows\ServicePackFiles\i386\wmdmps.dll+ 2004-08-04 05:56:36 168,448 ------w c:\windows\ServicePackFiles\i386\wmerror.dll+ 2004-08-04 05:56:36 5,632 ------w c:\windows\ServicePackFiles\i386\wmi.dll+ 2004-08-04 04:07:42 8,832 ------w c:\windows\ServicePackFiles\i386\wmiacpi.sys+ 2004-08-04 05:56:58 196,608 ------w c:\windows\ServicePackFiles\i386\wmiadap.exe+ 2004-08-04 05:56:36 6,656 ------w c:\windows\ServicePackFiles\i386\wmiapres.dll+ 2004-08-04 05:56:48 89,088 ------w c:\windows\ServicePackFiles\i386\wmiaprpl.dll+ 2004-08-04 05:56:58 126,464 ------w c:\windows\ServicePackFiles\i386\wmiapsrv.exe+ 2004-08-04 05:56:48 60,928 ------w c:\windows\ServicePackFiles\i386\wmicookr.dll+ 2004-08-04 05:56:48 140,800 ------w c:\windows\ServicePackFiles\i386\wmidcprv.dll+ 2004-08-04 05:56:48 151,552 ------w c:\windows\ServicePackFiles\i386\wmidx.dll+ 2004-08-04 05:56:48 156,672 ------w c:\windows\ServicePackFiles\i386\wmipcima.dll+ 2004-08-04 05:56:48 132,096 ------w c:\windows\ServicePackFiles\i386\wmipdskq.dll+ 2004-08-04 05:56:48 62,464 ------w c:\windows\ServicePackFiles\i386\wmipiprt.dll+ 2004-08-04 05:56:48 62,976 ------w c:\windows\ServicePackFiles\i386\wmipjobj.dll+ 2004-08-04 05:56:48 144,896 ------w c:\windows\ServicePackFiles\i386\wmiprov.dll+ 2004-08-04 05:56:48 437,248 ------w c:\windows\ServicePackFiles\i386\wmiprvsd.dll+ 2004-08-04 05:56:58 218,112 ------w c:\windows\ServicePackFiles\i386\wmiprvse.exe+ 2004-08-04 05:56:48 41,472 ------w c:\windows\ServicePackFiles\i386\wmipsess.dll+ 2004-08-04 05:56:48 144,896 ------w c:\windows\ServicePackFiles\i386\wmisvc.dll+ 2004-08-04 05:56:48 95,232 ------w c:\windows\ServicePackFiles\i386\wmiutils.dll+ 2004-08-04 05:56:48 167,936 ------w c:\windows\ServicePackFiles\i386\wmm2ae.dll+ 2004-08-04 05:56:48 4,096 ------w c:\windows\ServicePackFiles\i386\wmm2eres.dll+ 2004-08-04 05:56:48 7,680 ------w c:\windows\ServicePackFiles\i386\wmm2ext.dll+ 2004-08-04 05:56:48 402,432 ------w c:\windows\ServicePackFiles\i386\wmm2filt.dll+ 2004-08-04 05:56:48 502,272 ------w c:\windows\ServicePackFiles\i386\wmm2fxa.dll+ 2004-08-04 05:56:48 325,632 ------w c:\windows\ServicePackFiles\i386\wmm2fxb.dll+ 2004-08-04 05:56:48 4,256,768 ------w c:\windows\ServicePackFiles\i386\wmm2res.dll+ 2004-08-04 05:56:48 5,632 ------w c:\windows\ServicePackFiles\i386\wmm2res2.dll+ 2004-08-04 05:56:48 1,050,624 ------w c:\windows\ServicePackFiles\i386\wmnetmgr.dll+ 2004-08-04 05:56:48 4,874,240 ------w c:\windows\ServicePackFiles\i386\wmp.dll+ 2004-08-04 05:56:48 114,688 ------w c:\windows\ServicePackFiles\i386\wmpasf.dll+ 2004-08-04 05:56:48 98,304 ------w c:\windows\ServicePackFiles\i386\wmpband.dll+ 2004-08-04 05:56:48 20,480 ------w c:\windows\ServicePackFiles\i386\wmpcd.dll+ 2004-08-04 05:56:48 20,480 ------w c:\windows\ServicePackFiles\i386\wmpcore.dll+ 2004-08-04 05:56:48 233,472 ------w c:\windows\ServicePackFiles\i386\wmpdxm.dll+ 2004-08-04 05:56:58 73,728 ------w c:\windows\ServicePackFiles\i386\wmplayer.exe+ 2004-08-04 05:56:38 2,940,928 ------w c:\windows\ServicePackFiles\i386\wmploc.dll+ 2004-08-04 05:56:48 221,184 ------w c:\windows\ServicePackFiles\i386\wmpns.dll+ 2004-08-04 05:56:48 102,400 ------w c:\windows\ServicePackFiles\i386\wmpshell.dll+ 2004-08-04 05:56:48 20,480 ------w c:\windows\ServicePackFiles\i386\wmpui.dll+ 2004-08-04 05:56:48 759,296 ------w c:\windows\ServicePackFiles\i386\wmsdmod.dll+ 2004-08-04 05:56:48 115,200 ------w c:\windows\ServicePackFiles\i386\wmsdmoe.dll+ 2004-08-04 05:56:48 1,119,744 ------w c:\windows\ServicePackFiles\i386\wmsdmoe2.dll+ 2004-08-04 05:56:48 484,864 ------w c:\windows\ServicePackFiles\i386\wmspdmod.dll+ 2004-08-04 05:56:48 896,512 ------w c:\windows\ServicePackFiles\i386\wmspdmoe.dll+ 2004-08-04 05:56:48 303,616 ------w c:\windows\ServicePackFiles\i386\wmstream.dll+ 2004-08-04 05:57:04 2,105,344 ------w c:\windows\ServicePackFiles\i386\wmvcore.dll+ 2004-08-04 05:56:48 809,984 ------w c:\windows\ServicePackFiles\i386\wmvdmod.dll+ 2004-08-04 05:56:48 1,001,472 ------w c:\windows\ServicePackFiles\i386\wmvdmoe2.dll+ 2004-08-04 05:56:58 214,528 ------w c:\windows\ServicePackFiles\i386\wordpad.exe+ 2004-08-04 05:56:48 264,192 ------w c:\windows\ServicePackFiles\i386\wow32.dll+ 2004-08-04 05:56:58 32,256 ------w c:\windows\ServicePackFiles\i386\wpabaln.exe+ 2004-08-04 05:56:58 32,256 ------w c:\windows\ServicePackFiles\i386\wpnpinst.exe+ 2004-08-04 05:56:48 82,944 ------w c:\windows\ServicePackFiles\i386\ws2_32.dll+ 2004-08-04 05:56:48 19,968 ------w c:\windows\ServicePackFiles\i386\ws2help.dll+ 2004-08-04 05:56:58 13,824 ------w c:\windows\ServicePackFiles\i386\wscntfy.exe+ 2004-08-04 05:56:58 114,688 ------w c:\windows\ServicePackFiles\i386\wscript.exe+ 2004-08-04 05:56:48 81,408 ------w c:\windows\ServicePackFiles\i386\wscsvc.dll+ 2004-08-04 05:56:48 108,032 ------w c:\windows\ServicePackFiles\i386\wshbth.dll+ 2004-08-04 05:56:48 28,672 ------w c:\windows\ServicePackFiles\i386\wshcon.dll+ 2004-08-04 05:56:48 65,536 ------w c:\windows\ServicePackFiles\i386\wshext.dll+ 2004-08-04 05:56:48 14,336 ------w c:\windows\ServicePackFiles\i386\wship6.dll+ 2004-08-04 05:56:48 8,192 ------w c:\windows\ServicePackFiles\i386\wshirda.dll+ 2004-08-04 05:56:48 11,776 ------w c:\windows\ServicePackFiles\i386\wshrm.dll+ 2004-08-04 05:56:48 19,968 ------w c:\windows\ServicePackFiles\i386\wshtcpip.dll+ 2004-08-04 03:29:48 12,063 ------w c:\windows\ServicePackFiles\i386\wsiintxx.sys+ 2004-08-04 05:56:48 42,496 ------w c:\windows\ServicePackFiles\i386\wsnmp32.dll+ 2004-08-04 05:56:48 22,528 ------w c:\windows\ServicePackFiles\i386\wsock32.dll+ 2004-08-04 04:10:22 19,328 ------w c:\windows\ServicePackFiles\i386\wstcodec.sys+ 2004-08-04 05:56:48 50,688 ------w c:\windows\ServicePackFiles\i386\wstdecod.dll+ 2004-08-04 05:56:48 18,432 ------w c:\windows\ServicePackFiles\i386\wtsapi32.dll+ 2004-08-04 05:56:48 430,592 ------w c:\windows\ServicePackFiles\i386\wuapi.dll+ 2004-08-04 05:56:58 111,104 ------w c:\windows\ServicePackFiles\i386\wuauclt.exe+ 2004-08-04 05:56:58 165,888 ------w c:\windows\ServicePackFiles\i386\wuauclt1.exe+ 2004-08-04 05:56:48 1,134,592 ------w c:\windows\ServicePackFiles\i386\wuaueng.dll+ 2004-08-04 05:56:48 183,296 ------w c:\windows\ServicePackFiles\i386\wuaueng1.dll+ 2004-08-04 05:56:48 6,656 ------w c:\windows\ServicePackFiles\i386\wuauserv.dll+ 2004-08-04 05:56:48 112,640 ------w c:\windows\ServicePackFiles\i386\wucltui.dll+ 2004-08-04 05:56:48 36,864 ------w c:\windows\ServicePackFiles\i386\wups.dll+ 2004-08-04 05:56:48 120,320 ------w c:\windows\ServicePackFiles\i386\wuweb.dll+ 2004-08-04 03:29:50 19,455 ------w c:\windows\ServicePackFiles\i386\wvchntxx.sys+ 2004-08-04 05:56:48 378,368 ------w c:\windows\ServicePackFiles\i386\wzcdlg.dll+ 2004-08-04 05:56:48 51,712 ------w c:\windows\ServicePackFiles\i386\wzcsapi.dll+ 2004-08-04 05:56:48 359,936 ------w c:\windows\ServicePackFiles\i386\wzcsvc.dll+ 2004-08-04 05:56:48 91,648 ------w c:\windows\ServicePackFiles\i386\xactsrv.dll+ 2004-08-04 05:56:58 30,720 ------w c:\windows\ServicePackFiles\i386\xcopy.exe+ 2004-07-17 16:39:16 174,200 ------w c:\windows\ServicePackFiles\i386\xenroll.dll+ 2004-08-04 05:56:48 129,536 ------w c:\windows\ServicePackFiles\i386\xmlprov.dll+ 2004-08-04 05:56:48 50,176 ------w c:\windows\ServicePackFiles\i386\xmlprovi.dll+ 2004-08-04 05:56:48 11,776 ------w c:\windows\ServicePackFiles\i386\xolehlp.dll+ 2004-08-04 05:56:38 438,784 ------w c:\windows\ServicePackFiles\i386\xpob2res.dll+ 2004-08-04 05:56:38 187,392 ------w c:\windows\ServicePackFiles\i386\xpsp1res.dll+ 2004-08-04 05:56:38 2,897,920 ------w c:\windows\ServicePackFiles\i386\xpsp2res.dll+ 2004-08-04 05:56:48 116,224 ------w c:\windows\ServicePackFiles\i386\xrxwiadr.dll+ 2004-08-04 05:56:48 337,920 ------w c:\windows\ServicePackFiles\i386\zipfldr.dll+ 2004-08-04 05:56:58 32,866 ------w c:\windows\slrundll.exe- 2001-08-18 12:00:00 3,346,432 ----a-w c:\windows\srchasst\msgr3en.dll+ 2004-08-04 05:56:44 3,166,208 ----a-w c:\windows\srchasst\msgr3en.dll- 2001-08-18 12:00:00 106,562 ----a-w c:\windows\srchasst\srchctls.dll+ 2004-08-04 05:56:46 58,434 ----a-w c:\windows\srchasst\srchctls.dll- 2001-08-18 12:00:00 794,686 ----a-w c:\windows\srchasst\srchui.dll+ 2004-08-04 05:56:46 725,566 ----a-w c:\windows\srchasst\srchui.dll- 2001-08-18 12:00:00 68,928 ----a-w c:\windows\system\MMSYSTEM.DLL+ 2004-08-04 03:51:12 68,768 ----a-w c:\windows\system\mmsystem.dll- 2001-08-18 12:00:00 131,584 ----a-w c:\windows\system\WINSPOOL.DRV+ 2004-08-04 05:56:58 146,432 ----a-w c:\windows\system\winspool.drv- 2001-08-18 12:00:00 35,840 ----a-w c:\windows\system32\6to4svc.dll+ 2004-08-04 05:56:42 100,352 ----a-w c:\windows\system32\6to4svc.dll- 2001-08-18 12:00:00 179,200 ----a-w c:\windows\system32\accwiz.exe+ 2004-08-04 05:56:48 183,808 ----a-w c:\windows\system32\accwiz.exe- 2001-08-18 12:00:00 107,008 ----a-w c:\windows\system32\aclui.dll+ 2004-08-04 05:56:42 114,688 ----a-w c:\windows\system32\aclui.dll- 2001-08-18 12:00:00 181,760 ----a-w c:\windows\system32\activeds.dll+ 2004-08-04 05:56:42 194,048 ----a-w c:\windows\system32\activeds.dll- 2001-08-18 12:00:00 4,096 ----a-w c:\windows\system32\actmovie.exe+ 2004-08-04 05:56:48 4,096 ----a-w c:\windows\system32\actmovie.exe- 2001-08-18 12:00:00 98,304 ----a-w c:\windows\system32\actxprxy.dll+ 2004-08-04 05:56:42 101,888 ----a-w c:\windows\system32\actxprxy.dll- 2001-08-18 12:00:00 57,344 ----a-w c:\windows\system32\admparse.dll+ 2004-08-04 05:56:42 61,440 ----a-w c:\windows\system32\admparse.dll- 2001-08-18 12:00:00 160,768 ----a-w c:\windows\system32\adsldp.dll+ 2004-08-04 05:56:42 175,616 ----a-w c:\windows\system32\adsldp.dll- 2001-08-18 12:00:00 139,264 ----a-w c:\windows\system32\adsldpc.dll+ 2004-08-04 05:56:42 143,360 ----a-w c:\windows\system32\adsldpc.dll- 2001-08-18 12:00:00 62,464 ----a-w c:\windows\system32\adsmsext.dll+ 2004-08-04 05:56:42 68,096 ----a-w c:\windows\system32\adsmsext.dll- 2001-08-18 12:00:00 239,616 ----a-w c:\windows\system32\adsnt.dll+ 2004-08-04 05:56:42 263,680 ----a-w c:\windows\system32\adsnt.dll- 2001-08-18 12:00:00 549,888 ----a-w c:\windows\system32\advapi32.dll+ 2004-08-04 05:56:42 616,960 ----a-w c:\windows\system32\advapi32.dll- 2001-08-18 12:00:00 91,136 ----a-w c:\windows\system32\advpack.dll+ 2004-08-04 05:56:42 99,840 ----a-w c:\windows\system32\advpack.dll- 2001-08-18 12:00:00 84,992 ----a-w c:\windows\system32\ahui.exe+ 2004-08-04 05:56:48 98,304 ----a-w c:\windows\system32\ahui.exe- 2001-08-18 12:00:00 40,960 ----a-w c:\windows\system32\alg.exe+ 2004-08-04 05:56:48 44,544 ----a-w c:\windows\system32\alg.exe- 2001-08-18 12:00:00 15,872 ----a-w c:\windows\system32\alrsvc.dll+ 2004-08-04 05:56:42 17,408 ----a-w c:\windows\system32\alrsvc.dll- 2002-12-12 04:14:32 64,512 ----a-w c:\windows\system32\amstream.dll+ 2004-08-04 05:56:42 70,656 ----a-w c:\windows\system32\amstream.dll- 2001-08-18 12:00:00 104,448 ----a-w c:\windows\system32\apphelp.dll+ 2004-08-04 05:56:42 126,976 ----a-w c:\windows\system32\apphelp.dll- 2001-08-18 12:00:00 77,824 ------w c:\windows\system32\asycfilt.dll+ 2004-08-04 05:56:42 65,024 ------w c:\windows\system32\asycfilt.dll- 2001-08-18 12:00:00 22,528 ----a-w c:\windows\system32\at.exe+ 2004-08-04 05:56:48 25,088 ----a-w c:\windows\system32\at.exe+ 2004-08-04 05:56:42 229,376 ------w c:\windows\system32\ati2cqag.dll+ 2004-08-04 05:56:42 377,984 ------w c:\windows\system32\ati2dvaa.dll+ 2004-08-04 05:56:42 201,728 ------w c:\windows\system32\ati2dvag.dll+ 2004-08-04 05:56:42 870,784 ------w c:\windows\system32\ati3d1ag.dll+ 2004-08-04 05:56:42 1,888,992 ------w c:\windows\system32\ati3duag.dll+ 2004-08-04 05:56:42 32,768 ------w c:\windows\system32\ativtmxx.dll+ 2004-08-04 05:56:42 516,768 ------w c:\windows\system32\ativvaxx.dll- 2001-08-18 12:00:00 74,802 ----a-w c:\windows\system32\atl.dll+ 2004-08-04 05:56:42 58,880 ----a-w c:\windows\system32\atl.dll- 2001-08-18 12:00:00 10,240 ----a-w c:\windows\system32\atmadm.exe+ 2004-08-04 05:56:48 11,264 ----a-w c:\windows\system32\atmadm.exe- 2001-08-18 12:00:00 272,768 ----a-w c:\windows\system32\atmfd.dll+ 2004-08-04 05:56:00 285,696 ----a-w c:\windows\system32\atmfd.dll- 2001-08-18 12:00:00 27,136 ----a-w c:\windows\system32\atmlib.dll+ 2004-08-04 05:56:42 30,208 ----a-w c:\windows\system32\atmlib.dll- 2001-08-18 12:00:00 37,888 ----a-w c:\windows\system32\audiosrv.dll+ 2004-08-04 05:56:42 42,496 ----a-w c:\windows\system32\audiosrv.dll+ 2004-08-04 05:56:48 14,336 ------w c:\windows\system32\auditusr.exe- 2001-08-18 12:00:00 51,200 ----a-w c:\windows\system32\authz.dll+ 2004-08-04 05:56:42 56,832 ----a-w c:\windows\system32\authz.dll- 2001-08-18 12:00:00 565,760 ----a-w c:\windows\system32\autochk.exe+ 2004-08-04 05:56:48 588,800 ----a-w c:\windows\system32\autochk.exe- 2001-08-18 12:00:00 578,560 ----a-w c:\windows\system32\autoconv.exe+ 2004-08-04 05:56:48 602,624 ----a-w c:\windows\system32\autoconv.exe- 2001-08-18 12:00:00 558,592 ----a-w c:\windows\system32\autofmt.exe+ 2004-08-04 05:56:48 580,608 ----a-w c:\windows\system32\autofmt.exe- 2001-08-18 12:00:00 8,192 ----a-w c:\windows\system32\autolfn.exe+ 2004-08-04 05:56:48 11,264 ----a-w c:\windows\system32\autolfn.exe- 2001-08-18 12:00:00 76,288 ----a-w c:\windows\system32\avifil32.dll+ 2004-08-04 05:56:42 84,992 ----a-w c:\windows\system32\avifil32.dll- 2001-08-18 12:00:00 45,056 ----a-w c:\windows\system32\basesrv.dll+ 2004-08-04 05:56:42 52,736 ----a-w c:\windows\system32\basesrv.dll- 2001-08-18 12:00:00 27,136 ----a-w c:\windows\system32\batmeter.dll+ 2004-08-04 05:56:42 28,672 ----a-w c:\windows\system32\batmeter.dll- 2001-08-18 12:00:00 6,656 ----a-w c:\windows\system32\batt.dll+ 2004-08-04 05:56:42 8,704 ----a-w c:\windows\system32\batt.dll- 2001-08-18 12:00:00 14,848 ----a-w c:\windows\system32\bidispl.dll+ 2004-08-04 05:56:42 17,408 ----a-w c:\windows\system32\bidispl.dll- 2004-07-01 22:08:18 7,680 ------w c:\windows\system32\bitsprx2.dll+ 2004-08-04 05:56:42 8,192 ------w c:\windows\system32\bitsprx2.dll- 2004-07-01 22:08:18 7,168 ------w c:\windows\system32\bitsprx3.dll+ 2004-08-04 05:56:42 7,168 ------w c:\windows\system32\bitsprx3.dll+ 2004-08-04 05:56:48 71,680 ------w c:\windows\system32\blastcln.exe- 2001-08-18 12:00:00 62,976 ----a-w c:\windows\system32\browselc.dll+ 2004-08-04 05:56:00 63,488 ----a-w c:\windows\system32\browselc.dll- 2001-08-18 12:00:00 49,152 ----a-w c:\windows\system32\browser.dll+ 2004-08-04 05:56:42 77,312 ----a-w c:\windows\system32\browser.dll- 2001-08-18 12:00:00 1,020,416 ----a-w c:\windows\system32\browseui.dll+ 2004-08-04 05:56:42 1,016,832 ----a-w c:\windows\system32\browseui.dll- 2001-08-18 12:00:00 71,680 ----a-w c:\windows\system32\browsewm.dll+ 2004-08-04 05:56:42 78,336 ----a-w c:\windows\system32\browsewm.dll+ 2004-08-04 05:56:42 20,992 ------w c:\windows\system32\bthci.dll+ 2004-08-04 05:56:42 30,208 ------w c:\windows\system32\bthserv.dll+ 2004-08-04 05:56:42 50,688 ------w c:\windows\system32\btpanui.dll- 2001-08-18 12:00:00 58,880 ----a-w c:\windows\system32\cabinet.dll+ 2004-08-04 05:56:42 59,904 ----a-w c:\windows\system32\cabinet.dll- 2001-08-18 12:00:00 80,384 ----a-w c:\windows\system32\cabview.dll+ 2004-08-04 05:56:42 84,480 ----a-w c:\windows\system32\cabview.dll- 2001-08-18 12:00:00 45,056 ----a-w c:\windows\system32\camocx.dll+ 2004-08-04 05:56:42 50,688 ----a-w c:\windows\system32\camocx.dll- 2001-08-18 12:00:00 215,040 ----a-w c:\windows\system32\catsrv.dll+ 2004-08-04 05:56:42 229,888 ----a-w c:\windows\system32\catsrv.dll- 2001-08-18 12:00:00 85,504 ----a-w c:\windows\system32\catsrvps.dll+ 2004-08-04 05:56:42 85,504 ----a-w c:\windows\system32\catsrvps.dll- 2001-08-18 12:00:00 583,168 ----a-w c:\windows\system32\catsrvut.dll+ 2004-08-04 05:56:42 628,224 ----a-w c:\windows\system32\catsrvut.dll- 2001-08-18 12:00:00 142,336 ----a-w c:\windows\system32\cdfview.dll+ 2004-08-04 05:56:42 150,528 ----a-w c:\windows\system32\cdfview.dll- 2001-08-18 12:00:00 2,028,032 ----a-w c:\windows\system32\cdosys.dll+ 2004-08-04 05:56:42 2,067,968 ----a-w c:\windows\system32\cdosys.dll- 2001-08-18 12:00:00 184,320 ----a-w c:\windows\system32\certcli.dll+ 2004-08-04 05:56:42 194,560 ----a-w c:\windows\system32\certcli.dll- 2001-08-18 12:00:00 436,736 ----a-w c:\windows\system32\certmgr.dll+ 2004-08-04 05:56:42 457,728 ----a-w c:\windows\system32\certmgr.dll- 2001-08-18 12:00:00 32,768 ----a-w c:\windows\system32\cfgbkend.dll+ 2004-08-04 05:56:42 38,912 ----a-w c:\windows\system32\cfgbkend.dll- 2001-08-18 12:00:00 16,896 ----a-w c:\windows\system32\cfgmgr32.dll+ 2004-08-04 05:56:02 16,896 ----a-w c:\windows\system32\cfgmgr32.dll- 2001-08-18 12:00:00 62,976 ----a-w c:\windows\system32\ciodm.dll+ 2004-08-04 05:56:42 69,120 ----a-w c:\windows\system32\ciodm.dll- 2001-08-18 12:00:00 5,120 ----a-w c:\windows\system32\cisvc.exe+ 2004-08-04 05:56:48 5,632 ----a-w c:\windows\system32\cisvc.exe- 2001-08-18 12:00:00 100,864 ----a-w c:\windows\system32\clbcatex.dll+ 2004-08-04 05:56:42 110,080 ----a-w c:\windows\system32\clbcatex.dll- 2001-08-18 12:00:00 468,480 ----a-w c:\windows\system32\clbcatq.dll+ 2004-08-04 05:56:42 501,248 ----a-w c:\windows\system32\clbcatq.dll- 2001-08-18 12:00:00 61,440 ----a-w c:\windows\system32\cleanmgr.exe+ 2004-08-04 05:56:48 64,000 ----a-w c:\windows\system32\cleanmgr.exe- 2001-08-18 12:00:00 127,552 ----a-w c:\windows\system32\cliconfg.dll+ 2004-08-04 05:56:42 77,824 ----a-w c:\windows\system32\cliconfg.dll- 2001-08-18 12:00:00 45,632 ----a-w c:\windows\system32\cliconfg.exe+ 2004-08-04 05:56:48 20,480 ----a-w c:\windows\system32\cliconfg.exe- 2001-08-18 12:00:00 98,816 ----a-w c:\windows\system32\clipbrd.exe+ 2004-08-04 05:56:48 102,912 ----a-w c:\windows\system32\clipbrd.exe- 2001-08-18 12:00:00 30,720 ----a-w c:\windows\system32\clipsrv.exe+ 2004-08-04 05:56:48 33,280 ----a-w c:\windows\system32\clipsrv.exe- 2001-08-18 12:00:00 53,248 ----a-w c:\windows\system32\clusapi.dll+ 2004-08-04 05:56:42 57,856 ----a-w c:\windows\system32\clusapi.dll- 2001-08-18 12:00:00 12,288 ----a-w c:\windows\system32\cmcfg32.dll+ 2004-08-04 05:56:42 15,872 ----a-w c:\windows\system32\cmcfg32.dll- 2001-08-18 12:00:00 375,808 ----a-w c:\windows\system32\cmd.exe+ 2004-08-04 05:56:50 388,608 ----a-w c:\windows\system32\cmd.exe- 2001-08-18 12:00:00 314,880 ----a-w c:\windows\system32\cmdial32.dll+ 2004-08-04 05:56:42 343,040 ----a-w c:\windows\system32\cmdial32.dll- 2001-08-18 12:00:00 41,472 ----a-w c:\windows\system32\cmdl32.exe+ 2004-08-04 05:56:50 47,104 ----a-w c:\windows\system32\cmdl32.exe- 2001-08-18 12:00:00 35,840 ----a-w c:\windows\system32\cmmon32.exe+ 2004-08-04 05:56:50 39,936 ----a-w c:\windows\system32\cmmon32.exe- 2001-08-18 12:00:00 174,592 ----a-w c:\windows\system32\cmprops.dll+ 2004-08-04 05:56:42 185,344 ----a-w c:\windows\system32\cmprops.dll+ 2004-08-04 05:56:42 13,824 ------w c:\windows\system32\cmsetacl.dll- 2001-08-18 12:00:00 54,784 ----a-w c:\windows\system32\cmstp.exe+ 2004-08-04 05:56:50 63,488 ----a-w c:\windows\system32\cmstp.exe- 2001-08-18 12:00:00 36,352 ----a-w c:\windows\system32\cmutil.dll+ 2004-08-04 05:56:42 39,936 ----a-w c:\windows\system32\cmutil.dll- 2001-08-18 12:00:00 45,568 ----a-w c:\windows\system32\cnbjmon.dll+ 2004-08-04 05:56:42 47,104 ----a-w c:\windows\system32\cnbjmon.dll- 2001-08-18 12:00:00 56,832 ----a-w c:\windows\system32\colbact.dll+ 2004-08-04 05:56:42 62,464 ----a-w c:\windows\system32\colbact.dll- 2001-08-18 12:00:00 186,880 ----a-w c:\windows\system32\Com\comadmin.dll+ 2004-08-04 05:56:42 195,584 ----a-w c:\windows\system32\Com\comadmin.dll- 2001-08-18 12:00:00 8,192 ----a-w c:\windows\system32\Com\comrepl.exe+ 2004-08-04 05:56:50 9,728 ----a-w c:\windows\system32\Com\comrepl.exe- 2001-08-18 12:00:00 557,568 ----a-w c:\windows\system32\comctl32.dll+ 2004-08-04 05:56:42 611,328 ----a-w c:\windows\system32\comctl32.dll- 2001-08-18 12:00:00 258,048 ----a-w c:\windows\system32\comdlg32.dll+ 2004-08-04 05:56:42 276,992 ----a-w c:\windows\system32\comdlg32.dll- 2001-08-18 12:00:00 238,592 ----a-w c:\windows\system32\compatUI.dll+ 2004-08-04 05:56:42 252,928 ----a-w c:\windows\system32\compatui.dll- 2001-08-18 12:00:00 222,208 ----a-w c:\windows\system32\compstui.dll+ 2004-08-04 05:56:42 229,376 ----a-w c:\windows\system32\compstui.dll- 2001-08-18 12:00:00 792,064 ----a-w c:\windows\system32\comres.dll+ 2004-08-04 05:56:42 792,064 ----a-w c:\windows\system32\comres.dll- 2001-08-18 12:00:00 1,139,200 ----a-w c:\windows\system32\comsvcs.dll+ 2004-08-04 05:56:42 1,251,840 ----a-w c:\windows\system32\comsvcs.dll- 2001-08-18 12:00:00 495,616 ----a-w c:\windows\system32\comuid.dll+ 2004-08-04 05:56:42 540,160 ----a-w c:\windows\system32\comuid.dll- 2009-02-17 16:28:45 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat+ 2009-02-19 17:13:10 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat- 2009-02-17 16:28:45 16,384 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat+ 2009-02-19 17:13:10 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat+ 2009-02-19 17:13:04 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009021920090220\index.dat- 2001-08-18 12:00:00 24,576 ----a-w c:\windows\system32\conime.exe+ 2004-08-04 05:56:50 27,648 ----a-w c:\windows\system32\conime.exe- 2001-08-18 12:00:00 14,877 ----a-w c:\windows\system32\corpol.dll+ 2004-08-04 05:56:42 35,328 ----a-w c:\windows\system32\corpol.dll- 2001-08-18 12:00:00 161,792 ----a-w c:\windows\system32\credui.dll+ 2004-08-04 05:56:42 163,840 ----a-w c:\windows\system32\credui.dll- 2002-09-23 19:10:26 544,256 ----a-w c:\windows\system32\crypt32.dll+ 2004-08-04 05:56:42 597,504 ----a-w c:\windows\system32\crypt32.dll- 2001-08-18 12:00:00 70,144 ----a-w c:\windows\system32\cryptdlg.dll+ 2004-08-04 05:56:42 74,752 ----a-w c:\windows\system32\cryptdlg.dll- 2001-08-18 12:00:00 29,184 ----a-w c:\windows\system32\cryptdll.dll+ 2004-08-04 05:56:42 33,280 ----a-w c:\windows\system32\cryptdll.dll- 2001-08-18 12:00:00 48,640 ----a-w c:\windows\system32\cryptext.dll+ 2004-08-04 05:56:42 53,760 ----a-w c:\windows\system32\cryptext.dll- 2001-08-18 12:00:00 53,248 ----a-w c:\windows\system32\cryptnet.dll+ 2004-08-04 05:56:42 63,488 ----a-w c:\windows\system32\cryptnet.dll- 2001-08-18 12:00:00 51,200 ----a-w c:\windows\system32\cryptsvc.dll+ 2004-08-04 05:56:42 60,416 ----a-w c:\windows\system32\cryptsvc.dll- 2001-08-18 12:00:00 470,016 ----a-w c:\windows\system32\cryptui.dll+ 2004-08-04 05:56:42 512,512 ----a-w c:\windows\system32\cryptui.dll- 2001-08-18 12:00:00 89,600 ----a-w c:\windows\system32\cscdll.dll+ 2004-08-04 05:56:42 101,888 ----a-w c:\windows\system32\cscdll.dll- 2001-08-18 12:00:00 102,450 ----a-w c:\windows\system32\cscript.exe+ 2004-08-04 05:56:50 98,304 ----a-w c:\windows\system32\cscript.exe- 2001-08-18 12:00:00 305,664 ----a-w c:\windows\system32\cscui.dll+ 2004-08-04 05:56:42 326,656 ----a-w c:\windows\system32\cscui.dll- 2001-08-18 12:00:00 29,184 ----a-w c:\windows\system32\csrsrv.dll+ 2004-08-04 05:56:42 32,768 ----a-w c:\windows\system32\csrsrv.dll- 2001-08-18 12:00:00 4,096 ----a-w c:\windows\system32\csrss.exe+ 2004-08-04 05:56:50 6,144 ----a-w c:\windows\system32\csrss.exe- 2001-08-18 12:00:00 13,312 ----a-w c:\windows\system32\ctfmon.exe+ 2004-08-04 05:56:50 15,360 ----a-w c:\windows\system32\ctfmon.exe- 2004-07-09 08:27:28 1,201,152 ----a-w c:\windows\system32\d3d8.dll+ 2004-08-04 05:56:42 1,179,648 ----a-w c:\windows\system32\d3d8.dll- 2002-12-12 04:14:32 8,192 ----a-w c:\windows\system32\d3d8thk.dll+ 2004-08-04 05:56:42 8,192 ----a-w c:\windows\system32\d3d8thk.dll- 2004-07-09 08:27:28 1,703,936 ----a-w c:\windows\system32\d3d9.dll+ 2004-08-04 05:56:42 1,689,088 ----a-w c:\windows\system32\d3d9.dll- 2003-05-30 13:00:02 797,184 ----a-w c:\windows\system32\d3dim700.dll+ 2004-08-04 05:56:42 825,344 ----a-w c:\windows\system32\d3dim700.dll- 2001-08-18 12:00:00 986,112 ----a-w c:\windows\system32\danim.dll+ 2004-08-04 05:56:42 1,053,696 ----a-w c:\windows\system32\danim.dll- 2001-08-18 12:00:00 51,712 ----a-w c:\windows\system32\dataclen.dll+ 2004-08-04 05:56:44 54,272 ----a-w c:\windows\system32\dataclen.dll- 2001-08-18 12:00:00 22,016 ----a-w c:\windows\system32\davclnt.dll+ 2004-08-04 05:56:44 24,576 ----a-w c:\windows\system32\davclnt.dll- 2001-08-18 12:00:00 486,400 ----a-w c:\windows\system32\dbghelp.dll+ 2004-08-04 05:56:44 640,000 ----a-w c:\windows\system32\dbghelp.dll- 2001-08-18 12:00:00 24,576 ----a-w c:\windows\system32\dbmsrpcn.dll+ 2004-08-04 05:56:44 24,576 ----a-w c:\windows\system32\dbmsrpcn.dll- 2001-08-18 12:00:00 65,536 ----a-w c:\windows\system32\dbnetlib.dll+ 2004-08-04 05:56:44 110,592 ----a-w c:\windows\system32\dbnetlib.dll- 2001-08-18 12:00:00 28,672 ----a-w c:\windows\system32\dbnmpntw.dll+ 2004-08-04 05:56:44 28,672 ----a-w c:\windows\system32\dbnmpntw.dll+ 2004-08-04 06:07:22 1,788 ----a-w c:\windows\system32\dcache.bin- 2001-08-18 12:00:00 7,680 ----a-w c:\windows\system32\dciman32.dll+ 2004-08-04 05:56:44 8,704 ----a-w c:\windows\system32\dciman32.dll- 2001-08-18 12:00:00 27,136 ----a-w c:\windows\system32\ddeshare.exe+ 2004-08-04 05:56:50 30,208 ----a-w c:\windows\system32\ddeshare.exe- 2004-07-09 08:27:28 292,864 ----a-w c:\windows\system32\ddraw.dll+ 2004-08-04 05:56:44 266,240 ----a-w c:\windows\system32\ddraw.dll- 2002-12-12 04:14:32 24,064 ----a-w c:\windows\system32\ddrawex.dll+ 2004-08-04 05:56:44 27,136 ----a-w c:\windows\system32\ddrawex.dll- 2001-08-18 12:00:00 109,568 ----a-w c:\windows\system32\defrag.exe+ 2004-08-04 05:56:50 25,088 ----a-w c:\windows\system32\defrag.exe- 2003-05-30 13:00:02 132,608 ----a-w c:\windows\system32\devenum.dll+ 2004-08-04 05:56:44 59,904 ----a-w c:\windows\system32\devenum.dll- 2001-08-18 12:00:00 263,680 ----a-w c:\windows\system32\devmgr.dll+ 2004-08-04 05:56:44 282,624 ----a-w c:\windows\system32\devmgr.dll- 2001-08-18 12:00:00 73,216 ----a-w c:\windows\system32\dfrgfat.exe+ 2004-08-04 05:56:50 82,432 ----a-w c:\windows\system32\dfrgfat.exe- 2001-08-18 12:00:00 85,504 ----a-w c:\windows\system32\dfrgntfs.exe+ 2004-08-04 05:56:50 104,960 ----a-w c:\windows\system32\dfrgntfs.exe- 2001-08-18 12:00:00 41,984 ----a-w c:\windows\system32\dfrgsnap.dll+ 2004-08-04 05:56:44 38,912 ----a-w c:\windows\system32\dfrgsnap.dll- 2001-08-18 12:00:00 124,928 ----a-w c:\windows\system32\dfrgui.dll+ 2004-08-04 05:56:44 123,904 ----a-w c:\windows\system32\dfrgui.dll- 2001-08-18 12:00:00 25,088 ----a-w c:\windows\system32\dfsshlex.dll+ 2004-08-04 05:56:44 28,672 ----a-w c:\windows\system32\dfsshlex.dll- 2001-08-18 12:00:00 103,424 ----a-w c:\windows\system32\dgnet.dll+ 2004-08-04 05:56:44 111,104 ----a-w c:\windows\system32\dgnet.dll- 2001-08-18 12:00:00 98,816 ----a-w c:\windows\system32\dhcpcsvc.dll+ 2004-08-04 05:56:44 111,104 ----a-w c:\windows\system32\dhcpcsvc.dll- 2001-08-18 12:00:00 79,360 ----a-w c:\windows\system32\diantz.exe+ 2004-08-04 05:56:50 85,504 ----a-w c:\windows\system32\diantz.exe- 2001-08-18 12:00:00 55,808 ----a-w c:\windows\system32\digest.dll+ 2004-08-04 05:56:44 68,608 ----a-w c:\windows\system32\digest.dll- 2002-08-29 07:40:00 648,704 ----a-w c:\windows\system32\dinput.dll+ 2004-08-04 05:56:44 159,232 ----a-w c:\windows\system32\dinput.dll- 2002-08-29 07:40:00 667,648 ----a-w c:\windows\system32\dinput8.dll+ 2004-08-04 05:56:44 181,760 ----a-w c:\windows\system32\dinput8.dll- 2001-08-18 12:00:00 145,920 ----a-w c:\windows\system32\diskpart.exe+ 2004-08-04 05:56:50 163,840 ----a-w c:\windows\system32\diskpart.exe- 2001-08-18 12:00:00 204,861 -c--a-w c:\windows\system32\dllcache\chtmbx.dll+ 2004-08-04 03:31:52 97,792 -c--a-w c:\windows\system32\dllcache\chtmbx.dll- 2001-08-18 12:00:00 131,134 -c--a-w c:\windows\system32\dllcache\chtskdic.dll+ 2004-08-04 03:31:54 56,320 -c--a-w c:\windows\system32\dllcache\chtskdic.dll- 2001-08-18 12:00:00 299,069 -c--a-w c:\windows\system32\dllcache\chtskf.dll+ 2004-08-04 03:31:54 173,568 -c--a-w c:\windows\system32\dllcache\chtskf.dll- 2001-08-18 12:00:00 344,127 -c--a-w c:\windows\system32\dllcache\cintime.dll+ 2004-08-04 03:31:54 198,656 -c--a-w c:\windows\system32\dllcache\cintime.dll- 2001-08-18 12:00:00 540,745 -c--a-w c:\windows\system32\dllcache\cintsetp.exe+ 2004-08-04 03:31:56 480,256 -c--a-w c:\windows\system32\dllcache\cintsetp.exe- 2001-08-18 12:00:00 61,492 -c--a-w c:\windows\system32\dllcache\cplexe.exe+ 2004-08-04 03:31:40 57,399 -c--a-w c:\windows\system32\dllcache\cplexe.exe- 2001-08-18 12:00:00 86,016 -c--a-w c:\windows\system32\dllcache\imekrcic.dll+ 2004-08-04 04:04:38 106,496 -c--a-w c:\windows\system32\dllcache\imekrcic.dll- 2001-08-18 12:00:00 80,384 -c--a-w c:\windows\system32\dllcache\imekrmbx.dll+ 2004-08-04 04:04:34 86,016 -c--a-w c:\windows\system32\dllcache\imekrmbx.dll- 2001-08-18 12:00:00 827,438 -c--a-w c:\windows\system32\dllcache\imjp81k.dll+ 2004-08-04 03:31:50 811,064 -c--a-w c:\windows\system32\dllcache\imjp81k.dll- 2001-08-18 12:00:00 356,398 -c--a-w c:\windows\system32\dllcache\imjpcic.dll+ 2004-08-04 03:31:52 368,696 -c--a-w c:\windows\system32\dllcache\imjpcic.dll- 2001-08-18 12:00:00 716,853 -c--a-w c:\windows\system32\dllcache\imjpcus.dll+ 2004-08-04 03:31:52 716,856 -c--a-w c:\windows\system32\dllcache\imjpcus.dll- 2001-08-18 12:00:00 81,973 -c--a-w c:\windows\system32\dllcache\imjpdct.dll+ 2004-08-04 03:31:54 81,976 -c--a-w c:\windows\system32\dllcache\imjpdct.dll- 2001-08-18 12:00:00 307,254 -c--a-w c:\windows\system32\dllcache\imjpdct.exe+ 2004-08-04 03:31:54 307,257 -c--a-w c:\windows\system32\dllcache\imjpdct.exe- 2001-08-18 12:00:00 155,702 -c--a-w c:\windows\system32\dllcache\imjpdsvr.exe+ 2004-08-04 03:31:56 155,705 -c--a-w c:\windows\system32\dllcache\imjpdsvr.exe- 2001-08-18 12:00:00 196,662 -c--a-w c:\windows\system32\dllcache\imjpinst.exe+ 2004-08-04 03:31:58 196,665 -c--a-w c:\windows\system32\dllcache\imjpinst.exe- 2001-08-18 12:00:00 208,949 -c--a-w c:\windows\system32\dllcache\imjpmig.exe+ 2004-08-04 03:32:00 208,952 -c--a-w c:\windows\system32\dllcache\imjpmig.exe- 2001-08-18 12:00:00 233,524 -c--a-w c:\windows\system32\dllcache\imjprw.exe+ 2004-08-04 03:32:12 233,527 -c--a-w c:\windows\system32\dllcache\imjprw.exe- 2001-08-18 12:00:00 262,197 -c--a-w c:\windows\system32\dllcache\imjputy.exe+ 2004-08-04 03:32:16 262,200 -c--a-w c:\windows\system32\dllcache\imjputy.exe- 2001-08-18 12:00:00 274,486 -c--a-w c:\windows\system32\dllcache\imjputyc.dll+ 2004-08-04 03:32:16 274,489 -c--a-w c:\windows\system32\dllcache\imjputyc.dll- 2001-08-18 12:00:00 102,452 -c--a-w c:\windows\system32\dllcache\imlang.dll+ 2004-08-04 03:32:28 102,456 -c--a-w c:\windows\system32\dllcache\imlang.dll- 2001-08-18 12:00:00 77,824 -c--a-w c:\windows\system32\dllcache\imscinst.exe+ 2004-08-04 03:31:50 59,392 -c--a-w c:\windows\system32\dllcache\imscinst.exe- 2001-08-18 12:00:00 32,836 -c--a-w c:\windows\system32\dllcache\padrs404.dll+ 2004-08-04 03:32:12 15,872 -c--a-w c:\windows\system32\dllcache\padrs404.dll- 2001-08-18 12:00:00 32,836 -c--a-w c:\windows\system32\dllcache\padrs804.dll+ 2004-08-04 03:31:50 15,360 -c--a-w c:\windows\system32\dllcache\padrs804.dll- 2001-08-18 12:00:00 294,975 -c--a-w c:\windows\system32\dllcache\pintlcsa.dll+ 2004-08-04 03:31:50 175,104 -c--a-w c:\windows\system32\dllcache\pintlcsa.dll- 2001-08-18 12:00:00 90,175 -c--a-w c:\windows\system32\dllcache\pintlcsd.dll+ 2004-08-04 03:31:50 53,760 -c--a-w c:\windows\system32\dllcache\pintlcsd.dll- 2001-08-18 12:00:00 131,126 -c--a-w c:\windows\system32\dllcache\pintlphr.exe+ 2004-08-04 03:31:50 70,144 -c--a-w c:\windows\system32\dllcache\pintlphr.exe- 2001-08-18 12:00:00 114,762 -c--a-w c:\windows\system32\dllcache\pmigrate.dll+ 2004-08-04 03:31:50 67,584 -c--a-w c:\windows\system32\dllcache\pmigrate.dll- 2001-08-18 12:00:00 143,421 -c--a-w c:\windows\system32\dllcache\tintlphr.exe+ 2004-08-04 03:32:16 44,032 -c--a-w c:\windows\system32\dllcache\tintlphr.exe- 2001-08-18 12:00:00 737,360 -c--a-w c:\windows\system32\dllcache\tintsetp.exe+ 2004-08-04 03:32:16 455,168 -c--a-w c:\windows\system32\dllcache\tintsetp.exe- 2001-08-18 12:00:00 90,172 -c--a-w c:\windows\system32\dllcache\tmigrate.dll+ 2004-08-04 03:32:14 10,240 -c--a-w c:\windows\system32\dllcache\tmigrate.dll- 2001-08-18 12:00:00 73,216 -c--a-w c:\windows\system32\dllcache\uniime.dll+ 2004-08-04 04:04:12 76,288 -c--a-w c:\windows\system32\dllcache\uniime.dll- 2001-08-18 12:00:00 426,038 -c--a-w c:\windows\system32\dllcache\voicepad.dll+ 2004-08-04 03:32:36 426,041 -c--a-w c:\windows\system32\dllcache\voicepad.dll- 2001-08-18 12:00:00 86,070 -c--a-w c:\windows\system32\dllcache\voicesub.dll+ 2004-08-04 03:32:36 86,073 -c--a-w c:\windows\system32\dllcache\voicesub.dll- 2001-08-18 12:00:00 4,608 ----a-w c:\windows\system32\dllhost.exe+ 2004-08-04 05:56:50 5,120 ----a-w c:\windows\system32\dllhost.exe- 2001-08-18 12:00:00 204,800 ----a-w c:\windows\system32\dmadmin.exe+ 2004-08-04 05:56:50 224,768 ----a-w c:\windows\system32\dmadmin.exe- 2002-12-12 04:14:32 27,136 ----a-w c:\windows\system32\dmband.dll+ 2004-08-04 05:56:44 28,672 ----a-w c:\windows\system32\dmband.dll- 2002-12-12 04:14:32 58,368 ----a-w c:\windows\system32\dmcompos.dll+ 2004-08-04 05:56:44 61,440 ----a-w c:\windows\system32\dmcompos.dll- 2001-08-18 12:00:00 184,320 ----a-w c:\windows\system32\dmdskmgr.dll+ 2004-08-04 05:56:44 200,704 ----a-w c:\windows\system32\dmdskmgr.dll- 2004-07-09 08:27:28 181,248 ----a-w c:\windows\system32\dmime.dll+ 2004-08-04 05:56:44 181,248 ----a-w c:\windows\system32\dmime.dll- 2002-12-12 04:14:32 33,280 ----a-w c:\windows\system32\dmloader.dll+ 2004-08-04 05:56:44 35,840 ----a-w c:\windows\system32\dmloader.dll- 2001-08-18 12:00:00 14,336 ----a-w c:\windows\system32\dmremote.exe+ 2004-08-04 05:56:50 15,872 ----a-w c:\windows\system32\dmremote.exe- 2002-12-12 04:14:32 76,800 ----a-w c:\windows\system32\dmscript.dll+ 2004-08-04 05:56:44 82,432 ----a-w c:\windows\system32\dmscript.dll- 2001-08-18 12:00:00 21,504 ----a-w c:\windows\system32\dmserver.dll+ 2004-08-04 05:56:44 23,552 ----a-w c:\windows\system32\dmserver.dll- 2002-12-12 04:14:32 98,816 ----a-w c:\windows\system32\dmstyle.dll+ 2004-08-04 05:56:44 105,984 ----a-w c:\windows\system32\dmstyle.dll- 2002-12-12 04:14:32 100,864 ----a-w c:\windows\system32\dmsynth.dll+ 2004-08-04 05:56:44 103,424 ----a-w c:\windows\system32\dmsynth.dll- 2004-07-09 08:27:28 122,880 ----a-w c:\windows\system32\dmusic.dll+ 2004-08-04 05:56:44 104,448 ----a-w c:\windows\system32\dmusic.dll- 2001-08-18 12:00:00 50,688 ----a-w c:\windows\system32\dmutil.dll+ 2004-08-04 05:56:44 52,224 ----a-w c:\windows\system32\dmutil.dll- 2001-08-18 12:00:00 139,264 ----a-w c:\windows\system32\dnsapi.dll+ 2004-08-04 05:56:44 148,480 ----a-w c:\windows\system32\dnsapi.dll- 2001-08-18 12:00:00 44,032 ----a-w c:\windows\system32\dnsrslvr.dll+ 2004-08-04 05:56:44 45,568 ----a-w c:\windows\system32\dnsrslvr.dll- 2001-08-18 12:00:00 45,056 ----a-w c:\windows\system32\docprop2.dll+ 2004-08-04 05:56:44 48,128 ----a-w c:\windows\system32\docprop2.dll- 2001-08-18 12:00:00 53,840 ----a-w c:\windows\system32\dosx.exe+ 2004-08-04 03:51:22 53,840 ----a-w c:\windows\system32\dosx.exe- 2001-08-18 12:00:00 116,736 ----a-w c:\windows\system32\dpcdll.dll+ 2004-08-04 04:13:54 97,280 ----a-w c:\windows\system32\dpcdll.dll- 2002-12-12 04:14:32 28,160 ----a-w c:\windows\system32\dplaysvr.exe+ 2004-08-04 05:56:50 30,208 ----a-w c:\windows\system32\dplaysvr.exe- 2004-07-09 08:27:28 230,400 ----a-w c:\windows\system32\dplayx.dll+ 2004-08-04 05:56:44 229,888 ----a-w c:\windows\system32\dplayx.dll- 2002-12-12 04:14:32 77,824 ----a-w c:\windows\system32\dpmodemx.dll+ 2004-08-04 05:56:44 23,552 ----a-w c:\windows\system32\dpmodemx.dll- 2002-12-12 04:14:32 3,072 ----a-w c:\windows\system32\dpnaddr.dll+ 2004-08-04 05:56:04 3,584 ----a-w c:\windows\system32\dpnaddr.dll- 2002-12-12 04:14:32 723,968 ----a-w c:\windows\system32\dpnet.dll+ 2004-08-04 05:56:44 375,296 ----a-w c:\windows\system32\dpnet.dll- 2003-03-24 13:00:02 32,768 ----a-w c:\windows\system32\dpnhpast.dll+ 2004-08-04 05:56:44 35,328 ----a-w c:\windows\system32\dpnhpast.dll- 2003-03-24 13:00:02 68,096 ----a-w c:\windows\system32\dpnhupnp.dll+ 2004-08-04 05:56:44 60,928 ----a-w c:\windows\system32\dpnhupnp.dll- 2002-12-12 04:14:32 3,072 ----a-w c:\windows\system32\dpnlobby.dll+ 2004-08-04 05:56:04 3,584 ----a-w c:\windows\system32\dpnlobby.dll- 2002-12-12 04:14:32 16,896 ----a-w c:\windows\system32\dpnsvr.exe+ 2004-08-04 05:56:50 18,432 ----a-w c:\windows\system32\dpnsvr.exe- 2002-12-12 04:14:32 19,968 ----a-w c:\windows\system32\dpvacm.dll+ 2004-08-04 05:56:44 21,504 ----a-w c:\windows\system32\dpvacm.dll- 2002-12-12 04:14:32 381,952 ----a-w c:\windows\system32\dpvoice.dll+ 2004-08-04 05:56:44 212,480 ----a-w c:\windows\system32\dpvoice.dll- 2002-12-12 04:14:32 80,896 ----a-w c:\windows\system32\dpvsetup.exe+ 2004-08-04 05:56:50 83,456 ----a-w c:\windows\system32\dpvsetup.exe- 2002-12-12 04:14:32 112,128 ----a-w c:\windows\system32\dpvvox.dll+ 2004-08-04 05:56:44 116,736 ----a-w c:\windows\system32\dpvvox.dll- 2004-07-09 08:27:28 79,360 ----a-w c:\windows\system32\dpwsockx.dll+ 2004-08-04 05:56:44 57,344 ----a-w c:\windows\system32\dpwsockx.dll- 2001-08-18 12:00:00 179,200 ----a-w c:\windows\system32\drivers\acpi.sys+ 2004-08-04 04:07:38 187,776 ----a-w c:\windows\system32\drivers\acpi.sys+ 2004-08-04 05:56:42 4,255 ------w c:\windows\system32\drivers\adv01nt5.dll+ 2004-08-04 05:56:42 3,967 ------w c:\windows\system32\drivers\adv02nt5.dll+ 2004-08-04 05:56:42 3,615 ------w c:\windows\system32\drivers\adv05nt5.dll+ 2004-08-04 05:56:42 3,647 ------w c:\windows\system32\drivers\adv07nt5.dll+ 2004-08-04 05:56:42 3,135 ------w c:\windows\system32\drivers\adv08nt5.dll+ 2004-08-04 05:56:42 3,711 ------w c:\windows\system32\drivers\adv09nt5.dll+ 2004-08-04 05:56:42 3,775 ------w c:\windows\system32\drivers\adv11nt5.dll- 2001-07-23 21:25:14 122,472 ----a-w c:\windows\system32\drivers\aec.sys+ 2004-08-04 03:39:38 142,464 ----a-w c:\windows\system32\drivers\aec.sys- 2001-08-18 12:00:00 130,688 ----a-w c:\windows\system32\drivers\afd.sys+ 2004-08-04 04:14:16 138,496 ----a-w c:\windows\system32\drivers\afd.sys+ 2004-08-04 04:07:42 42,368 ------w c:\windows\system32\drivers\agp440.sys+ 2004-08-04 04:07:44 44,928 ------w c:\windows\system32\drivers\agpcpq.sys+ 2004-08-04 04:07:42 42,752 ------w c:\windows\system32\drivers\alim1541.sys+ 2004-08-04 04:07:44 43,008 ------w c:\windows\system32\drivers\amdagp.sys- 2001-08-18 12:00:00 32,000 ----a-w c:\windows\system32\drivers\amdk6.sys+ 2004-08-04 03:59:20 36,992 ----a-w c:\windows\system32\drivers\amdk6.sys+ 2004-08-04 03:59:22 37,376 ------w c:\windows\system32\drivers\amdk7.sys- 2001-08-18 12:00:00 54,016 ----a-w c:\windows\system32\drivers\arp1394.sys+ 2004-08-04 03:58:30 60,800 ----a-w c:\windows\system32\drivers\arp1394.sys- 2001-08-18 12:00:00 13,568 ----a-w c:\windows\system32\drivers\asyncmac.sys+ 2004-08-04 04:05:04 14,336 ----a-w c:\windows\system32\drivers\asyncmac.sys- 2001-08-17 17:51:56 86,656 ----a-w c:\windows\system32\drivers\atapi.sys+ 2004-08-04 03:59:44 95,360 ----a-w c:\windows\system32\drivers\atapi.sys+ 2004-08-04 03:29:30 56,623 ------w c:\windows\system32\drivers\ati1btxx.sys+ 2004-08-04 03:29:30 11,615 ------w c:\windows\system32\drivers\ati1mdxx.sys+ 2004-08-04 03:29:30 12,047 ------w c:\windows\system32\drivers\ati1pdxx.sys+ 2004-08-04 03:29:32 30,671 ------w c:\windows\system32\drivers\ati1raxx.sys+ 2004-08-04 03:29:32 63,663 ------w c:\windows\system32\drivers\ati1rvxx.sys+ 2004-08-04 03:29:32 26,367 ------w c:\windows\system32\drivers\ati1snxx.sys+ 2004-08-04 03:29:32 21,343 ------w c:\windows\system32\drivers\ati1ttxx.sys+ 2004-08-04 03:29:32 36,463 ------w c:\windows\system32\drivers\ati1tuxx.sys+ 2004-08-04 03:29:32 29,455 ------w c:\windows\system32\drivers\ati1xbxx.sys+ 2004-08-04 03:29:32 34,735 ------w c:\windows\system32\drivers\ati1xsxx.sys+ 2004-08-04 03:29:28 327,040 ------w c:\windows\system32\drivers\ati2mtaa.sys+ 2004-08-04 03:29:28 701,440 ------w c:\windows\system32\drivers\ati2mtag.sys+ 2004-08-04 03:29:28 57,856 ------w c:\windows\system32\drivers\atinbtxx.sys+ 2004-08-04 03:29:30 13,824 ------w c:\windows\system32\drivers\atinmdxx.sys+ 2004-08-04 03:29:30 14,336 ------w c:\windows\system32\drivers\atinpdxx.sys+ 2004-08-04 03:29:30 52,224 ------w c:\windows\system32\drivers\atinraxx.sys+ 2004-08-04 03:29:32 104,960 ------w c:\windows\system32\drivers\atinrvxx.sys+ 2004-08-04 03:29:32 28,672 ------w c:\windows\system32\drivers\atinsnxx.sys+ 2004-08-04 03:29:32 13,824 ------w c:\windows\system32\drivers\atinttxx.sys+ 2004-08-04 03:29:32 73,216 ------w c:\windows\system32\drivers\atintuxx.sys+ 2004-08-04 03:29:32 31,744 ------w c:\windows\system32\drivers\atinxbxx.sys+ 2004-08-04 03:29:32 63,488 ------w c:\windows\system32\drivers\atinxsxx.sys- 2001-08-18 12:00:00 57,216 ----a-w c:\windows\system32\drivers\atmarpc.sys+ 2004-08-04 03:58:32 59,904 ----a-w c:\windows\system32\drivers\atmarpc.sys- 2001-08-18 12:00:00 53,888 ----a-w c:\windows\system32\drivers\atmlane.sys+ 2004-08-04 03:58:36 55,936 ----a-w c:\windows\system32\drivers\atmlane.sys+ 2004-08-04 05:56:42 21,183 ------w c:\windows\system32\drivers\atv01nt5.dll+ 2004-08-04 05:56:42 11,359 ------w c:\windows\system32\drivers\atv02nt5.dll+ 2004-08-04 05:56:42 25,471 ------w c:\windows\system32\drivers\atv04nt5.dll+ 2004-08-04 05:56:42 14,143 ------w c:\windows\system32\drivers\atv06nt5.dll+ 2004-08-04 05:56:42 17,279 ------w c:\windows\system32\drivers\atv10nt5.dll- 2004-07-09 08:26:38 11,392 ----a-w c:\windows\system32\drivers\bdasup.sys+ 2004-08-04 04:10:14 11,776 ----a-w c:\windows\system32\drivers\bdasup.sys- 2001-08-18 12:00:00 53,376 ----a-w c:\windows\system32\drivers\bridge.sys+ 2004-08-04 03:59:58 71,552 ----a-w c:\windows\system32\drivers\bridge.sys+ 2004-08-04 04:10:40 17,024 ------w c:\windows\system32\drivers\bthenum.sys+ 2004-08-04 04:10:40 38,016 ------w c:\windows\system32\drivers\bthmodem.sys+ 2004-08-04 03:58:40 100,992 ------w c:\windows\system32\drivers\bthpan.sys+ 2004-08-04 04:10:38 274,304 ------w c:\windows\system32\drivers\bthport.sys+ 2004-08-04 04:10:38 35,456 ------w c:\windows\system32\drivers\bthprint.sys+ 2004-08-04 04:10:36 18,944 ------w c:\windows\system32\drivers\bthusb.sys- 2004-07-09 08:26:38 16,384 ----a-w c:\windows\system32\drivers\ccdecode.sys+ 2004-08-04 04:10:18 17,024 ----a-w c:\windows\system32\drivers\ccdecode.sys- 2001-08-18 12:00:00 62,208 ----a-w c:\windows\system32\drivers\cdfs.sys+ 2004-08-04 04:14:12 63,744 ----a-w c:\windows\system32\drivers\cdfs.sys- 2001-08-18 12:00:00 47,488 ----a-w c:\windows\system32\drivers\cdrom.sys+ 2004-08-04 03:59:54 49,536 ----a-w c:\windows\system32\drivers\cdrom.sys+ 2004-08-04 05:56:42 15,423 ------w c:\windows\system32\drivers\ch7xxnt5.dll- 2001-08-18 12:00:00 44,928 ----a-w c:\windows\system32\drivers\classpnp.sys+ 2004-08-04 04:14:28 49,664 ----a-w c:\windows\system32\drivers\classpnp.sys- 2001-08-18 12:00:00 31,360 ----a-w c:\windows\system32\drivers\crusoe.sys+ 2004-08-04 03:59:22 36,480 ----a-w c:\windows\system32\drivers\crusoe.sys- 2001-08-18 12:00:00 33,664 ----a-w c:\windows\system32\drivers\disk.sys+ 2004-08-04 03:59:56 36,352 ----a-w c:\windows\system32\drivers\disk.sys- 2001-08-18 12:00:00 13,184 ----a-w c:\windows\system32\drivers\diskdump.sys+ 2004-08-04 03:59:54 14,208 ----a-w c:\windows\system32\drivers\diskdump.sys- 2001-08-18 12:00:00 780,928 ----a-w c:\windows\system32\drivers\dmboot.sys+ 2004-08-04 04:07:18 799,744 ----a-w c:\windows\system32\drivers\dmboot.sys- 2001-08-18 12:00:00 146,304 ----a-w c:\windows\system32\drivers\dmio.sys+ 2004-08-04 04:07:18 153,344 ----a-w c:\windows\system32\drivers\dmio.sys- 2001-08-17 17:59:58 50,048 ----a-w c:\windows\system32\drivers\DMusic.sys+ 2004-08-04 04:07:40 52,864 ----a-w c:\windows\system32\drivers\dmusic.sys- 2001-08-17 18:01:20 57,344 ----a-w c:\windows\system32\drivers\drmk.sys+ 2004-08-04 04:08:00 60,288 ----a-w c:\windows\system32\drivers\drmk.sys- 2001-08-17 18:01:16 2,816 ----a-w c:\windows\system32\drivers\drmkaud.sys+ 2004-08-04 04:07:58 2,944 ----a-w c:\windows\system32\drivers\drmkaud.sys- 2001-08-18 12:00:00 68,224 ----a-w c:\windows\system32\drivers\dxg.sys+ 2004-08-04 04:00:56 71,040 ----a-w c:\windows\system32\drivers\dxg.sys- 2001-08-18 12:00:00 144,768 ----a-w c:\windows\system32\drivers\fastfat.sys+ 2004-08-04 04:14:18 143,360 ----a-w c:\windows\system32\drivers\fastfat.sys- 2001-08-18 12:00:00 26,240 ----a-w c:\windows\system32\drivers\fdc.sys+ 2004-08-04 03:59:28 27,392 ----a-w c:\windows\system32\drivers\fdc.sys- 2001-08-18 12:00:00 19,712 ----a-w c:\windows\system32\drivers\flpydisk.sys+ 2004-08-04 03:59:28 20,480 ----a-w c:\windows\system32\drivers\flpydisk.sys+ 2004-08-04 04:01:20 124,800 ------w c:\windows\system32\drivers\fltmgr.sys+ 2004-08-04 04:07:44 46,464 ------w c:\windows\system32\drivers\gagp30kx.sys+ 2004-08-04 04:10:38 25,600 ------w c:\windows\system32\drivers\hidbth.sys- 2001-08-18 12:00:00 33,152 ----a-w c:\windows\system32\drivers\hidclass.sys+ 2004-08-04 04:08:20 36,224 ----a-w c:\windows\system32\drivers\hidclass.sys+ 2004-08-04 04:08:20 15,104 ------w c:\windows\system32\drivers\hidir.sys- 2001-08-18 12:00:00 23,680 ----a-w c:\windows\system32\drivers\hidparse.sys+ 2004-08-04 04:08:18 24,960 ----a-w c:\windows\system32\drivers\hidparse.sys+ 2004-08-04 03:41:48 220,032 ------w c:\windows\system32\drivers\hsfbs2s2.sys+ 2004-08-04 03:41:50 685,056 ------w c:\windows\system32\drivers\hsfcxts2.sys+ 2004-08-04 03:41:56 1,041,536 ------w c:\windows\system32\drivers\hsfdpsp2.sys+ 2004-08-04 04:00:14 263,040 ------w c:\windows\system32\drivers\http.sys- 2001-08-18 12:00:00 50,944 ----a-w c:\windows\system32\drivers\i8042prt.sys+ 2004-08-04 04:14:38 52,736 ----a-w c:\windows\system32\drivers\i8042prt.sys- 2001-08-18 12:00:00 39,296 ----a-w c:\windows\system32\drivers\imapi.sys+ 2004-08-04 04:00:16 41,856 ----a-w c:\windows\system32\drivers\imapi.sys+ 2004-08-04 03:59:20 36,096 ------w c:\windows\system32\drivers\intelppm.sys+ 2004-08-04 04:00:08 29,056 ------w c:\windows\system32\drivers\ip6fw.sys- 2001-08-18 12:00:00 19,584 ----a-w c:\windows\system32\drivers\ipinip.sys+ 2004-08-04 04:04:46 20,992 ----a-w c:\windows\system32\drivers\ipinip.sys- 2001-08-18 12:00:00 76,288 ----a-w c:\windows\system32\drivers\ipnat.sys+ 2004-08-04 04:04:52 134,912 ----a-w c:\windows\system32\drivers\ipnat.sys- 2001-08-18 12:00:00 56,064 ----a-w c:\windows\system32\drivers\ipsec.sys+ 2004-08-04 04:14:30 74,752 ----a-w c:\windows\system32\drivers\ipsec.sys- 2001-08-18 12:00:00 10,496 ----a-w c:\windows\system32\drivers\irenum.sys+ 2004-08-04 04:00:48 11,264 ----a-w c:\windows\system32\drivers\irenum.sys- 2001-08-18 12:00:00 23,424 ----a-w c:\windows\system32\drivers\kbdclass.sys+ 2004-08-04 03:58:34 24,576 ----a-w c:\windows\system32\drivers\kbdclass.sys- 2001-08-17 18:00:54 159,232 ----a-w c:\windows\system32\drivers\kmixer.sys+ 2004-08-04 04:07:50 171,776 ----a-w c:\windows\system32\drivers\kmixer.sys- 2002-12-12 04:14:32 130,304 ----a-w c:\windows\system32\drivers\ks.sys+ 2004-08-04 04:15:22 140,928 ----a-w c:\windows\system32\drivers\ks.sys- 2001-08-18 12:00:00 79,744 ----a-w c:\windows\system32\drivers\ksecdd.sys+ 2004-08-04 03:59:48 92,032 ----a-w c:\windows\system32\drivers\ksecdd.sys+ 2004-08-04 03:41:56 11,868 ------w c:\windows\system32\drivers\mdmxsdk.sys- 2001-08-18 12:00:00 62,208 ----a-w c:\windows\system32\drivers\mf.sys+ 2004-08-04 04:07:46 63,744 ----a-w c:\windows\system32\drivers\mf.sys- 2001-08-18 12:00:00 28,800 ----a-w c:\windows\system32\drivers\modem.sys+ 2004-08-04 04:08:06 30,080 ----a-w c:\windows\system32\drivers\modem.sys- 2001-08-18 12:00:00 22,016 ----a-w c:\windows\system32\drivers\mouclass.sys+ 2004-08-04 03:58:34 23,040 ----a-w c:\windows\system32\drivers\mouclass.sys- 2001-08-18 12:00:00 37,504 ----a-w c:\windows\system32\drivers\mountmgr.sys+ 2004-08-04 03:58:32 42,240 ----a-w c:\windows\system32\drivers\mountmgr.sys- 2004-07-09 08:26:38 15,104 ----a-w c:\windows\system32\drivers\mpe.sys+ 2004-08-04 04:10:14 15,360 ----a-w c:\windows\system32\drivers\mpe.sys- 2001-08-18 12:00:00 172,672 ----a-w c:\windows\system32\drivers\mrxdav.sys+ 2004-08-04 04:00:58 181,248 ----a-w c:\windows\system32\drivers\mrxdav.sys- 2002-11-18 15:17:00 391,936 ----a-w c:\windows\system32\drivers\mrxsmb.sys+ 2004-08-04 04:15:18 451,456 ----a-w c:\windows\system32\drivers\mrxsmb.sys- 2004-07-09 08:26:38 52,096 ----a-w c:\windows\system32\drivers\msdv.sys+ 2004-08-04 04:10:00 51,328 ----a-w c:\windows\system32\drivers\msdv.sys- 2001-08-18 12:00:00 18,048 ----a-w c:\windows\system32\drivers\msfs.sys+ 2004-08-04 04:00:42 19,072 ----a-w c:\windows\system32\drivers\msfs.sys- 2001-08-18 12:00:00 33,792 ----a-w c:\windows\system32\drivers\msgpc.sys+ 2004-08-04 04:04:14 35,072 ----a-w c:\windows\system32\drivers\msgpc.sys- 2002-12-12 04:14:32 7,424 ----a-w c:\windows\system32\drivers\mskssrv.sys+ 2004-08-04 03:58:42 7,552 ----a-w c:\windows\system32\drivers\mskssrv.sys- 2002-12-12 04:14:32 5,248 ----a-w c:\windows\system32\drivers\mspclock.sys+ 2004-08-04 03:58:40 5,376 ----a-w c:\windows\system32\drivers\mspclock.sys- 2001-08-23 09:00:00 4,608 ----a-w c:\windows\system32\drivers\mspqm.sys+ 2004-08-04 03:58:42 4,992 ----a-w c:\windows\system32\drivers\mspqm.sys+ 2004-08-04 04:07:48 15,488 ------w c:\windows\system32\drivers\mssmbios.sys- 2002-12-12 04:14:32 5,504 ----a-w c:\windows\system32\drivers\mstee.sys+ 2004-08-04 03:58:40 5,504 ----a-w c:\windows\system32\drivers\mstee.sys+ 2004-08-04 03:41:40 126,686 ------w c:\windows\system32\drivers\mtlmnt5.sys+ 2004-08-04 03:41:38 1,309,184 ------w c:\windows\system32\drivers\mtlstrm.sys+ 2004-08-04 03:29:38 452,736 ------w c:\windows\system32\drivers\mtxparhm.sys- 2001-08-18 12:00:00 103,936 ----a-w c:\windows\system32\drivers\mup.sys+ 2004-08-04 04:15:22 107,904 ----a-w c:\windows\system32\drivers\mup.sys+ 2004-08-04 04:04:52 12,672 ------w c:\windows\system32\drivers\mutohpen.sys- 2004-07-09 08:26:38 83,968 ----a-w c:\windows\system32\drivers\nabtsfec.sys+ 2004-08-04 04:10:30 85,376 ----a-w c:\windows\system32\drivers\nabtsfec.sys- 2001-08-18 12:00:00 161,536 ----a-w c:\windows\system32\drivers\ndis.sys+ 2004-08-04 04:14:30 182,912 ----a-w c:\windows\system32\drivers\ndis.sys- 2004-07-09 08:26:38 10,112 ----a-w c:\windows\system32\drivers\ndisip.sys+ 2004-08-04 04:10:14 10,880 ----a-w c:\windows\system32\drivers\ndisip.sys- 2001-08-18 12:00:00 12,160 ----a-w c:\windows\system32\drivers\ndisuio.sys+ 2004-08-04 04:03:14 12,928 ----a-w c:\windows\system32\drivers\ndisuio.sys- 2001-08-18 12:00:00 88,320 ----a-w c:\windows\system32\drivers\ndiswan.sys+ 2004-08-04 04:14:32 91,776 ----a-w c:\windows\system32\drivers\ndiswan.sys- 2001-08-18 12:00:00 33,152 ----a-w c:\windows\system32\drivers\netbios.sys+ 2004-08-04 04:03:22 34,560 ----a-w c:\windows\system32\drivers\netbios.sys- 2001-08-18 12:00:00 150,272 ----a-w c:\windows\system32\drivers\netbt.sys+ 2004-08-04 04:14:38 162,816 ----a-w c:\windows\system32\drivers\netbt.sys- 2001-08-18 12:00:00 56,960 ----a-w c:\windows\system32\drivers\nic1394.sys+ 2004-08-04 03:58:30 61,824 ----a-w c:\windows\system32\drivers\nic1394.sys- 2001-08-18 12:00:00 37,760 ----a-w c:\windows\system32\drivers\nmnt.sys+ 2004-08-04 03:59:52 40,320 ----a-w c:\windows\system32\drivers\nmnt.sys- 2001-08-18 12:00:00 29,568 ----a-w c:\windows\system32\drivers\npfs.sys+ 2004-08-04 04:00:44 30,848 ----a-w c:\windows\system32\drivers\npfs.sys- 2001-08-18 12:00:00 516,480 ----a-w c:\windows\system32\drivers\ntfs.sys+ 2004-08-04 04:15:10 574,592 ----a-w c:\windows\system32\drivers\ntfs.sys+ 2004-08-04 03:41:40 180,360 ------w c:\windows\system32\drivers\ntmtlfax.sys+ 2004-08-04 03:29:56 1,897,408 ------w c:\windows\system32\drivers\nv4_mini.sys- 2001-08-18 12:00:00 84,864 ----a-w c:\windows\system32\drivers\nwlnkipx.sys+ 2004-08-04 04:03:36 88,448 ----a-w c:\windows\system32\drivers\nwlnkipx.sys- 2001-08-18 12:00:00 34,816 ----a-w c:\windows\system32\drivers\p3.sys+ 2004-08-04 03:59:20 42,496 ----a-w c:\windows\system32\drivers\p3.sys- 2001-08-18 12:00:00 76,160 ----a-w c:\windows\system32\drivers\parport.sys+ 2004-08-04 03:59:08 80,128 ----a-w c:\windows\system32\drivers\parport.sys- 2001-08-17 17:58:06 62,464 ----a-w c:\windows\system32\drivers\pci.sys+ 2004-08-04 04:07:48 68,224 ----a-w c:\windows\system32\drivers\pci.sys- 2001-08-17 17:51:50 23,680 ----a-w c:\windows\system32\drivers\pciidex.sys+ 2004-08-04 03:59:42 25,088 ----a-w c:\windows\system32\drivers\pciidex.sys- 2001-08-18 12:00:00 116,352 ----a-w c:\windows\system32\drivers\pcmcia.sys+ 2004-08-04 04:07:48 119,936 ----a-w c:\windows\system32\drivers\pcmcia.sys- 2001-08-18 02:24:38 135,040 ----a-w c:\windows\system32\drivers\portcls.sys+ 2004-08-04 04:15:50 145,792 ----a-w c:\windows\system32\drivers\portcls.sys- 2001-08-18 12:00:00 30,592 ----a-w c:\windows\system32\drivers\processr.sys+ 2004-08-04 03:59:18 35,328 ----a-w c:\windows\system32\drivers\processr.sys- 2001-08-18 12:00:00 65,920 ----a-w c:\windows\system32\drivers\psched.sys+ 2004-08-04 04:04:20 69,120 ----a-w c:\windows\system32\drivers\psched.sys- 2001-08-18 12:00:00 48,640 ----a-w c:\windows\system32\drivers\rasl2tp.sys+ 2004-08-04 04:14:24 51,328 ----a-w c:\windows\system32\drivers\rasl2tp.sys- 2001-08-18 12:00:00 38,912 ----a-w c:\windows\system32\drivers\raspppoe.sys+ 2004-08-04 04:05:08 41,472 ----a-w c:\windows\system32\drivers\raspppoe.sys- 2002-10-01 22:43:52 46,208 ----a-w c:\windows\system32\drivers\raspptp.sys+ 2004-08-04 04:14:28 48,384 ----a-w c:\windows\system32\drivers\raspptp.sys- 2001-08-18 12:00:00 163,840 ----a-w c:\windows\system32\drivers\rdbss.sys+ 2004-08-04 04:20:08 176,512 ----a-w c:\windows\system32\drivers\rdbss.sys- 2001-08-17 17:50:48 181,632 ----a-w c:\windows\system32\drivers\rdpdr.sys+ 2004-08-04 04:01:16 196,864 ----a-w c:\windows\system32\drivers\rdpdr.sys- 2001-08-18 12:00:00 107,912 ----a-w c:\windows\system32\drivers\rdpwd.sys+ 2004-08-04 06:01:10 139,400 ----a-w c:\windows\system32\drivers\rdpwd.sys+ 2004-08-04 03:41:40 13,776 ------w c:\windows\system32\drivers\recagent.sys- 2001-08-17 13:51:42 55,808 ----a-w c:\windows\system32\drivers\redbook.sys+ 2004-08-04 03:59:38 57,472 ----a-w c:\windows\system32\drivers\redbook.sys+ 2004-08-04 04:10:40 59,648 ------w c:\windows\system32\drivers\rfcomm.sys- 2001-08-18 12:00:00 27,648 ----a-w c:\windows\system32\drivers\rndismp.sys+ 2004-08-04 04:04:32 30,080 ----a-w c:\windows\system32\drivers\rndismp.sys+ 2004-08-04 04:04:32 30,080 ------w c:\windows\system32\drivers\rndismpx.sys- 2001-08-17 12:12:42 23,070 ----a-w c:\windows\system32\drivers\RTL8139.sys+ 2004-08-04 03:31:34 20,992 ----a-w c:\windows\system32\drivers\rtl8139.sys+ 2004-08-04 03:29:52 166,912 ------w c:\windows\system32\drivers\s3gnbm.sys- 2001-08-18 12:00:00 89,984 ----a-w c:\windows\system32\drivers\scsiport.sys+ 2004-08-04 03:59:42 96,256 ----a-w c:\windows\system32\drivers\scsiport.sys+ 2004-08-04 04:07:48 67,584 ------w c:\windows\system32\drivers\sdbus.sys- 2001-08-18 12:00:00 14,976 ----a-w c:\windows\system32\drivers\serenum.sys+ 2004-08-04 03:59:08 15,488 ----a-w c:\windows\system32\drivers\serenum.sys- 2001-08-18 12:00:00 62,464 ----a-w c:\windows\system32\drivers\serial.sys+ 2004-08-04 04:15:54 64,896 ----a-w c:\windows\system32\drivers\serial.sys+ 2004-08-04 03:59:56 11,136 ------w c:\windows\system32\drivers\sffdisk.sys+ 2004-08-04 03:59:56 10,240 ------w c:\windows\system32\drivers\sffp_sd.sys- 2001-08-18 12:00:00 10,496 ----a-w c:\windows\system32\drivers\sfloppy.sys+ 2004-08-04 03:59:56 11,392 ----a-w c:\windows\system32\drivers\sfloppy.sys+ 2004-08-04 05:56:46 3,901 ------w c:\windows\system32\drivers\siint5.dll+ 2004-08-04 04:07:44 41,088 ------w c:\windows\system32\drivers\sisagp.sys- 2004-07-09 08:26:40 10,880 ----a-w c:\windows\system32\drivers\slip.sys+ 2004-08-04 04:10:18 11,136 ----a-w c:\windows\system32\drivers\slip.sys+ 2004-08-04 03:41:42 129,535 ------w c:\windows\system32\drivers\slnt7554.sys+ 2004-08-04 03:41:44 404,990 ------w c:\windows\system32\drivers\slntamr.sys+ 2004-08-04 03:41:46 95,424 ------w c:\windows\system32\drivers\slnthal.sys+ 2004-08-04 03:41:46 13,240 ------w c:\windows\system32\drivers\slwdmsup.sys+ 2004-08-04 04:07:38 6,016 ------w c:\windows\system32\drivers\smbali.sys- 2001-08-18 12:00:00 24,064 ----a-w c:\windows\system32\drivers\sonydcam.sys+ 2004-08-04 04:09:56 25,472 ----a-w c:\windows\system32\drivers\sonydcam.sys- 2001-08-17 18:00:46 5,632 ----a-w c:\windows\system32\drivers\splitter.sys+ 2004-08-04 04:07:48 6,400 ----a-w c:\windows\system32\drivers\splitter.sys- 2001-08-18 12:00:00 70,400 ----a-w c:\windows\system32\drivers\sr.sys+ 2004-08-04 04:06:26 73,472 ----a-w c:\windows\system32\drivers\sr.sys- 2002-10-31 18:45:16 322,304 ----a-w c:\windows\system32\drivers\srv.sys+ 2004-08-04 04:14:46 336,256 ----a-w c:\windows\system32\drivers\srv.sys- 2004-07-09 08:27:28 48,512 ----a-w c:\windows\system32\drivers\stream.sys+ 2004-08-04 04:08:04 48,640 ----a-w c:\windows\system32\drivers\stream.sys- 2004-07-09 08:26:40 14,976 ----a-w c:\windows\system32\drivers\streamip.sys+ 2004-08-04 04:10:14 15,360 ----a-w c:\windows\system32\drivers\streamip.sys- 2002-12-12 04:14:32 4,096 ----a-w c:\windows\system32\drivers\swenum.sys+ 2004-08-04 03:58:42 4,352 ----a-w c:\windows\system32\drivers\swenum.sys- 2001-08-18 02:24:44 57,472 ----a-w c:\windows\system32\drivers\sysaudio.sys+ 2004-08-04 04:15:56 60,800 ----a-w c:\windows\system32\drivers\sysaudio.sys- 2001-08-18 12:00:00 13,696 ----a-w c:\windows\system32\drivers\tape.sys+ 2004-08-04 04:00:00 14,976 ----a-w c:\windows\system32\drivers\tape.sys- 2001-08-18 12:00:00 327,168 ----a-w c:\windows\system32\drivers\tcpip.sys+ 2004-08-04 04:14:42 359,040 ----a-w c:\windows\system32\drivers\tcpip.sys- 2001-08-18 12:00:00 180,032 ----a-w c:\windows\system32\drivers\tcpip6.sys+ 2004-08-04 04:07:46 223,616 ----a-w c:\windows\system32\drivers\tcpip6.sys- 2001-08-18 12:00:00 16,256 ----a-w c:\windows\system32\drivers\tdi.sys+ 2004-08-04 04:07:50 18,560 ----a-w c:\windows\system32\drivers\tdi.sys- 2001-08-18 12:00:00 11,144 ----a-w c:\windows\system32\drivers\tdpipe.sys+ 2004-08-04 06:01:08 12,040 ----a-w c:\windows\system32\drivers\tdpipe.sys- 2001-08-18 12:00:00 20,232 ----a-w c:\windows\system32\drivers\tdtcp.sys+ 2004-08-04 06:01:08 21,896 ----a-w c:\windows\system32\drivers\tdtcp.sys- 2001-08-18 02:38:00 37,896 ----a-w c:\windows\system32\drivers\termdd.sys+ 2004-08-04 06:01:08 40,840 ----a-w c:\windows\system32\drivers\termdd.sys+ 2004-08-04 04:03:18 12,416 ------w c:\windows\system32\drivers\tunmp.sys+ 2004-08-04 04:07:44 44,672 ------w c:\windows\system32\drivers\uagp35.sys- 2001-08-18 12:00:00 63,872 ----a-w c:\windows\system32\drivers\udfs.sys+ 2004-08-04 04:00:32 66,176 ----a-w c:\windows\system32\drivers\udfs.sys- 2001-08-18 12:00:00 137,088 ----a-w c:\windows\system32\drivers\update.sys+ 2004-08-04 03:58:34 209,408 ----a-w c:\windows\system32\drivers\update.sys- 2001-08-18 12:00:00 11,136 ----a-w c:\windows\system32\drivers\usb8023.sys+ 2004-08-04 04:04:34 12,672 ----a-w c:\windows\system32\drivers\usb8023.sys+ 2004-08-04 04:04:34 12,672 ------w c:\windows\system32\drivers\usb8023x.sys- 2002-04-01 18:42:14 19,072 ----a-w c:\windows\system32\drivers\usbehci.sys+ 2004-08-04 04:08:38 26,624 ----a-w c:\windows\system32\drivers\usbehci.sys- 2002-04-01 18:37:36 51,584 ----a-w c:\windows\system32\drivers\usbhub.sys+ 2004-08-04 04:08:44 57,600 ----a-w c:\windows\system32\drivers\usbhub.sys- 2001-08-18 12:00:00 15,104 ----a-w c:\windows\system32\drivers\usbintel.sys+ 2004-08-04 04:08:58 16,000 ----a-w c:\windows\system32\drivers\usbintel.sys- 2002-04-01 18:36:42 134,016 ----a-w c:\windows\system32\drivers\usbport.sys+ 2004-08-04 04:08:44 142,976 ----a-w c:\windows\system32\drivers\usbport.sys- 2001-08-17 19:00:30 24,832 ----a-w c:\windows\system32\drivers\usbprint.sys+ 2004-08-04 04:01:26 25,856 ----a-w c:\windows\system32\drivers\usbprint.sys- 2001-08-17 18:03:22 21,760 ----a-w c:\windows\system32\drivers\USBSTOR.SYS+ 2004-08-04 04:08:48 26,496 ----a-w c:\windows\system32\drivers\usbstor.sys- 2001-08-17 18:03:08 18,944 ----a-w c:\windows\system32\drivers\usbuhci.sys+ 2004-08-04 04:08:38 20,480 ----a-w c:\windows\system32\drivers\usbuhci.sys+ 2004-08-04 04:10:12 78,464 ------w c:\windows\system32\drivers\usbvideo.sys+ 2004-08-04 05:56:48 11,325 ------w c:\windows\system32\drivers\vchnt5.dll- 2001-08-18 12:00:00 19,584 ----a-w c:\windows\system32\drivers\vga.sys+ 2004-08-04 04:07:08 20,992 ----a-w c:\windows\system32\drivers\vga.sys+ 2004-08-04 04:07:44 42,240 ------w c:\windows\system32\drivers\viaagp.sys- 2001-08-18 12:00:00 65,024 ----a-w c:\windows\system32\drivers\videoprt.sys+ 2004-08-04 04:07:06 79,744 ----a-w c:\windows\system32\drivers\videoprt.sys- 2001-08-18 12:00:00 49,152 ----a-w c:\windows\system32\drivers\volsnap.sys+ 2004-08-04 04:00:18 52,352 ----a-w c:\windows\system32\drivers\volsnap.sys+ 2004-08-04 04:04:54 13,568 ------w c:\windows\system32\drivers\wacompen.sys+ 2004-08-04 03:29:40 11,807 ------w c:\windows\system32\drivers\wadv07nt.sys+ 2004-08-04 03:29:40 11,295 ------w c:\windows\system32\drivers\wadv08nt.sys+ 2004-08-04 03:29:42 11,871 ------w c:\windows\system32\drivers\wadv09nt.sys+ 2004-08-04 03:29:42 11,935 ------w c:\windows\system32\drivers\wadv11nt.sys- 2001-08-18 12:00:00 33,280 ----a-w c:\windows\system32\drivers\wanarp.sys+ 2004-08-04 04:04:58 34,560 ----a-w c:\windows\system32\drivers\wanarp.sys+ 2004-08-04 03:29:46 22,271 ------w c:\windows\system32\drivers\watv06nt.sys+ 2004-08-04 03:29:46 25,471 ------w c:\windows\system32\drivers\watv10nt.sys- 2001-08-18 02:24:46 79,616 ----a-w c:\windows\system32\drivers\wdmaud.sys+ 2004-08-04 04:15:06 82,944 ----a-w c:\windows\system32\drivers\wdmaud.sys- 2004-07-09 08:26:40 18,688 ----a-w c:\windows\system32\drivers\wstcodec.sys+ 2004-08-04 04:10:22 19,328 ----a-w c:\windows\system32\drivers\wstcodec.sys- 2001-08-18 12:00:00 11,776 ----a-w c:\windows\system32\drprov.dll+ 2004-08-04 05:56:44 14,336 ----a-w c:\windows\system32\drprov.dll- 2001-08-18 12:00:00 16,384 ----a-w c:\windows\system32\ds32gt.dll+ 2004-08-04 05:56:44 16,384 ----a-w c:\windows\system32\ds32gt.dll- 2002-12-12 04:14:32 186,880 ----a-w c:\windows\system32\dsdmo.dll+ 2004-08-04 05:56:44 181,760 ----a-w c:\windows\system32\dsdmo.dll- 2002-12-12 04:14:32 491,520 ----a-w c:\windows\system32\dsdmoprp.dll+ 2004-08-04 05:56:44 71,680 ----a-w c:\windows\system32\dsdmoprp.dll- 2001-08-18 12:00:00 84,992 ----a-w c:\windows\system32\dskquota.dll+ 2004-08-04 05:56:44 92,672 ----a-w c:\windows\system32\dskquota.dll- 2004-07-09 08:27:28 381,952 ----a-w c:\windows\system32\dsound.dll+ 2004-08-04 05:56:44 367,616 ----a-w c:\windows\system32\dsound.dll- 2002-12-12 04:14:32 1,294,336 ----a-w c:\windows\system32\dsound3d.dll+ 2004-08-04 05:56:44 1,294,336 ----a-w c:\windows\system32\dsound3d.dll- 2001-08-18 12:00:00 131,072 ----a-w c:\windows\system32\dsprop.dll+ 2004-08-04 05:56:44 142,336 ----a-w c:\windows\system32\dsprop.dll+ 2004-08-04 05:56:06 4,096 ------w c:\windows\system32\dsprpres.dll- 2001-08-18 12:00:00 227,840 ----a-w c:\windows\system32\dsquery.dll+ 2004-08-04 05:56:44 239,104 ----a-w c:\windows\system32\dsquery.dll- 2001-08-18 12:00:00 47,104 ----a-w c:\windows\system32\dssec.dll+ 2004-08-04 05:56:44 51,200 ----a-w c:\windows\system32\dssec.dll- 2001-08-18 12:00:00 122,880 ----a-w c:\windows\system32\dssenh.dll+ 2004-08-04 03:31:44 137,216 ----a-w c:\windows\system32\dssenh.dll- 2001-08-18 12:00:00 106,496 ----a-w c:\windows\system32\dsuiext.dll+ 2004-08-04 05:56:44 113,152 ----a-w c:\windows\system32\dsuiext.dll- 2002-12-12 04:14:32 18,432 ----a-w c:\windows\system32\dswave.dll+ 2004-08-04 05:56:44 19,456 ----a-w c:\windows\system32\dswave.dll- 2001-08-18 12:00:00 30,208 ----a-w c:\windows\system32\dumprep.exe+ 2004-08-04 05:56:50 10,752 ----a-w c:\windows\system32\dumprep.exe- 2001-08-18 12:00:00 261,120 ----a-w c:\windows\system32\duser.dll+ 2004-08-04 05:56:44 304,128 ----a-w c:\windows\system32\duser.dll- 2001-08-18 12:00:00 15,872 ----a-w c:\windows\system32\dvdupgrd.exe+ 2004-08-04 05:56:50 17,920 ----a-w c:\windows\system32\dvdupgrd.exe- 2001-08-18 12:00:00 162,128 ----a-w c:\windows\system32\dwwin.exe+ 2004-08-04 05:56:50 180,224 ----a-w c:\windows\system32\dwwin.exe- 2002-12-12 04:14:32 602,624 ----a-w c:\windows\system32\dx7vb.dll+ 2004-08-04 05:56:44 619,008 ----a-w c:\windows\system32\dx7vb.dll- 2003-05-30 13:00:02 1,189,888 ----a-w c:\windows\system32\dx8vb.dll+ 2004-08-04 05:56:44 1,227,264 ----a-w c:\windows\system32\dx8vb.dll- 2004-07-09 08:27:28 974,848 ----a-w c:\windows\system32\dxdiag.exe+ 2004-08-04 05:56:50 1,298,432 ----a-w c:\windows\system32\dxdiag.exe- 2004-07-09 08:27:28 1,769,472 ----a-w c:\windows\system32\dxdiagn.dll+ 2004-08-04 05:56:44 2,113,536 ----a-w c:\windows\system32\dxdiagn.dll- 2001-08-18 12:00:00 498,205 ----a-w c:\windows\system32\dxmasf.dll+ 2004-08-04 05:56:44 498,205 ----a-w c:\windows\system32\dxmasf.dll- 2001-08-18 12:00:00 337,920 ----a-w c:\windows\system32\dxtmsft.dll+ 2004-08-04 05:56:44 357,888 ----a-w c:\windows\system32\dxtmsft.dll- 2001-08-18 12:00:00 194,560 ----a-w c:\windows\system32\dxtrans.dll+ 2004-08-04 05:56:44 201,728 ----a-w c:\windows\system32\dxtrans.dll- 2001-08-18 12:00:00 173,568 ----a-w c:\windows\system32\els.dll+ 2004-08-04 05:56:44 183,296 ----a-w c:\windows\system32\els.dll- 2002-12-12 04:14:32 18,944 ----a-w c:\windows\system32\encapi.dll+ 2004-08-04 05:56:44 20,480 ----a-w c:\windows\system32\encapi.dll+ 2004-08-04 05:56:44 186,368 ------w c:\windows\system32\encdec.dll- 2001-08-18 12:00:00 17,408 ----a-w c:\windows\system32\ersvc.dll+ 2004-08-04 05:56:44 23,040 ----a-w c:\windows\system32\ersvc.dll- 2001-08-18 12:00:00 224,768 ----a-w c:\windows\system32\es.dll+ 2004-08-04 05:56:44 243,200 ----a-w c:\windows\system32\es.dll- 2001-08-18 12:00:00 1,018,368 ----a-w c:\windows\system32\esent.dll+ 2004-08-04 05:56:44 1,082,368 ----a-w c:\windows\system32\esent.dll- 2001-08-18 12:00:00 178,688 ----a-w c:\windows\system32\eudcedit.exe+ 2004-08-04 05:56:50 193,024 ----a-w c:\windows\system32\eudcedit.exe- 2001-08-18 12:00:00 47,616 ----a-w c:\windows\system32\eventlog.dll+ 2004-08-04 05:56:44 55,808 ----a-w c:\windows\system32\eventlog.dll- 2001-08-18 12:00:00 379,152 ----a-w c:\windows\system32\expsrv.dll+ 2004-08-04 05:56:44 380,957 ----a-w c:\windows\system32\expsrv.dll+ 2004-08-04 05:56:44 55,808 ------w c:\windows\system32\extmgr.dll- 2001-08-18 12:00:00 40,960 ----a-w c:\windows\system32\extrac32.exe+ 2004-08-04 05:56:50 45,568 ----a-w c:\windows\system32\extrac32.exe- 2001-08-18 12:00:00 61,952 ----a-w c:\windows\system32\faultrep.dll+ 2004-08-04 05:56:44 80,384 ----a-w c:\windows\system32\faultrep.dll+ 2004-08-04 05:56:50 20,992 ------w c:\windows\system32\faxpatch.exe- 2001-08-18 12:00:00 18,432 ----a-w c:\windows\system32\feclient.dll+ 2004-08-04 05:56:44 21,504 ----a-w c:\windows\system32\feclient.dll- 2001-08-18 12:00:00 323,072 ----a-w c:\windows\system32\filemgmt.dll+ 2004-08-04 05:56:44 337,920 ----a-w c:\windows\system32\filemgmt.dll- 2001-08-18 12:00:00 25,088 ----a-w c:\windows\system32\findstr.exe+ 2004-08-04 05:56:50 27,136 ----a-w c:\windows\system32\findstr.exe- 2001-08-18 12:00:00 84,992 ----a-w c:\windows\system32\fldrclnr.dll+ 2004-08-04 05:56:44 87,552 ----a-w c:\windows\system32\fldrclnr.dll+ 2004-08-04 05:56:44 16,896 ------w c:\windows\system32\fltlib.dll+ 2004-08-04 05:56:50 22,528 ------w c:\windows\system32\fltmc.exe- 2004-03-11 20:13:14 1,146,320 ----a-w c:\windows\system32\FM20.DLL+ 2007-06-06 15:53:34 1,195,888 ----a-w c:\windows\system32\FM20.DLL- 2003-07-14 22:57:04 32,584 ----a-w c:\windows\system32\FM20ENU.DLL+ 2007-03-23 00:17:04 35,440 ----a-w c:\windows\system32\FM20ENU.DLL- 2009-01-27 02:22:39 239,944 ----a-w c:\windows\system32\FNTCACHE.DAT+ 2009-02-19 17:11:10 241,536 ----a-w c:\windows\system32\FNTCACHE.DAT- 2001-08-18 12:00:00 361,472 ----a-w c:\windows\system32\fontext.dll+ 2004-08-04 05:56:44 382,976 ----a-w c:\windows\system32\fontext.dll- 2001-08-18 12:00:00 18,944 ----a-w c:\windows\system32\fontview.exe+ 2004-08-04 05:56:50 20,992 ----a-w c:\windows\system32\fontview.exe- 2001-08-18 12:00:00 8,832 ----a-w c:\windows\system32\framebuf.dll+ 2004-08-04 05:56:08 9,344 ----a-w c:\windows\system32\framebuf.dll+ 2004-08-04 05:56:50 193,024 ------w c:\windows\system32\fsquirt.exe- 2001-08-18 12:00:00 40,448 ----a-w c:\windows\system32\ftp.exe+ 2004-08-04 05:56:50 42,496 ----a-w c:\windows\system32\ftp.exe+ 2004-08-04 05:56:44 60,416 ------w c:\windows\system32\fwcfg.dll- 2001-08-18 12:00:00 250,880 ----a-w c:\windows\system32\gdi32.dll+ 2004-08-04 05:56:44 278,016 ----a-w c:\windows\system32\gdi32.dll- 2001-08-18 12:00:00 116,736 ----a-w c:\windows\system32\glu32.dll+ 2004-08-04 05:56:44 122,880 ----a-w c:\windows\system32\glu32.dll- 2001-08-18 12:00:00 9,728 ----a-w c:\windows\system32\gpkrsrc.dll+ 2004-08-04 05:56:08 9,728 ----a-w c:\windows\system32\gpkrsrc.dll- 2001-08-18 12:00:00 37,888 ----a-w c:\windows\system32\grpconv.exe+ 2004-08-04 05:56:50 39,424 ----a-w c:\windows\system32\grpconv.exe- 2001-08-18 12:00:00 592,896 ----a-w c:\windows\system32\h323msp.dll+ 2004-08-04 05:56:44 614,912 ----a-w c:\windows\system32\h323msp.dll- 2001-08-18 12:00:00 128,768 ----a-w c:\windows\system32\hal.dll+ 2004-08-04 03:59:10 131,968 ----a-w c:\windows\system32\HAL.DLL- 2002-04-04 19:25:42 5,120 ----a-w c:\windows\system32\hccoin.dll+ 2004-08-04 05:56:44 7,168 ----a-w c:\windows\system32\hccoin.dll- 2003-01-13 14:27:38 37,888 ----a-w c:\windows\system32\hhsetup.dll+ 2004-08-04 05:56:44 38,912 ----a-w c:\windows\system32\hhsetup.dll- 2001-08-18 12:00:00 22,528 ----a-w c:\windows\system32\hid.dll+ 2004-08-04 05:56:44 20,992 ----a-w c:\windows\system32\hid.dll- 2001-08-18 12:00:00 240,640 ----a-w c:\windows\system32\hnetcfg.dll+ 2004-08-04 05:56:44 344,064 ----a-w c:\windows\system32\hnetcfg.dll- 2001-08-18 12:00:00 315,904 ----a-w c:\windows\system32\hnetwiz.dll+ 2004-08-04 05:56:44 330,752 ----a-w c:\windows\system32\hnetwiz.dll- 2001-08-18 12:00:00 137,216 ----a-w c:\windows\system32\hotplug.dll+ 2004-08-04 05:56:44 144,896 ----a-w c:\windows\system32\hotplug.dll+ 2004-08-04 05:56:44 32,285 ------w c:\windows\system32\hsfcisp2.dll+ 2004-08-04 05:56:44 24,576 ------w c:\windows\system32\httpapi.dll- 2001-08-18 12:00:00 39,936 ----a-w c:\windows\system32\htui.dll+ 2004-08-04 05:56:44 41,984 ----a-w c:\windows\system32\htui.dll- 2001-08-18 12:00:00 489,984 ----a-w c:\windows\system32\hypertrm.dll+ 2004-08-04 05:56:44 345,088 ----a-w c:\windows\system32\hypertrm.dll- 2001-08-18 12:00:00 116,224 ----a-w c:\windows\system32\iasrad.dll+ 2004-08-04 05:56:44 119,808 ----a-w c:\windows\system32\iasrad.dll- 2001-08-18 12:00:00 8,704 ----a-w c:\windows\system32\icaapi.dll+ 2004-08-04 05:56:44 11,264 ----a-w c:\windows\system32\icaapi.dll- 2001-08-18 12:00:00 110,592 ----a-w c:\windows\system32\iccvid.dll+ 2004-08-04 05:56:44 80,384 ----a-w c:\windows\system32\iccvid.dll- 2001-08-18 12:00:00 236,032 ----a-w c:\windows\system32\icm32.dll+ 2004-08-04 05:56:44 253,952 ----a-w c:\windows\system32\icm32.dll- 2001-08-18 12:00:00 3,072 ----a-w c:\windows\system32\icmp.dll+ 2004-08-04 05:56:08 3,584 ----a-w c:\windows\system32\icmp.dll- 2001-08-18 12:00:00 69,632 ----a-w c:\windows\system32\icwdial.dll+ 2004-08-04 05:56:44 73,728 ----a-w c:\windows\system32\icwdial.dll- 2001-08-18 12:00:00 61,440 ----a-w c:\windows\system32\icwphbk.dll+ 2004-08-04 05:56:44 65,536 ----a-w c:\windows\system32\icwphbk.dll- 2001-08-18 12:00:00 110,592 ----a-w c:\windows\system32\idq.dll+ 2004-08-04 05:56:44 120,832 ----a-w c:\windows\system32\idq.dll- 2001-08-18 12:00:00 28,160 ----a-w c:\windows\system32\ie4uinit.exe+ 2004-08-04 05:56:52 34,304 ----a-w c:\windows\system32\ie4uinit.exe- 2001-08-18 12:00:00 126,976 ----a-w c:\windows\system32\ieakeng.dll+ 2004-08-04 05:56:44 139,264 ----a-w c:\windows\system32\ieakeng.dll- 2001-08-18 12:00:00 203,776 ----a-w c:\windows\system32\ieaksie.dll+ 2004-08-04 05:56:44 216,576 ----a-w c:\windows\system32\ieaksie.dll- 2001-08-18 12:00:00 294,912 ----a-w c:\windows\system32\iedkcs32.dll+ 2004-08-04 05:56:44 323,584 ----a-w c:\windows\system32\iedkcs32.dll+ 2004-08-04 05:56:44 81,920 ------w c:\windows\system32\ieencode.dll- 2001-08-18 12:00:00 230,400 ----a-w c:\windows\system32\iepeers.dll+ 2004-08-04 05:56:44 249,344 ----a-w c:\windows\system32\iepeers.dll- 2001-08-18 12:00:00 23,040 ----a-w c:\windows\system32\iernonce.dll+ 2004-08-04 05:56:44 48,640 ----a-w c:\windows\system32\iernonce.dll- 2001-08-18 12:00:00 59,392 ----a-w c:\windows\system32\iesetup.dll+ 2004-08-04 05:56:44 62,976 ----a-w c:\windows\system32\iesetup.dll- 2001-08-18 12:00:00 99,840 ----a-w c:\windows\system32\iexpress.exe+ 2004-08-04 05:56:52 114,688 ----a-w c:\windows\system32\iexpress.exe- 2001-08-18 12:00:00 125,952 ----a-w c:\windows\system32\ifmon.dll+ 2004-08-04 05:56:44 135,680 ----a-w c:\windows\system32\ifmon.dll- 2001-08-18 12:00:00 8,192 ----a-w c:\windows\system32\igmpagnt.dll+ 2004-08-04 05:56:44 8,192 ----a-w c:\windows\system32\igmpagnt.dll- 2001-08-18 12:00:00 73,728 ----a-w c:\windows\system32\ils.dll+ 2004-08-04 05:56:44 81,920 ----a-w c:\windows\system32\ils.dll- 2001-08-18 12:00:00 126,976 ----a-w c:\windows\system32\imagehlp.dll+ 2004-08-04 05:56:44 144,384 ----a-w c:\windows\system32\imagehlp.dll- 2001-08-18 12:00:00 118,784 ----a-w c:\windows\system32\imapi.exe+ 2004-08-04 05:56:52 150,016 ----a-w c:\windows\system32\imapi.exe- 2001-08-18 12:00:00 36,921 ----a-w c:\windows\system32\imeshare.dll+ 2004-08-04 05:56:44 36,921 ----a-w c:\windows\system32\imeshare.dll- 2001-08-18 12:00:00 30,208 ----a-w c:\windows\system32\imgutil.dll+ 2004-08-04 05:56:44 35,840 ----a-w c:\windows\system32\imgutil.dll- 2001-08-18 12:00:00 96,768 ----a-w c:\windows\system32\imm32.dll+ 2004-08-04 05:56:44 110,080 ----a-w c:\windows\system32\imm32.dll- 2001-08-18 12:00:00 266,240 ----a-w c:\windows\system32\inetcfg.dll+ 2004-08-04 05:56:44 274,432 ----a-w c:\windows\system32\inetcfg.dll- 2001-08-18 12:00:00 593,920 ----a-w c:\windows\system32\inetcomm.dll+ 2004-08-04 05:56:44 678,400 ----a-w c:\windows\system32\inetcomm.dll- 2001-08-18 12:00:00 31,232 ----a-w c:\windows\system32\inetmib1.dll+ 2004-08-04 05:56:44 33,280 ----a-w c:\windows\system32\inetmib1.dll- 2001-08-18 12:00:00 68,096 ----a-w c:\windows\system32\inetpp.dll+ 2004-08-04 05:56:44 75,264 ----a-w c:\windows\system32\inetpp.dll- 2001-08-18 12:00:00 14,336 ----a-w c:\windows\system32\inetppui.dll+ 2004-08-04 05:56:44 15,872 ----a-w c:\windows\system32\inetppui.dll- 2001-08-18 12:00:00 47,616 ----a-w c:\windows\system32\inetres.dll+ 2004-08-04 05:56:10 48,128 ----a-w c:\windows\system32\inetres.dll- 2001-08-18 12:00:00 144,896 ----a-w c:\windows\system32\initpki.dll+ 2004-08-04 05:56:44 147,456 ----a-w c:\windows\system32\initpki.dll- 2001-08-18 12:00:00 104,448 ----a-w c:\windows\system32\input.dll+ 2004-08-04 05:56:44 123,392 ----a-w c:\windows\system32\input.dll- 2001-08-18 12:00:00 69,632 ----a-w c:\windows\system32\inseng.dll+ 2004-08-04 05:56:44 96,256 ----a-w c:\windows\system32\inseng.dll- 2001-08-18 12:00:00 49,664 ----a-w c:\windows\system32\ipconfig.exe+ 2004-08-04 05:56:52 55,808 ----a-w c:\windows\system32\ipconfig.exe- 2001-08-18 12:00:00 77,312 ----a-w c:\windows\system32\iphlpapi.dll+ 2004-08-04 05:56:44 94,720 ----a-w c:\windows\system32\iphlpapi.dll- 2001-08-18 12:00:00 453,632 ----a-w c:\windows\system32\ipnathlp.dll+ 2004-08-04 05:56:44 331,264 ----a-w c:\windows\system32\ipnathlp.dll- 2001-08-18 12:00:00 318,976 ----a-w c:\windows\system32\ippromon.dll+ 2004-08-04 05:56:44 330,752 ----a-w c:\windows\system32\ippromon.dll- 2001-08-18 12:00:00 332,800 ----a-w c:\windows\system32\ipsecsnp.dll+ 2004-08-04 05:56:44 349,696 ----a-w c:\windows\system32\ipsecsnp.dll- 2001-08-18 12:00:00 152,576 ----a-w c:\windows\system32\ipsecsvc.dll+ 2004-08-04 05:56:44 182,784 ----a-w c:\windows\system32\ipsecsvc.dll- 2001-08-18 12:00:00 364,032 ----a-w c:\windows\system32\ipsmsnap.dll+ 2004-08-04 05:56:44 384,000 ----a-w c:\windows\system32\ipsmsnap.dll- 2001-08-18 12:00:00 58,368 ----a-w c:\windows\system32\ipv6.exe+ 2004-08-04 05:56:52 53,248 ----a-w c:\windows\system32\ipv6.exe- 2001-08-18 12:00:00 121,344 ----a-w c:\windows\system32\ipv6mon.dll+ 2004-08-04 05:56:44 59,904 ----a-w c:\windows\system32\ipv6mon.dll- 2001-08-18 12:00:00 22,016 ----a-w c:\windows\system32\ipxroute.exe+ 2004-08-04 05:56:52 23,552 ----a-w c:\windows\system32\ipxroute.exe- 2001-08-18 12:00:00 120,320 ----a-w c:\windows\system32\ir41_qc.dll+ 2004-08-04 05:56:44 120,320 ----a-w c:\windows\system32\ir41_qc.dll- 2001-08-18 12:00:00 338,432 ----a-w c:\windows\system32\ir41_qcx.dll+ 2004-08-04 05:56:44 338,432 ----a-w c:\windows\system32\ir41_qcx.dll- 2001-08-18 12:00:00 755,200 ----a-w c:\windows\system32\ir50_32.dll+ 2004-08-04 05:56:44 755,200 ----a-w c:\windows\system32\ir50_32.dll- 2001-08-18 12:00:00 200,192 ----a-w c:\windows\system32\ir50_qc.dll+ 2004-08-04 05:56:44 200,192 ----a-w c:\windows\system32\ir50_qc.dll- 2001-08-18 12:00:00 183,808 ----a-w c:\windows\system32\ir50_qcx.dll+ 2004-08-04 05:56:44 183,808 ----a-w c:\windows\system32\ir50_qcx.dll- 2001-08-18 12:00:00 77,824 ----a-w c:\windows\system32\isign32.dll+ 2004-08-04 05:56:44 81,920 ----a-w c:\windows\system32\isign32.dll- 2001-08-18 12:00:00 28,672 ----a-w c:\windows\system32\isrdbg32.dll+ 2004-08-04 05:56:44 32,768 ----a-w c:\windows\system32\isrdbg32.dll- 2003-01-13 14:27:38 143,872 ----a-w c:\windows\system32\itircl.dll+ 2004-08-04 05:56:44 143,872 ----a-w c:\windows\system32\itircl.dll- 2003-01-13 14:27:38 122,368 ----a-w c:\windows\system32\itss.dll+ 2004-08-04 05:56:44 134,144 ----a-w c:\windows\system32\itss.dll- 2003-08-25 22:06:50 182,880 ----a-w c:\windows\system32\iuengine.dll+ 2004-08-04 05:56:44 192,000 ----a-w c:\windows\system32\iuengine.dll- 2001-08-18 12:00:00 49,152 ----a-w c:\windows\system32\ixsso.dll+ 2004-08-04 05:56:44 54,272 ----a-w c:\windows\system32\ixsso.dll- 2001-08-18 12:00:00 45,568 ----a-w c:\windows\system32\iyuv_32.dll+ 2004-08-04 05:56:44 47,616 ----a-w c:\windows\system32\iyuv_32.dll- 2003-01-13 18:57:58 589,881 ----a-w c:\windows\system32\jscript.dll+ 2004-08-04 05:56:44 450,560 ----a-w c:\windows\system32\jscript.dll- 2001-08-18 12:00:00 12,288 ----a-w c:\windows\system32\jsproxy.dll+ 2004-08-04 05:56:44 15,872 ----a-w c:\windows\system32\jsproxy.dll+ 2004-08-04 05:56:12 7,168 ------w c:\windows\system32\kbdfi1.dll+ 2004-08-04 05:56:12 6,144 ------w c:\windows\system32\kbdinbe1.dll+ 2004-08-04 05:56:12 6,656 ------w c:\windows\system32\kbdinben.dll+ 2004-08-04 05:56:12 6,656 ------w c:\windows\system32\kbdinmal.dll+ 2004-08-04 05:56:12 5,632 ------w c:\windows\system32\kbdmaori.dll+ 2004-08-04 05:56:12 6,144 ------w c:\windows\system32\kbdmlt47.dll+ 2004-08-04 05:56:12 6,144 ------w c:\windows\system32\kbdmlt48.dll+ 2004-08-04 05:56:12 7,168 ------w c:\windows\system32\kbdno1.dll+ 2004-08-04 05:56:12 7,680 ------w c:\windows\system32\kbdsmsfi.dll+ 2004-08-04 05:56:12 7,680 ------w c:\windows\system32\kbdsmsno.dll+ 2004-08-04 05:56:12 7,168 ------w c:\windows\system32\kbdukx.dll- 2001-08-18 12:00:00 44,160 ----a-w c:\windows\system32\kd1394.dll+ 2004-08-04 03:59:24 7,424 ----a-w c:\windows\system32\kd1394.dll- 2001-08-18 12:00:00 265,216 ----a-w c:\windows\system32\kerberos.dll+ 2004-08-04 05:56:44 294,400 ----a-w c:\windows\system32\kerberos.dll- 2001-08-18 12:00:00 926,720 ----a-w c:\windows\system32\kernel32.dll+ 2004-08-04 05:56:44 983,552 ----a-w c:\windows\system32\kernel32.dll- 2001-08-18 12:00:00 42,537 ----a-w c:\windows\system32\keyboard.sys+ 2004-08-04 03:46:56 42,537 ----a-w c:\windows\system32\keyboard.sys- 2001-08-18 12:00:00 146,432 ----a-w c:\windows\system32\keymgr.dll+ 2004-08-04 05:56:44 150,528 ----a-w c:\windows\system32\keymgr.dll- 2001-08-18 12:00:00 92,160 ----a-w c:\windows\system32\krnl386.exe+ 2004-08-04 03:49:34 92,224 ----a-w c:\windows\system32\krnl386.exe- 2002-12-12 04:14:32 4,096 ----a-w c:\windows\system32\ksuser.dll+ 2004-08-04 05:56:44 4,096 ----a-w c:\windows\system32\ksuser.dll- 2001-08-18 12:00:00 308,736 ----a-w c:\windows\system32\licdll.dll+ 2004-08-04 05:56:44 423,936 ----a-w c:\windows\system32\licdll.dll- 2001-08-18 12:00:00 19,456 ----a-w c:\windows\system32\licmgr10.dll+ 2004-08-04 05:56:44 22,016 ----a-w c:\windows\system32\licmgr10.dll- 2001-08-18 12:00:00 57,344 ----a-w c:\windows\system32\licwmi.dll+ 2004-08-04 05:56:44 58,880 ----a-w c:\windows\system32\licwmi.dll- 2001-08-18 12:00:00 15,360 ----a-w c:\windows\system32\linkinfo.dll+ 2004-08-04 05:56:44 18,944 ----a-w c:\windows\system32\linkinfo.dll- 2001-08-18 12:00:00 12,288 ----a-w c:\windows\system32\lmhsvc.dll+ 2004-08-04 05:56:44 13,824 ----a-w c:\windows\system32\lmhsvc.dll- 2001-08-18 12:00:00 381,440 ----a-w c:\windows\system32\lmrt.dll+ 2004-08-04 05:56:44 399,872 ----a-w c:\windows\system32\lmrt.dll- 2001-08-18 12:00:00 91,648 ----a-w c:\windows\system32\loadperf.dll+ 2004-08-04 05:56:44 97,280 ----a-w c:\windows\system32\loadperf.dll- 2001-08-18 12:00:00 202,752 ----a-w c:\windows\system32\localsec.dll+ 2004-08-04 05:56:44 221,696 ----a-w c:\windows\system32\localsec.dll- 2001-08-18 12:00:00 292,352 ----a-w c:\windows\system32\localspl.dll+ 2004-08-04 05:56:44 341,504 ----a-w c:\windows\system32\localspl.dll- 2001-08-18 12:00:00 10,240 ----a-w c:\windows\system32\localui.dll+ 2004-08-04 05:56:44 11,776 ----a-w c:\windows\system32\localui.dll- 2002-12-03 22:55:20 68,608 ----a-w c:\windows\system32\locator.exe+ 2004-08-04 05:56:52 75,264 ----a-w c:\windows\system32\locator.exe+ 2004-08-04 05:56:52 59,392 ------w c:\windows\system32\logman.exe- 2001-08-18 12:00:00 321,536 ----a-w c:\windows\system32\logon.scr+ 2004-08-04 05:56:58 220,672 ----a-w c:\windows\system32\logon.scr- 2001-08-18 12:00:00 504,320 ----a-w c:\windows\system32\logonui.exe+ 2004-08-04 05:56:52 514,560 ----a-w c:\windows\system32\logonui.exe- 2001-08-18 12:00:00 18,944 ----a-w c:\windows\system32\lpk.dll+ 2004-08-04 05:56:44 22,016 ----a-w c:\windows\system32\lpk.dll- 2001-08-18 12:00:00 8,704 ----a-w c:\windows\system32\lprhelp.dll+ 2004-08-04 05:56:44 10,240 ----a-w c:\windows\system32\lprhelp.dll- 2001-08-18 12:00:00 669,696 ----a-w c:\windows\system32\lsasrv.dll+ 2004-08-04 05:56:44 721,920 ----a-w c:\windows\system32\lsasrv.dll- 2001-08-18 12:00:00 11,776 ----a-w c:\windows\system32\lsass.exe+ 2004-08-04 05:56:52 13,312 ----a-w c:\windows\system32\lsass.exe- 2001-08-18 12:00:00 67,584 ----a-w c:\windows\system32\magnify.exe+ 2004-08-04 05:56:52 72,704 ----a-w c:\windows\system32\magnify.exe- 2001-08-18 12:00:00 79,360 ----a-w c:\windows\system32\makecab.exe+ 2004-08-04 05:56:52 85,504 ----a-w c:\windows\system32\makecab.exe- 2001-08-18 12:00:00 12,800 ----a-w c:\windows\system32\mcastmib.dll+ 2004-08-04 05:56:44 14,848 ----a-w c:\windows\system32\mcastmib.dll- 2001-08-18 12:00:00 80,384 ----a-w c:\windows\system32\mciavi32.dll+ 2004-08-04 05:56:44 84,480 ----a-w c:\windows\system32\mciavi32.dll- 2002-12-12 04:14:32 34,304 ----a-w c:\windows\system32\mciqtz32.dll+ 2004-08-04 05:56:44 35,328 ----a-w c:\windows\system32\mciqtz32.dll- 2001-08-18 12:00:00 20,992 ----a-w c:\windows\system32\mciseq.dll+ 2004-08-04 05:56:44 23,040 ----a-w c:\windows\system32\mciseq.dll- 2001-08-18 12:00:00 22,016 ----a-w c:\windows\system32\mciwave.dll+ 2004-08-04 05:56:44 23,552 ----a-w c:\windows\system32\mciwave.dll- 2004-03-22 20:17:06 24,816 ----a-w c:\windows\system32\mdimon.dll+ 2007-04-09 18:23:54 28,040 ----a-w c:\windows\system32\mdimon.dll- 2001-08-18 12:00:00 108,544 ----a-w c:\windows\system32\mdminst.dll+ 2004-08-04 05:56:44 118,272 ----a-w c:\windows\system32\mdminst.dll+ 2004-08-04 05:56:44 86,016 ------w c:\windows\system32\mdmxsdk.dll- 2001-08-18 12:00:00 35,328 ----a-w c:\windows\system32\mf3216.dll+ 2004-08-04 05:56:44 39,936 ----a-w c:\windows\system32\mf3216.dll- 2001-08-18 12:00:00 995,383 ----a-w c:\windows\system32\mfc42.dll+ 2004-08-04 05:56:44 1,028,096 ----a-w c:\windows\system32\mfc42.dll- 2001-08-18 12:00:00 995,384 ----a-w c:\windows\system32\mfc42u.dll+ 2004-08-04 05:56:44 1,024,000 ----a-w c:\windows\system32\mfc42u.dll- 2001-08-18 12:00:00 20,992 ----a-w c:\windows\system32\mfcsubs.dll+ 2004-08-04 05:56:44 22,528 ----a-w c:\windows\system32\mfcsubs.dll- 2001-08-18 12:00:00 12,800 ----a-w c:\windows\system32\mgmtapi.dll+ 2004-08-04 05:56:44 14,848 ----a-w c:\windows\system32\mgmtapi.dll- 2001-08-18 12:00:00 17,920 ----a-w c:\windows\system32\midimap.dll+ 2004-08-04 05:56:44 18,944 ----a-w c:\windows\system32\midimap.dll- 2001-08-18 12:00:00 56,320 ----a-w c:\windows\system32\miglibnt.dll+ 2004-08-04 05:56:44 60,928 ----a-w c:\windows\system32\miglibnt.dll- 2001-08-18 12:00:00 577,024 ----a-w c:\windows\system32\mlang.dll+ 2004-08-04 05:56:44 586,240 ----a-w c:\windows\system32\mlang.dll- 2001-08-18 12:00:00 774,144 ----a-w c:\windows\system32\mmc.exe+ 2004-08-04 05:56:52 815,104 ----a-w c:\windows\system32\mmc.exe- 2001-08-18 12:00:00 66,560 ----a-w c:\windows\system32\mmcbase.dll+ 2004-08-04 05:56:44 70,656 ----a-w c:\windows\system32\mmcbase.dll- 2001-08-18 12:00:00 1,136,128 ----a-w c:\windows\system32\mmcndmgr.dll+ 2004-08-04 05:56:44 1,192,960 ----a-w c:\windows\system32\mmcndmgr.dll- 2001-08-18 12:00:00 46,592 ----a-w c:\windows\system32\mmcshext.dll+ 2004-08-04 05:56:44 50,688 ----a-w c:\windows\system32\mmcshext.dll- 2001-08-18 12:00:00 16,384 ----a-w c:\windows\system32\mmfutil.dll+ 2004-08-04 05:56:44 17,408 ----a-w c:\windows\system32\mmfutil.dll- 2001-08-18 12:00:00 68,928 ----a-w c:\windows\system32\mmsystem.dll+ 2004-08-04 03:51:12 68,768 ----a-w c:\windows\system32\mmsystem.dll- 2001-08-18 12:00:00 32,384 ----a-w c:\windows\system32\mnmdd.dll+ 2004-08-04 05:56:44 34,560 ----a-w c:\windows\system32\mnmdd.dll- 2001-08-18 12:00:00 32,768 ----a-w c:\windows\system32\mnmsrvc.exe+ 2004-08-04 05:56:52 32,768 ----a-w c:\windows\system32\mnmsrvc.exe- 2001-08-18 12:00:00 196,096 ----a-w c:\windows\system32\mobsync.dll+ 2004-08-04 05:56:44 207,360 ----a-w c:\windows\system32\mobsync.dll- 2001-08-18 12:00:00 135,680 ----a-w c:\windows\system32\mobsync.exe+ 2004-08-04 05:56:52 143,360 ----a-w c:\windows\system32\mobsync.exe- 2001-08-18 12:00:00 145,408 ----a-w c:\windows\system32\modemui.dll+ 2004-08-04 05:56:44 153,600 ----a-w c:\windows\system32\modemui.dll- 2001-08-18 12:00:00 185,344 ----a-w c:\windows\system32\moricons.dll+ 2004-08-04 05:56:12 216,064 ----a-w c:\windows\system32\moricons.dll- 2002-12-11 23:12:02 316,040 ----a-w c:\windows\system32\mp43dmod.dll+ 2004-08-04 05:56:44 310,272 ----a-w c:\windows\system32\mp43dmod.dll- 2002-12-11 19:16:58 384,512 ----a-w c:\windows\system32\mp4sdmod.dll+ 2004-08-04 05:56:44 384,512 ----a-w c:\windows\system32\mp4sdmod.dll- 2002-12-11 21:34:40 241,664 ----a-w c:\windows\system32\mpg4dmod.dll+ 2004-08-04 05:56:44 240,640 ----a-w c:\windows\system32\mpg4dmod.dll- 2001-08-18 12:00:00 116,736 ----a-w c:\windows\system32\mplay32.exe+ 2004-08-04 05:56:54 123,392 ----a-w c:\windows\system32\mplay32.exe- 2001-08-18 12:00:00 55,808 ----a-w c:\windows\system32\mpr.dll+ 2004-08-04 05:56:44 59,904 ----a-w c:\windows\system32\mpr.dll- 2001-08-18 12:00:00 79,360 ----a-w c:\windows\system32\mprapi.dll+ 2004-08-04 05:56:44 87,040 ----a-w c:\windows\system32\mprapi.dll- 2001-08-18 12:00:00 67,072 ----a-w c:\windows\system32\msacm32.dll+ 2004-08-04 05:56:44 71,680 ----a-w c:\windows\system32\msacm32.dll- 2001-08-18 12:00:00 3,584 ----a-w c:\windows\system32\msafd.dll+ 2004-08-04 05:56:14 3,584 ----a-w c:\windows\system32\msafd.dll- 2001-08-18 12:00:00 80,128 ----a-w c:\windows\system32\msapsspc.dll+ 2004-08-04 05:56:44 86,016 ----a-w c:\windows\system32\msapsspc.dll- 2001-08-18 12:00:00 51,200 ----a-w c:\windows\system32\msasn1.dll+ 2004-08-04 05:56:44 57,344 ----a-w c:\windows\system32\msasn1.dll- 2001-08-18 12:00:00 68,096 ----a-w c:\windows\system32\mscms.dll+ 2004-08-04 05:56:44 73,728 ----a-w c:\windows\system32\mscms.dll- 2001-08-18 12:00:00 65,536 ----a-w c:\windows\system32\msconf.dll+ 2004-08-04 05:56:44 69,632 ----a-w c:\windows\system32\msconf.dll- 2001-08-18 12:00:00 12,288 ----a-w c:\windows\system32\mscpx32r.dLL+ 2004-08-04 05:56:14 12,288 ----a-w c:\windows\system32\mscpx32r.dll- 2001-08-18 12:00:00 36,864 ----a-w c:\windows\system32\mscpxl32.dLL+ 2004-08-04 05:56:44 36,864 ----a-w c:\windows\system32\mscpxl32.dll- 2001-08-18 12:00:00 293,888 ----a-w c:\windows\system32\MSCTF.dll+ 2004-08-04 05:56:44 294,400 ----a-w c:\windows\system32\msctf.dll- 2001-08-18 12:00:00 65,536 ----a-w c:\windows\system32\MSCTFP.dll+ 2004-08-04 05:56:44 69,120 ----a-w c:\windows\system32\msctfp.dll+ 2004-08-04 05:56:44 118,784 ------w c:\windows\system32\msdadiag.dll- 2001-08-18 12:00:00 126,976 ----a-w c:\windows\system32\msdart.dll+ 2004-08-04 05:56:44 151,552 ----a-w c:\windows\system32\msdart.dll- 2002-12-12 04:14:32 13,312 ----a-w c:\windows\system32\msdmo.dll+ 2004-08-04 05:56:44 14,336 ----a-w c:\windows\system32\msdmo.dll- 2001-08-18 12:00:00 6,144 ----a-w c:\windows\system32\msdtc.exe+ 2004-08-04 05:56:54 6,144 ----a-w c:\windows\system32\msdtc.exe- 2001-08-18 12:00:00 54,784 ----a-w c:\windows\system32\msdtclog.dll+ 2004-08-04 05:56:44 58,880 ----a-w c:\windows\system32\msdtclog.dll- 2001-08-18 12:00:00 360,960 ----a-w c:\windows\system32\msdtcprx.dll+ 2004-08-04 05:56:44 425,472 ----a-w c:\windows\system32\msdtcprx.dll- 2001-08-18 12:00:00 869,376 ----a-w c:\windows\system32\msdtctm.dll+ 2004-08-04 05:56:44 949,248 ----a-w c:\windows\system32\msdtctm.dll- 2001-08-18 12:00:00 151,040 ----a-w c:\windows\system32\msdtcuiu.dll+ 2004-08-04 05:56:44 161,280 ----a-w c:\windows\system32\msdtcuiu.dll- 2001-08-18 12:00:00 4,126 ----a-w c:\windows\system32\msdxmlc.dll+ 2004-08-04 05:56:14 4,126 ----a-w c:\windows\system32\msdxmlc.dll- 2001-08-18 12:00:00 512,074 ----a-w c:\windows\system32\msexch40.dll+ 2004-08-04 05:56:44 512,029 ----a-w c:\windows\system32\msexch40.dll- 2001-08-18 12:00:00 319,562 ----a-w c:\windows\system32\msexcl40.dll+ 2004-08-04 05:56:44 319,517 ----a-w c:\windows\system32\msexcl40.dll+ 2004-08-04 05:56:44 537,088 ------w c:\windows\system32\msftedit.dll- 2001-08-18 12:00:00 967,680 ----a-w c:\windows\system32\msgina.dll+ 2004-08-04 05:56:44 994,304 ----a-w c:\windows\system32\msgina.dll- 2001-08-18 12:00:00 34,304 ----a-w c:\windows\system32\msgsvc.dll+ 2004-08-04 05:56:44 33,792 ----a-w c:\windows\system32\msgsvc.dll- 2001-08-18 12:00:00 184,320 ----a-w c:\windows\system32\msh261.drv+ 2004-08-04 05:56:58 188,416 ----a-w c:\windows\system32\msh261.drv- 2001-08-18 12:00:00 286,720 ----a-w c:\windows\system32\msh263.drv+ 2004-08-04 05:56:58 294,912 ----a-w c:\windows\system32\msh263.drv- 2001-08-18 12:00:00 24,064 ----a-w c:\windows\system32\mshta.exe+ 2004-08-04 05:56:54 29,184 ----a-w c:\windows\system32\mshta.exe- 2001-08-18 12:00:00 2,793,984 ----a-w c:\windows\system32\mshtml.dll+ 2004-08-04 05:56:44 3,003,392 ----a-w c:\windows\system32\mshtml.dll- 2001-08-18 12:00:00 438,272 ----a-w c:\windows\system32\mshtmled.dll+ 2004-08-04 05:56:44 448,512 ----a-w c:\windows\system32\mshtmled.dll- 2001-08-18 12:00:00 56,320 ----a-w c:\windows\system32\mshtmler.dll+ 2004-08-04 05:56:16 56,832 ----a-w c:\windows\system32\mshtmler.dll- 2001-08-18 12:00:00 44,032 ----a-w c:\windows\system32\msident.dll+ 2004-08-04 05:56:44 51,712 ----a-w c:\windows\system32\msident.dll- 2001-08-18 12:00:00 5,120 ----a-w c:\windows\system32\msidle.dll+ 2004-08-04 05:56:44 6,656 ----a-w c:\windows\system32\msidle.dll- 2001-08-18 12:00:00 232,448 ----a-w c:\windows\system32\msieftp.dll+ 2004-08-04 05:56:44 248,832 ----a-w c:\windows\system32\msieftp.dll- 2001-08-18 12:00:00 4,608 ----a-w c:\windows\system32\msimg32.dll+ 2004-08-04 05:56:44 4,608 ----a-w c:\windows\system32\msimg32.dll- 2001-08-18 12:00:00 156,672 ----a-w c:\windows\system32\MSIMTF.dll+ 2004-08-04 05:56:44 159,232 ----a-w c:\windows\system32\msimtf.dll- 2001-08-18 12:00:00 1,503,260 ----a-w c:\windows\system32\msjet40.dll+ 2004-08-04 05:56:44 1,507,356 ----a-w c:\windows\system32\msjet40.dll- 2001-08-18 12:00:00 348,238 ----a-w c:\windows\system32\msjetoledb40.dll+ 2004-07-17 16:34:48 358,976 ----a-w c:\windows\system32\msjetoledb40.dll- 2001-08-18 12:00:00 151,626 ----a-w c:\windows\system32\msjint40.dll+ 2004-08-04 05:56:44 151,583 ----a-w c:\windows\system32\msjint40.dll- 2001-08-18 12:00:00 53,322 ----a-w c:\windows\system32\msjter40.dll+ 2004-08-04 05:56:44 53,279 ----a-w c:\windows\system32\msjter40.dll- 2001-08-18 12:00:00 241,695 ----a-w c:\windows\system32\msjtes40.dll+ 2004-08-04 05:56:44 241,693 ----a-w c:\windows\system32\msjtes40.dll- 2001-08-18 12:00:00 46,080 ----a-w c:\windows\system32\mslbui.dll+ 2004-08-04 05:56:44 25,088 ----a-w c:\windows\system32\mslbui.dll- 2001-08-18 12:00:00 213,066 ----a-w c:\windows\system32\msltus40.dll+ 2004-08-04 05:56:44 213,023 ----a-w c:\windows\system32\msltus40.dll- 2001-08-18 12:00:00 116,272 ----a-w c:\windows\system32\msnsspc.dll+ 2004-08-04 05:56:44 290,816 ----a-w c:\windows\system32\msnsspc.dll- 2001-08-18 12:00:00 228,864 ----a-w c:\windows\system32\msoeacct.dll+ 2004-08-04 05:56:44 252,928 ----a-w c:\windows\system32\msoeacct.dll- 2001-08-18 12:00:00 90,624 ----a-w c:\windows\system32\msoert2.dll+ 2004-08-04 05:56:44 105,984 ----a-w c:\windows\system32\msoert2.dll- 2001-08-18 12:00:00 20,480 ----a-w c:\windows\system32\msorc32r.dll+ 2004-08-04 05:56:20 20,480 ----a-w c:\windows\system32\msorc32r.dll- 2001-08-18 12:00:00 131,072 ----a-w c:\windows\system32\msorcl32.dll+ 2004-08-04 05:56:44 143,360 ----a-w c:\windows\system32\msorcl32.dll- 2001-08-18 12:00:00 339,968 ----a-w c:\windows\system32\mspaint.exe+ 2004-08-04 05:56:54 343,040 ----a-w c:\windows\system32\mspaint.exe- 2001-08-18 12:00:00 27,136 ----a-w c:\windows\system32\mspatcha.dll+ 2004-08-04 05:56:44 30,208 ----a-w c:\windows\system32\mspatcha.dll- 2001-08-18 12:00:00 348,234 ----a-w c:\windows\system32\mspbde40.dll+ 2004-08-04 05:56:44 348,189 ----a-w c:\windows\system32\mspbde40.dll- 2001-08-18 12:00:00 45,056 ----a-w c:\windows\system32\msprivs.dll+ 2004-08-04 05:56:20 48,128 ----a-w c:\windows\system32\msprivs.dll- 2001-08-18 12:00:00 132,096 ----a-w c:\windows\system32\msrating.dll+ 2004-08-04 05:56:44 146,432 ----a-w c:\windows\system32\msrating.dll- 2001-08-18 12:00:00 421,962 ----a-w c:\windows\system32\msrd2x40.dll+ 2004-08-04 05:56:44 421,919 ----a-w c:\windows\system32\msrd2x40.dll- 2001-08-18 12:00:00 315,466 ----a-w c:\windows\system32\msrd3x40.dll+ 2004-08-04 05:56:44 315,423 ----a-w c:\windows\system32\msrd3x40.dll- 2001-08-18 12:00:00 553,034 ----a-w c:\windows\system32\msrepl40.dll+ 2004-08-04 05:56:44 552,989 ----a-w c:\windows\system32\msrepl40.dll- 2001-08-18 12:00:00 9,728 ----a-w c:\windows\system32\msrle32.dll+ 2004-08-04 05:56:44 11,264 ----a-w c:\windows\system32\msrle32.dll+ 2004-08-04 05:56:44 134,656 ------w c:\windows\system32\mssap.dll- 2001-08-18 12:00:00 250,368 ----a-w c:\windows\system32\mstask.dll+ 2004-08-04 05:56:44 274,944 ----a-w c:\windows\system32\mstask.dll- 2001-08-18 12:00:00 254,026 ----a-w c:\windows\system32\mstext40.dll+ 2004-08-04 05:56:44 258,077 ----a-w c:\windows\system32\mstext40.dll- 2001-08-18 12:00:00 497,152 ----a-w c:\windows\system32\mstime.dll+ 2004-08-04 05:56:44 530,432 ----a-w c:\windows\system32\mstime.dll- 2001-08-18 12:00:00 9,728 ----a-w c:\windows\system32\mstinit.exe+ 2004-08-04 05:56:54 12,288 ----a-w c:\windows\system32\mstinit.exe- 2001-08-18 12:00:00 103,936 ----a-w c:\windows\system32\mstlsapi.dll+ 2004-08-04 05:56:44 115,712 ----a-w c:\windows\system32\mstlsapi.dll- 2001-08-18 12:00:00 385,536 ----a-w c:\windows\system32\mstsc.exe+ 2004-08-04 03:59:42 407,552 ----a-w c:\windows\system32\mstsc.exe- 2001-08-18 12:00:00 503,296 ----a-w c:\windows\system32\mstscax.dll+ 2004-08-04 03:59:44 655,360 ----a-w c:\windows\system32\mstscax.dll- 2001-08-18 12:00:00 209,920 ----a-w c:\windows\system32\msutb.dll+ 2004-08-04 05:56:44 195,072 ----a-w c:\windows\system32\msutb.dll- 2001-08-18 12:00:00 108,032 ----a-w c:\windows\system32\msv1_0.dll+ 2004-08-04 05:56:44 129,536 ----a-w c:\windows\system32\msv1_0.dll- 2001-08-18 12:00:00 50,688 ----a-w c:\windows\system32\msvcirt.dll+ 2004-08-04 05:56:44 54,784 ----a-w c:\windows\system32\msvcirt.dll- 2001-08-18 12:00:00 401,462 ----a-w c:\windows\system32\msvcp60.dll+ 2004-08-04 05:56:44 413,696 ----a-w c:\windows\system32\msvcp60.dll- 2001-08-18 12:00:00 322,560 ----a-w c:\windows\system32\msvcrt.dll+ 2004-08-04 05:56:44 343,040 ----a-w c:\windows\system32\msvcrt.dll- 2001-08-18 12:00:00 65,024 ----a-w c:\windows\system32\msvcrt40.dll+ 2004-08-04 03:58:26 61,440 ----a-w c:\windows\system32\msvcrt40.dll- 2001-08-18 12:00:00 113,152 ----a-w c:\windows\system32\msvfw32.dll+ 2004-08-04 05:56:44 120,832 ----a-w c:\windows\system32\msvfw32.dll- 2004-07-09 08:26:38 1,230,336 ----a-w c:\windows\system32\msvidctl.dll+ 2004-08-04 05:56:44 1,428,480 ----a-w c:\windows\system32\msvidctl.dll- 2001-08-18 12:00:00 66,048 ----a-w c:\windows\system32\msw3prt.dll+ 2004-08-04 05:56:44 72,704 ----a-w c:\windows\system32\msw3prt.dll- 2001-08-18 12:00:00 831,562 ----a-w c:\windows\system32\mswdat10.dll+ 2004-08-04 05:56:46 831,519 ----a-w c:\windows\system32\mswdat10.dll- 2002-12-12 04:14:32 324,096 ----a-w c:\windows\system32\mswebdvd.dll+ 2004-08-04 05:56:46 204,288 ----a-w c:\windows\system32\mswebdvd.dll- 2001-08-18 12:00:00 228,352 ----a-w c:\windows\system32\mswsock.dll+ 2004-08-04 05:56:46 245,248 ----a-w c:\windows\system32\mswsock.dll- 2001-08-18 12:00:00 614,474 ----a-w c:\windows\system32\mswstr10.dll+ 2004-08-04 05:56:46 614,429 ----a-w c:\windows\system32\mswstr10.dll- 2001-08-18 12:00:00 344,138 ----a-w c:\windows\system32\msxbde40.dll+ 2004-08-04 05:56:46 348,189 ----a-w c:\windows\system32\msxbde40.dll- 2001-08-18 12:00:00 495,376 ----a-w c:\windows\system32\msxml.dll+ 2004-08-04 05:56:46 506,368 ----a-w c:\windows\system32\msxml.dll- 2001-08-18 12:00:00 688,667 ----a-w c:\windows\system32\msxml2.dll+ 2004-08-04 05:56:46 701,440 ----a-w c:\windows\system32\msxml2.dll- 2001-08-18 12:00:00 1,118,720 ----a-w c:\windows\system32\msxml3.dll+ 2004-08-04 05:56:46 1,236,480 ----a-w c:\windows\system32\msxml3.dll- 2004-07-09 08:26:38 16,896 ----a-w c:\windows\system32\msyuv.dll+ 2004-08-04 05:56:46 17,408 ----a-w c:\windows\system32\msyuv.dll- 2001-08-18 12:00:00 61,440 ----a-w c:\windows\system32\mtxclu.dll+ 2004-08-04 05:56:46 66,560 ----a-w c:\windows\system32\mtxclu.dll- 2001-08-18 12:00:00 83,968 ----a-w c:\windows\system32\mtxoci.dll+ 2004-08-04 05:56:46 90,112 ----a-w c:\windows\system32\mtxoci.dll+ 2004-08-04 05:56:46 1,737,856 ------w c:\windows\system32\mtxparhd.dll+ 2004-08-04 05:56:24 405,504 ------w c:\windows\system32\mui\041b\xpob2res.dll+ 2004-08-04 05:56:30 193,024 ------w c:\windows\system32\mui\041b\xpsp1res.dll+ 2004-08-04 05:56:30 757,248 ------w c:\windows\system32\mui\041b\xpsp2res.dll+ 2004-08-04 05:56:38 187,392 ------w c:\windows\system32\mui\041e\xpsp1res.dll+ 2004-08-04 05:56:38 2,897,920 ------w c:\windows\system32\mui\041e\xpsp2res.dll+ 2004-08-04 05:56:24 408,576 ------w c:\windows\system32\mui\0424\xpob2res.dll+ 2004-08-04 05:56:30 192,512 ------w c:\windows\system32\mui\0424\xpsp1res.dll+ 2004-08-04 05:56:32 732,160 ------w c:\windows\system32\mui\0424\xpsp2res.dll- 2001-08-18 12:00:00 88,064 ----a-w c:\windows\system32\mydocs.dll+ 2004-08-04 05:56:46 90,624 ----a-w c:\windows\system32\mydocs.dll- 2001-08-18 12:00:00 51,200 ----a-w c:\windows\system32\narrator.exe+ 2004-08-04 05:56:56 53,760 ----a-w c:\windows\system32\narrator.exe- 2001-08-18 12:00:00 42,496 ----a-w c:\windows\system32\ncobjapi.dll+ 2004-08-04 05:56:46 36,352 ----a-w c:\windows\system32\ncobjapi.dll- 2001-08-18 12:00:00 15,360 ----a-w c:\windows\system32\nddeapi.dll+ 2004-08-04 05:56:46 17,920 ----a-w c:\windows\system32\nddeapi.dll- 2001-08-18 12:00:00 4,096 ----a-w c:\windows\system32\nddeapir.exe+ 2004-08-04 05:56:56 4,096 ----a-w c:\windows\system32\nddeapir.exe- 2001-08-18 12:00:00 16,384 ----a-w c:\windows\system32\nddenb32.dll+ 2004-08-04 05:56:46 18,944 ----a-w c:\windows\system32\nddenb32.dll- 2001-08-18 12:00:00 39,424 ----a-w c:\windows\system32\net.exe+ 2004-08-04 05:56:56 42,496 ----a-w c:\windows\system32\net.exe- 2001-08-18 12:00:00 115,200 ----a-w c:\windows\system32\net1.exe+ 2004-08-04 05:56:56 124,928 ----a-w c:\windows\system32\net1.exe- 2001-08-18 12:00:00 309,760 ----a-w c:\windows\system32\netapi32.dll+ 2004-08-04 05:56:46 332,288 ----a-w c:\windows\system32\netapi32.dll- 2001-08-18 12:00:00 584,704 ----a-w c:\windows\system32\netcfgx.dll+ 2004-08-04 05:56:46 622,080 ----a-w c:\windows\system32\netcfgx.dll- 2001-08-18 12:00:00 105,984 ----a-w c:\windows\system32\netdde.exe+ 2004-08-04 05:56:56 111,104 ----a-w c:\windows\system32\netdde.exe- 2001-08-18 12:00:00 134,656 ----a-w c:\windows\system32\netid.dll+ 2004-08-04 05:56:46 139,264 ----a-w c:\windows\system32\netid.dll- 2001-08-18 12:00:00 397,824 ----a-w c:\windows\system32\netlogon.dll+ 2004-08-04 05:56:46 407,040 ----a-w c:\windows\system32\netlogon.dll- 2001-08-18 12:00:00 147,968 ----a-w c:\windows\system32\netman.dll+ 2004-08-04 05:56:46 198,144 ----a-w c:\windows\system32\netman.dll- 2001-08-18 12:00:00 857,600 ----a-w c:\windows\system32\netplwiz.dll+ 2004-08-04 05:56:46 875,008 ----a-w c:\windows\system32\netplwiz.dll- 2001-08-18 12:00:00 10,752 ----a-w c:\windows\system32\netrap.dll+ 2004-08-04 05:56:46 12,288 ----a-w c:\windows\system32\netrap.dll- 2001-08-18 12:00:00 324,608 ----a-w c:\windows\system32\netsetup.exe+ 2004-08-04 06:02:46 329,728 ----a-w c:\windows\system32\netsetup.exe- 2001-08-18 12:00:00 82,944 ----a-w c:\windows\system32\netsh.exe+ 2004-08-04 05:56:56 86,016 ----a-w c:\windows\system32\netsh.exe- 2001-08-18 12:00:00 1,618,944 ----a-w c:\windows\system32\netshell.dll+ 2004-08-04 05:56:46 1,708,032 ----a-w c:\windows\system32\netshell.dll- 2001-08-18 12:00:00 30,720 ----a-w c:\windows\system32\netstat.exe+ 2004-08-04 05:56:56 36,864 ----a-w c:\windows\system32\netstat.exe- 2001-08-18 12:00:00 74,752 ----a-w c:\windows\system32\netui0.dll+ 2004-08-04 05:56:46 80,896 ----a-w c:\windows\system32\netui0.dll- 2001-08-18 12:00:00 230,400 ----a-w c:\windows\system32\netui1.dll+ 2004-08-04 05:56:46 245,760 ----a-w c:\windows\system32\netui1.dll- 2001-08-18 12:00:00 238,080 ----a-w c:\windows\system32\newdev.dll+ 2004-08-04 05:56:46 248,832 ----a-w c:\windows\system32\newdev.dll- 2001-08-18 12:00:00 91,136 ----a-w c:\windows\system32\nlhtml.dll+ 2004-08-04 05:56:46 103,936 ----a-w c:\windows\system32\nlhtml.dll- 2001-08-18 12:00:00 24,576 ----a-w c:\windows\system32\nmmkcert.dll+ 2004-08-04 05:56:46 28,672 ----a-w c:\windows\system32\nmmkcert.dll- 2001-08-18 12:00:00 66,048 ----a-w c:\windows\system32\notepad.exe+ 2004-08-04 05:56:56 69,120 ----a-w c:\windows\system32\notepad.exe- 2001-08-18 12:00:00 55,808 ----a-w c:\windows\system32\npp\ndisnpp.dll+ 2004-08-04 05:56:46 57,344 ----a-w c:\windows\system32\npp\ndisnpp.dll- 2001-08-18 12:00:00 13,824 ----a-w c:\windows\system32\npp\nppagent.exe+ 2004-08-04 05:56:56 15,360 ----a-w c:\windows\system32\npp\nppagent.exe- 2001-08-18 12:00:00 49,152 ----a-w c:\windows\system32\npptools.dll+ 2004-08-04 05:56:46 54,784 ----a-w c:\windows\system32\npptools.dll- 2001-08-18 12:00:00 71,680 ----a-w c:\windows\system32\nslookup.exe+ 2004-08-04 05:56:56 76,800 ----a-w c:\windows\system32\nslookup.exe- 2003-05-02 15:03:02 651,264 ----a-w c:\windows\system32\ntdll.dll+ 2004-08-04 05:56:38 708,096 ----a-w c:\windows\system32\ntdll.dll- 2001-08-18 12:00:00 64,512 ----a-w c:\windows\system32\ntdsapi.dll+ 2004-08-04 05:56:46 67,072 ----a-w c:\windows\system32\ntdsapi.dll- 2001-08-18 12:00:00 33,808 ----a-w c:\windows\system32\ntio.sys+ 2004-08-04 03:45:10 33,840 ----a-w c:\windows\system32\ntio.sys- 2001-08-18 12:00:00 34,528 ----a-w c:\windows\system32\ntio404.sys+ 2004-08-04 03:45:16 34,560 ----a-w c:\windows\system32\ntio404.sys- 2001-08-18 12:00:00 35,632 ----a-w c:\windows\system32\ntio411.sys+ 2004-08-04 03:45:12 35,648 ----a-w c:\windows\system32\ntio411.sys- 2001-08-18 12:00:00 35,392 ----a-w c:\windows\system32\ntio412.sys+ 2004-08-04 03:45:16 35,424 ----a-w c:\windows\system32\ntio412.sys- 2001-08-18 12:00:00 34,528 ----a-w c:\windows\system32\ntio804.sys+ 2004-08-04 03:45:14 34,560 ----a-w c:\windows\system32\ntio804.sys- 2001-08-18 12:00:00 1,897,856 ----a-w c:\windows\system32\ntkrnlpa.exe+ 2004-08-04 03:59:00 2,056,832 ----a-w c:\windows\system32\ntkrnlpa.exe- 2001-08-18 12:00:00 38,400 ----a-w c:\windows\system32\ntlanman.dll+ 2004-08-04 05:56:46 43,520 ----a-w c:\windows\system32\ntlanman.dll- 2001-08-18 12:00:00 6,656 ----a-w c:\windows\system32\ntlsapi.dll+ 2004-08-04 05:56:46 8,192 ----a-w c:\windows\system32\ntlsapi.dll- 2001-08-18 12:00:00 110,080 ----a-w c:\windows\system32\ntmarta.dll+ 2004-08-04 05:56:46 118,784 ----a-w c:\windows\system32\ntmarta.dll- 2001-08-18 12:00:00 37,376 ----a-w c:\windows\system32\ntmsapi.dll+ 2004-08-04 05:56:46 40,960 ----a-w c:\windows\system32\ntmsapi.dll- 2001-08-18 12:00:00 165,888 ----a-w c:\windows\system32\ntmsdba.dll+ 2004-08-04 05:56:46 179,712 ----a-w c:\windows\system32\ntmsdba.dll- 2001-08-18 12:00:00 460,288 ----a-w c:\windows\system32\ntmsmgr.dll+ 2004-08-04 05:56:46 488,448 ----a-w c:\windows\system32\ntmsmgr.dll- 2001-08-18 12:00:00 392,192 ----a-w c:\windows\system32\ntmssvc.dll+ 2004-08-04 05:56:46 435,200 ----a-w c:\windows\system32\ntmssvc.dll- 2001-08-18 12:00:00 1,875,584 ----a-w c:\windows\system32\ntoskrnl.exe+ 2004-08-04 04:20:00 2,180,992 ----a-w c:\windows\system32\ntoskrnl.exe- 2001-08-18 12:00:00 80,896 ----a-w c:\windows\system32\ntprint.dll+ 2004-08-04 05:56:46 91,136 ----a-w c:\windows\system32\ntprint.dll- 2001-08-18 12:00:00 137,216 ----a-w c:\windows\system32\ntshrui.dll+ 2004-08-04 05:56:46 143,872 ----a-w c:\windows\system32\ntshrui.dll- 2001-08-18 12:00:00 395,776 ----a-w c:\windows\system32\ntvdm.exe+ 2004-08-04 05:56:56 419,840 ----a-w c:\windows\system32\ntvdm.exe+ 2004-08-04 05:56:46 4,274,816 ------w c:\windows\system32\nv4_disp.dll- 2001-08-18 12:00:00 133,632 ----a-w c:\windows\system32\nwprovau.dll+ 2004-08-04 05:56:46 144,384 ----a-w c:\windows\system32\nwprovau.dll- 2001-08-18 12:00:00 210,432 ----a-w c:\windows\system32\oakley.dll+ 2004-08-04 05:56:46 266,752 ----a-w c:\windows\system32\oakley.dll- 2001-08-18 12:00:00 271,360 ----a-w c:\windows\system32\objsel.dll+ 2004-08-04 05:56:46 285,696 ----a-w c:\windows\system32\objsel.dll- 2001-08-18 12:00:00 87,552 ----a-w c:\windows\system32\occache.dll+ 2004-08-04 05:56:46 96,256 ----a-w c:\windows\system32\occache.dll- 2001-08-18 12:00:00 200,704 ----a-w c:\windows\system32\odbc32.dll+ 2004-08-04 05:56:46 249,856 ----a-w c:\windows\system32\odbc32.dll- 2001-08-18 12:00:00 16,384 ----a-w c:\windows\system32\odbc32gt.dll+ 2004-08-04 05:56:46 16,384 ----a-w c:\windows\system32\odbc32gt.dll- 2001-08-18 12:00:00 32,768 ----a-w c:\windows\system32\odbcad32.exe+ 2004-08-04 05:56:56 32,768 ----a-w c:\windows\system32\odbcad32.exe- 2001-08-18 12:00:00 24,576 ----a-w c:\windows\system32\odbcbcp.dll+ 2004-08-04 05:56:46 24,576 ----a-w c:\windows\system32\odbcbcp.dll- 2001-08-18 12:00:00 122,880 ----a-w c:\windows\system32\odbcconf.dll+ 2004-08-04 05:56:46 135,168 ----a-w c:\windows\system32\odbcconf.dll- 2001-08-18 12:00:00 53,248 ----a-w c:\windows\system32\odbcconf.exe+ 2004-08-04 05:56:56 69,632 ----a-w c:\windows\system32\odbcconf.exe- 2001-08-18 12:00:00 94,208 ----a-w c:\windows\system32\odbccp32.dll+ 2004-08-04 05:56:46 106,496 ----a-w c:\windows\system32\odbccp32.dll- 2001-08-18 12:00:00 61,440 ----a-w c:\windows\system32\odbccr32.dll+ 2004-08-04 05:56:46 65,536 ----a-w c:\windows\system32\odbccr32.dll- 2001-08-18 12:00:00 61,440 ----a-w c:\windows\system32\odbccu32.dll+ 2004-08-04 05:56:46 65,536 ----a-w c:\windows\system32\odbccu32.dll- 2001-08-18 12:00:00 90,112 ----a-w c:\windows\system32\odbcint.dll+ 2004-08-04 05:56:24 94,208 ----a-w c:\windows\system32\odbcint.dll- 2001-08-18 12:00:00 53,279 ----a-w c:\windows\system32\odbcji32.dll+ 2004-08-04 05:56:24 53,279 ----a-w c:\windows\system32\odbcji32.dll- 2001-08-18 12:00:00 270,365 ----a-w c:\windows\system32\odbcjt32.dll+ 2004-08-04 05:56:46 278,559 ----a-w c:\windows\system32\odbcjt32.dll- 2001-08-18 12:00:00 12,288 ----a-w c:\windows\system32\odbcp32r.dll+ 2004-08-04 05:56:24 12,288 ----a-w c:\windows\system32\odbcp32r.dll- 2001-08-18 12:00:00 147,456 ----a-w c:\windows\system32\odbctrac.dll+ 2004-08-04 05:56:46 147,456 ----a-w c:\windows\system32\odbctrac.dll- 2001-08-18 12:00:00 20,554 ----a-w c:\windows\system32\oddbse32.dll+ 2004-08-04 05:56:46 20,511 ----a-w c:\windows\system32\oddbse32.dll- 2001-08-18 12:00:00 20,553 ----a-w c:\windows\system32\odexl32.dll+ 2004-08-04 05:56:46 20,510 ----a-w c:\windows\system32\odexl32.dll- 2001-08-18 12:00:00 20,553 ----a-w c:\windows\system32\odfox32.dll+ 2004-08-04 05:56:46 20,510 ----a-w c:\windows\system32\odfox32.dll- 2001-08-18 12:00:00 20,553 ----a-w c:\windows\system32\odpdx32.dll+ 2004-08-04 05:56:46 20,510 ----a-w c:\windows\system32\odpdx32.dll- 2001-08-18 12:00:00 20,554 ----a-w c:\windows\system32\odtext32.dll+ 2004-08-04 05:56:46 20,511 ----a-w c:\windows\system32\odtext32.dll- 2001-08-18 12:00:00 102,400 ----a-w c:\windows\system32\offfilt.dll+ 2004-08-04 05:56:46 120,832 ----a-w c:\windows\system32\offfilt.dll- 2001-08-18 12:00:00 1,141,248 ----a-w c:\windows\system32\ole32.dll+ 2004-08-04 05:56:46 1,281,536 ----a-w c:\windows\system32\ole32.dll- 2001-08-18 12:00:00 569,344 ------w c:\windows\system32\oleaut32.dll+ 2004-08-04 05:56:46 553,472 ------w c:\windows\system32\oleaut32.dll- 2001-08-18 12:00:00 98,304 ----a-w c:\windows\system32\oleprn.dll+ 2004-08-04 05:56:46 107,008 ----a-w c:\windows\system32\oleprn.dll- 2001-08-18 12:00:00 106,496 ------w c:\windows\system32\olepro32.dll+ 2004-08-04 05:56:46 83,456 ----a-w c:\windows\system32\olepro32.dll- 2001-08-18 12:00:00 107,008 ----a-w c:\windows\system32\oobe\msobcomm.dll+ 2004-08-04 05:56:44 122,368 ----a-w c:\windows\system32\oobe\msobcomm.dll- 2001-08-18 12:00:00 14,336 ----a-w c:\windows\system32\oobe\msobdl.dll+ 2004-08-04 05:56:44 16,384 ----a-w c:\windows\system32\oobe\msobdl.dll- 2001-08-18 12:00:00 532,480 ----a-w c:\windows\system32\oobe\msobmain.dll+ 2004-08-04 05:56:44 561,664 ----a-w c:\windows\system32\oobe\msobmain.dll- 2001-08-18 12:00:00 28,160 ----a-w c:\windows\system32\oobe\msobshel.dll+ 2004-08-04 05:56:44 30,720 ----a-w c:\windows\system32\oobe\msobshel.dll- 2001-08-18 12:00:00 16,896 ----a-w c:\windows\system32\oobe\msobweb.dll+ 2004-08-04 05:56:44 18,944 ----a-w c:\windows\system32\oobe\msobweb.dll- 2001-08-18 12:00:00 49,664 ----a-w c:\windows\system32\oobe\oobebaln.exe+ 2004-08-04 05:56:56 51,200 ----a-w c:\windows\system32\oobe\oobebaln.exe- 2001-08-18 12:00:00 685,568 ----a-w c:\windows\system32\opengl32.dll+ 2004-08-04 05:56:46 713,728 ----a-w c:\windows\system32\opengl32.dll- 2001-08-18 12:00:00 212,480 ----a-w c:\windows\system32\osk.exe+ 2004-08-04 05:56:56 215,552 ----a-w c:\windows\system32\osk.exe- 2001-08-18 12:00:00 61,952 ----a-w c:\windows\system32\osuninst.dll+ 2004-08-04 05:56:46 67,584 ----a-w c:\windows\system32\osuninst.dll+ 2004-08-04 05:56:46 116,224 ------w c:\windows\system32\p2p.dll+ 2004-08-04 05:56:46 86,016 ------w c:\windows\system32\p2pgasvc.dll+ 2004-08-04 05:56:46 312,320 ------w c:\windows\system32\p2pgraph.dll+ 2004-08-04 05:56:46 88,064 ------w c:\windows\system32\p2pnetsh.dll+ 2004-08-04 05:56:46 526,848 ------w c:\windows\system32\p2psvc.dll- 2001-08-18 12:00:00 52,224 ----a-w c:\windows\system32\packager.exe+ 2004-08-04 05:56:56 58,368 ----a-w c:\windows\system32\packager.exe- 2001-08-18 12:00:00 58,368 ----a-w c:\windows\system32\pautoenr.dll+ 2004-08-04 05:56:46 62,976 ----a-w c:\windows\system32\pautoenr.dll- 2001-08-18 12:00:00 250,880 ----a-w c:\windows\system32\pdh.dll+ 2004-08-04 05:56:46 283,648 ----a-w c:\windows\system32\pdh.dll- 2008-12-20 15:10:53 40,196 ----a-w c:\windows\system32\perfc009.dat+ 2009-02-19 17:21:35 40,196 ----a-w c:\windows\system32\perfc009.dat- 2001-08-18 12:00:00 37,376 ----a-w c:\windows\system32\perfctrs.dll+ 2004-08-04 05:56:46 39,936 ----a-w c:\windows\system32\perfctrs.dll- 2001-08-18 12:00:00 23,552 ----a-w c:\windows\system32\perfdisk.dll+ 2004-08-04 05:56:46 26,624 ----a-w c:\windows\system32\perfdisk.dll- 2008-12-20 15:10:53 311,934 ----a-w c:\windows\system32\perfh009.dat+ 2009-02-19 17:21:35 311,934 ----a-w c:\windows\system32\perfh009.dat- 2001-08-18 12:00:00 14,336 ----a-w c:\windows\system32\perfmon.exe+ 2004-08-04 05:56:56 15,872 ----a-w c:\windows\system32\perfmon.exe- 2001-08-18 12:00:00 23,040 ----a-w c:\windows\system32\perfos.dll+ 2004-08-04 05:56:46 25,088 ----a-w c:\windows\system32\perfos.dll- 2001-08-18 12:00:00 32,256 ----a-w c:\windows\system32\perfproc.dll+ 2004-08-04 05:56:46 34,816 ----a-w c:\windows\system32\perfproc.dll- 2001-08-18 12:00:00 166,912 ----a-w c:\windows\system32\photowiz.dll+ 2004-08-04 05:56:46 176,128 ----a-w c:\windows\system32\photowiz.dll- 2002-08-29 07:41:00 31,744 ----a-w c:\windows\system32\pid.dll+ 2004-08-04 05:56:46 35,328 ----a-w c:\windows\system32\pid.dll- 2001-08-18 12:00:00 27,136 ----a-w c:\windows\system32\pidgen.dll+ 2004-08-04 04:04:42 24,064 ----a-w c:\windows\system32\pidgen.dll- 2001-08-18 12:00:00 14,848 ----a-w c:\windows\system32\ping.exe+ 2004-08-04 05:56:56 17,920 ----a-w c:\windows\system32\ping.exe- 2001-08-18 12:00:00 12,800 ----a-w c:\windows\system32\pjlmon.dll+ 2004-08-04 05:56:46 15,360 ----a-w c:\windows\system32\pjlmon.dll- 2001-08-18 12:00:00 30,208 ----a-w c:\windows\system32\pngfilt.dll+ 2004-08-04 05:56:46 39,424 ----a-w c:\windows\system32\pngfilt.dll+ 2004-08-04 05:56:46 48,640 ------w c:\windows\system32\pnrpnsp.dll- 2001-08-18 12:00:00 87,552 ----a-w c:\windows\system32\polstore.dll+ 2004-08-04 05:56:46 105,472 ----a-w c:\windows\system32\polstore.dll+ 2004-08-04 05:56:56 49,152 ------w c:\windows\system32\powercfg.exe- 2001-08-18 12:00:00 14,848 ----a-w c:\windows\system32\powrprof.dll+ 2004-08-04 05:56:46 17,408 ----a-w c:\windows\system32\powrprof.dll- 2001-08-18 12:00:00 522,240 ----a-w c:\windows\system32\printui.dll+ 2004-08-04 05:56:46 560,640 ----a-w c:\windows\system32\printui.dll- 2001-08-18 12:00:00 28,672 ----a-w c:\windows\system32\profmap.dll+ 2004-08-04 05:56:46 27,648 ----a-w c:\windows\system32\profmap.dll- 2001-08-18 12:00:00 205,824 ----a-w c:\windows\system32\progman.exe+ 2004-08-04 05:56:56 109,568 ----a-w c:\windows\system32\progman.exe- 2001-08-18 12:00:00 45,056 ----a-w c:\windows\system32\proquota.exe+ 2004-08-04 05:56:56 50,176 ----a-w c:\windows\system32\proquota.exe+ 2004-08-04 05:56:56 9,216 ------w c:\windows\system32\proxycfg.exe- 2001-08-18 12:00:00 17,408 ------w c:\windows\system32\psapi.dll+ 2004-08-04 05:56:46 23,040 ----a-w c:\windows\system32\psapi.dll- 2001-08-18 12:00:00 82,944 ----a-w c:\windows\system32\psbase.dll+ 2004-08-04 05:56:46 96,768 ----a-w c:\windows\system32\psbase.dll- 2004-07-09 08:26:40 354,816 ----a-w c:\windows\system32\psisdecd.dll+ 2004-08-04 05:56:46 363,520 ----a-w c:\windows\system32\psisdecd.dll- 2001-08-18 12:00:00 37,888 ----a-w c:\windows\system32\pstorec.dll+ 2004-08-04 05:56:46 43,520 ----a-w c:\windows\system32\pstorec.dll- 2001-08-18 12:00:00 25,600 ----a-w c:\windows\system32\pstorsvc.dll+ 2004-08-04 05:56:46 34,304 ----a-w c:\windows\system32\pstorsvc.dll- 2002-12-12 04:14:32 257,024 ----a-w c:\windows\system32\qcap.dll+ 2004-08-04 05:56:46 192,512 ----a-w c:\windows\system32\qcap.dll- 2004-07-09 08:27:28 316,928 ----a-w c:\windows\system32\qdv.dll+ 2004-08-04 05:56:46 279,040 ----a-w c:\windows\system32\qdv.dll- 2004-07-09 08:27:28 470,528 ----a-w c:\windows\system32\qdvd.dll+ 2004-08-04 05:56:46 385,024 ----a-w c:\windows\system32\qdvd.dll- 2002-12-12 04:14:32 1,798,144 ----a-w c:\windows\system32\qedit.dll+ 2004-08-04 05:56:46 562,176 ----a-w c:\windows\system32\qedit.dll- 2002-12-12 04:14:32 733,184 ----a-w c:\windows\system32\qedwipes.dll+ 2004-08-04 05:56:26 733,696 ----a-w c:\windows\system32\qedwipes.dll- 2004-07-01 22:08:18 361,984 ----a-w c:\windows\system32\qmgr.dll+ 2004-08-04 05:56:46 382,464 ----a-w c:\windows\system32\qmgr.dll- 2004-07-01 22:08:18 17,408 ----a-w c:\windows\system32\qmgrprxy.dll+ 2004-08-04 05:56:46 18,944 ----a-w c:\windows\system32\qmgrprxy.dll- 2001-08-18 12:00:00 18,432 ----a-w c:\windows\system32\qprocess.exe+ 2004-08-04 05:56:56 20,480 ----a-w c:\windows\system32\qprocess.exe- 2003-05-30 13:00:02 1,962,496 ----a-w c:\windows\system32\quartz.dll+ 2004-08-04 05:56:46 1,287,680 ----a-w c:\windows\system32\quartz.dll- 2001-08-18 12:00:00 1,337,856 ----a-w c:\windows\system32\query.dll+ 2004-08-04 05:56:46 1,435,648 ----a-w c:\windows\system32\query.dll- 2001-08-18 12:00:00 33,280 ----a-w c:\windows\system32\racpldlg.dll+ 2004-08-04 05:56:46 43,520 ----a-w c:\windows\system32\racpldlg.dll- 2001-08-18 12:00:00 6,144 ----a-w c:\windows\system32\rasadhlp.dll+ 2004-08-04 05:56:46 8,192 ----a-w c:\windows\system32\rasadhlp.dll- 2001-08-18 12:00:00 214,528 ----a-w c:\windows\system32\rasapi32.dll+ 2004-08-04 05:56:46 236,544 ----a-w c:\windows\system32\rasapi32.dll- 2001-08-18 12:00:00 82,944 ----a-w c:\windows\system32\rasauto.dll+ 2004-08-04 05:56:46 89,088 ----a-w c:\windows\system32\rasauto.dll- 2001-08-18 12:00:00 34,304 ----a-w c:\windows\system32\raschap.dll+ 2004-08-04 05:56:46 69,632 ----a-w c:\windows\system32\raschap.dll- 2001-08-18 12:00:00 630,784 ----a-w c:\windows\system32\rasdlg.dll+ 2004-08-04 05:56:46 657,920 ----a-w c:\windows\system32\rasdlg.dll- 2001-08-18 12:00:00 55,808 ----a-w c:\windows\system32\rasman.dll+ 2004-08-04 05:56:46 61,440 ----a-w c:\windows\system32\rasman.dll- 2001-08-18 12:00:00 159,744 ----a-w c:\windows\system32\rasmans.dll+ 2004-08-04 05:56:46 174,080 ----a-w c:\windows\system32\rasmans.dll- 2001-08-18 12:00:00 54,272 ----a-w c:\windows\system32\rasphone.exe+ 2004-08-04 05:56:56 56,832 ----a-w c:\windows\system32\rasphone.exe- 2001-08-18 12:00:00 193,536 ----a-w c:\windows\system32\rasppp.dll+ 2004-08-04 05:56:46 206,336 ----a-w c:\windows\system32\rasppp.dll- 2001-08-18 12:00:00 13,824 ----a-w c:\windows\system32\rassapi.dll+ 2004-08-04 05:56:46 16,896 ----a-w c:\windows\system32\rassapi.dll- 2001-08-18 12:00:00 53,760 ----a-w c:\windows\system32\rastapi.dll+ 2004-08-04 05:56:46 58,880 ----a-w c:\windows\system32\rastapi.dll- 2001-08-18 12:00:00 52,224 ----a-w c:\windows\system32\rastls.dll+ 2004-08-04 05:56:46 112,128 ----a-w c:\windows\system32\rastls.dll- 2001-08-18 12:00:00 96,256 ----a-w c:\windows\system32\rcbdyctl.dll+ 2004-08-04 05:56:46 102,400 ----a-w c:\windows\system32\rcbdyctl.dll- 2001-08-18 12:00:00 34,304 ----a-w c:\windows\system32\rcimlby.exe+ 2004-08-04 05:56:56 35,840 ----a-w c:\windows\system32\rcimlby.exe- 2001-08-18 12:00:00 19,968 ----a-w c:\windows\system32\rcp.exe+ 2004-08-04 05:56:56 21,504 ----a-w c:\windows\system32\rcp.exe- 2001-08-18 12:00:00 134,656 ----a-w c:\windows\system32\rdchost.dll+ 2004-08-04 05:56:46 147,968 ----a-w c:\windows\system32\rdchost.dll- 2001-08-18 12:00:00 41,984 ----a-w c:\windows\system32\rdpclip.exe+ 2004-08-04 05:56:56 62,464 ----a-w c:\windows\system32\rdpclip.exe- 2001-08-18 12:00:00 87,048 ----a-w c:\windows\system32\rdpdd.dll+ 2004-08-04 06:01:08 92,168 ----a-w c:\windows\system32\rdpdd.dll- 2001-08-18 12:00:00 14,848 ----a-w c:\windows\system32\rdpsnd.dll+ 2004-08-04 05:56:46 19,968 ----a-w c:\windows\system32\rdpsnd.dll- 2001-08-18 12:00:00 73,864 ----a-w c:\windows\system32\rdpwsx.dll+ 2004-08-04 06:01:10 87,176 ----a-w c:\windows\system32\rdpwsx.dll- 2001-08-18 12:00:00 12,288 ----a-w c:\windows\system32\rdsaddin.exe+ 2004-08-04 05:56:56 13,824 ----a-w c:\windows\system32\rdsaddin.exe- 2001-08-18 12:00:00 61,952 ----a-w c:\windows\system32\rdshost.exe+ 2004-08-04 05:56:56 67,072 ----a-w c:\windows\system32\rdshost.exe- 2001-08-18 12:00:00 3,338 ----a-w c:\windows\system32\redir.exe+ 2004-08-04 03:48:46 3,338 ----a-w c:\windows\system32\redir.exe- 2001-08-18 12:00:00 48,128 ----a-w c:\windows\system32\reg.exe+ 2004-08-04 05:56:56 50,176 ----a-w c:\windows\system32\reg.exe- 2001-08-18 12:00:00 44,032 ----a-w c:\windows\system32\regapi.dll+ 2004-08-04 05:56:46 49,664 ----a-w c:\windows\system32\regapi.dll- 2001-08-18 12:00:00 51,712 ----a-w c:\windows\system32\regsvc.dll+ 2004-08-04 05:56:46 59,904 ----a-w c:\windows\system32\regsvc.dll- 2001-08-18 12:00:00 9,728 ----a-w c:\windows\system32\regsvr32.exe+ 2004-08-04 05:56:56 11,776 ----a-w c:\windows\system32\regsvr32.exe- 2001-08-18 12:00:00 387,584 ----a-w c:\windows\system32\regwizc.dll+ 2004-08-04 05:56:46 397,824 ----a-w c:\windows\system32\regwizc.dll+ 2001-08-17 13:28:04 150,239 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\HSF_AMOS.sys+ 2001-08-17 13:28:04 67,167 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\HSF_BSC2.sys+ 2001-08-17 13:28:06 289,887 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\HSF_FALL.sys+ 2001-08-17 13:28:06 199,711 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\HSF_FAXX.sys+ 2001-08-17 13:28:06 115,807 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\HSF_FSKS.sys+ 2001-08-17 22:36:16 9,759 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\HSF_INST.dll+ 2001-08-17 13:28:08 391,199 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\HSF_K56K.sys+ 2001-08-17 13:28:10 542,879 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\HSF_MSFT.sys+ 2001-08-17 13:28:10 57,471 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\HSF_SAMP.sys+ 2001-08-17 13:28:10 44,863 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\HSF_SOAR.sys+ 2001-08-17 13:28:10 73,279 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\HSF_SPKP.sys+ 2001-08-17 13:28:12 50,751 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\HSF_TONE.sys+ 2001-08-17 13:28:12 488,383 ----a-w c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\HSF_V124.sys+ 2001-08-18 12:00:00 30,592 ----a-w c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\processr.sys- 2001-08-18 12:00:00 56,320 ----a-w c:\windows\system32\remotepg.dll+ 2004-08-04 05:56:46 60,416 ----a-w c:\windows\system32\remotepg.dll- 2001-08-18 12:00:00 366,080 ----a-w c:\windows\system32\Restore\rstrui.exe+ 2004-08-04 05:56:56 380,416 ----a-w c:\windows\system32\Restore\rstrui.exe- 2001-08-18 12:00:00 54,784 ----a-w c:\windows\system32\resutils.dll+ 2004-08-04 05:56:46 58,880 ----a-w c:\windows\system32\resutils.dll- 2001-08-18 12:00:00 11,776 ----a-w c:\windows\system32\rexec.exe+ 2004-08-04 05:56:56 13,824 ----a-w c:\windows\system32\rexec.exe- 2001-08-18 12:00:00 426,496 ----a-w c:\windows\system32\riched20.dll+ 2004-08-04 05:56:46 431,616 ----a-w c:\windows\system32\riched20.dll- 2001-08-18 12:00:00 463,872 ----a-w c:\windows\system32\rpcrt4.dll+ 2004-08-04 05:56:46 581,120 ----a-w c:\windows\system32\rpcrt4.dll- 2001-08-18 12:00:00 259,072 ----a-w c:\windows\system32\rpcss.dll+ 2004-08-04 05:56:46 395,776 ----a-w c:\windows\system32\rpcss.dll- 2001-08-18 12:00:00 131,584 ----a-w c:\windows\system32\rsaenh.dll+ 2004-08-04 03:31:44 152,576 ----a-w c:\windows\system32\rsaenh.dll- 2001-08-18 12:00:00 13,312 ----a-w c:\windows\system32\rsh.exe+ 2004-08-04 05:56:56 14,848 ----a-w c:\windows\system32\rsh.exe- 2001-08-18 12:00:00 35,840 ----a-w c:\windows\system32\rshx32.dll+ 2004-08-04 05:56:46 39,936 ----a-w c:\windows\system32\rshx32.dll- 2001-08-18 12:00:00 18,432 ----a-w c:\windows\system32\rsmps.dll+ 2004-08-04 05:56:46 18,944 ----a-w c:\windows\system32\rsmps.dll- 2001-08-18 12:00:00 74,240 ----a-w c:\windows\system32\rtcshare.exe+ 2004-08-04 05:56:56 77,312 ----a-w c:\windows\system32\rtcshare.exe- 2001-08-18 12:00:00 29,696 ----a-w c:\windows\system32\rtipxmib.dll+ 2004-08-04 05:56:46 31,744 ----a-w c:\windows\system32\rtipxmib.dll- 2001-08-18 12:00:00 39,936 ----a-w c:\windows\system32\rtutils.dll+ 2004-08-04 05:56:46 44,032 ----a-w c:\windows\system32\rtutils.dll- 2001-08-18 12:00:00 31,744 ----a-w c:\windows\system32\rundll32.exe+ 2004-08-04 05:56:56 33,280 ----a-w c:\windows\system32\rundll32.exe- 2001-08-18 12:00:00 12,288 ----a-w c:\windows\system32\runonce.exe+ 2004-08-04 05:56:56 14,336 ----a-w c:\windows\system32\runonce.exe+ 2004-08-04 05:56:46 397,056 ------w c:\windows\system32\s3gnb.dll- 2001-08-18 12:00:00 39,424 ----a-w c:\windows\system32\safrcdlg.dll+ 2004-08-04 05:56:46 43,520 ----a-w c:\windows\system32\safrcdlg.dll- 2001-08-18 12:00:00 26,624 ----a-w c:\windows\system32\safrdm.dll+ 2004-08-04 05:56:46 29,696 ----a-w c:\windows\system32\safrdm.dll- 2001-08-18 12:00:00 40,960 ----a-w c:\windows\system32\safrslv.dll+ 2004-08-04 05:56:46 45,568 ----a-w c:\windows\system32\safrslv.dll- 2001-08-18 12:00:00 54,784 ----a-w c:\windows\system32\samlib.dll+ 2004-08-04 05:56:46 64,000 ----a-w c:\windows\system32\samlib.dll- 2001-08-18 12:00:00 411,136 ----a-w c:\windows\system32\samsrv.dll+ 2004-08-04 05:56:46 415,744 ----a-w c:\windows\system32\samsrv.dll- 2001-08-18 12:00:00 19,456 ----a-w c:\windows\system32\savedump.exe+ 2004-08-04 05:56:56 13,312 ----a-w c:\windows\system32\savedump.exe+ 2004-08-04 05:56:46 270,848 ------w c:\windows\system32\sbe.dll+ 2004-08-04 05:56:46 159,232 ------w c:\windows\system32\sbeio.dll- 2001-08-18 12:00:00 66,560 ----a-w c:\windows\system32\scarddlg.dll+ 2004-08-04 05:56:46 69,632 ----a-w c:\windows\system32\scarddlg.dll- 2001-08-18 12:00:00 93,184 ----a-w c:\windows\system32\scardsvr.exe+ 2004-08-04 05:56:56 95,744 ----a-w c:\windows\system32\scardsvr.exe- 2001-08-18 12:00:00 169,984 ----a-w c:\windows\system32\sccbase.dll+ 2004-08-04 03:31:44 169,984 ----a-w c:\windows\system32\sccbase.dll- 2001-08-18 12:00:00 171,008 ----a-w c:\windows\system32\sccsccp.dll+ 2004-08-04 05:56:46 171,008 ----a-w c:\windows\system32\sccsccp.dll- 2001-08-18 12:00:00 174,080 ----a-w c:\windows\system32\scecli.dll+ 2004-08-04 05:56:46 180,224 ----a-w c:\windows\system32\scecli.dll- 2001-08-18 12:00:00 295,936 ----a-w c:\windows\system32\scesrv.dll+ 2004-08-04 05:56:46 313,856 ----a-w c:\windows\system32\scesrv.dll- 2001-08-18 12:00:00 133,632 ----a-w c:\windows\system32\schannel.dll+ 2004-08-04 05:56:46 144,896 ----a-w c:\windows\system32\schannel.dll- 2001-08-18 12:00:00 158,720 ----a-w c:\windows\system32\schedsvc.dll+ 2004-08-04 05:56:46 190,976 ----a-w c:\windows\system32\schedsvc.dll- 2001-08-18 12:00:00 18,432 ----a-w c:\windows\system32\sclgntfy.dll+ 2004-08-04 05:56:46 20,992 ----a-w c:\windows\system32\sclgntfy.dll- 2001-08-18 12:00:00 8,192 ----a-w c:\windows\system32\scrnsave.scr+ 2004-08-04 05:56:58 9,216 ----a-w c:\windows\system32\scrnsave.scr- 2001-08-18 12:00:00 155,675 ----a-w c:\windows\system32\scrobj.dll+ 2004-08-04 05:56:46 159,744 ----a-w c:\windows\system32\scrobj.dll- 2001-08-18 12:00:00 147,483 ----a-w c:\windows\system32\scrrun.dll+ 2004-08-04 05:56:46 151,552 ----a-w c:\windows\system32\scrrun.dll- 2001-08-18 12:00:00 37,888 ----a-w c:\windows\system32\sdbinst.exe+ 2004-08-04 05:56:56 77,312 ----a-w c:\windows\system32\sdbinst.exe+ 2004-08-04 05:56:46 29,184 ------w c:\windows\system32\sdhcinst.dll- 2001-08-18 12:00:00 20,992 ----a-w c:\windows\system32\seclogon.dll+ 2004-08-04 05:56:46 18,944 ----a-w c:\windows\system32\seclogon.dll+ 2004-08-02 19:20:40 4,569 ------w c:\windows\system32\secupd.dat- 2001-08-18 12:00:00 52,224 ----a-w c:\windows\system32\secur32.dll+ 2004-08-04 05:56:46 55,808 ----a-w c:\windows\system32\secur32.dll- 2001-08-18 12:00:00 5,632 ----a-w c:\windows\system32\security.dll+ 2004-08-04 05:56:46 5,632 ----a-w c:\windows\system32\security.dll- 2001-08-18 12:00:00 27,136 ----a-w c:\windows\system32\sendcmsg.dll+ 2004-08-04 05:56:46 29,184 ----a-w c:\windows\system32\sendcmsg.dll- 2001-08-18 12:00:00 53,248 ----a-w c:\windows\system32\sendmail.dll+ 2004-08-04 05:56:46 55,296 ----a-w c:\windows\system32\sendmail.dll- 2001-08-18 12:00:00 35,840 ----a-w c:\windows\system32\sens.dll+ 2004-08-04 05:56:46 38,912 ----a-w c:\windows\system32\sens.dll- 2001-08-18 12:00:00 6,144 ----a-w c:\windows\system32\sensapi.dll+ 2004-08-04 05:56:46 6,656 ----a-w c:\windows\system32\sensapi.dll- 2001-08-18 12:00:00 53,248 ----a-w c:\windows\system32\servdeps.dll+ 2004-08-04 05:56:46 56,320 ----a-w c:\windows\system32\servdeps.dll- 2001-08-18 12:00:00 101,376 ----a-w c:\windows\system32\services.exe+ 2004-08-04 05:56:56 108,032 ----a-w c:\windows\system32\services.exe- 2001-08-18 12:00:00 130,048 ----a-w c:\windows\system32\sessmgr.exe+ 2004-08-04 05:56:58 140,800 ----a-w c:\windows\system32\sessmgr.exe- 2001-08-18 12:00:00 28,672 ----a-w c:\windows\system32\sethc.exe+ 2004-08-04 05:56:58 31,232 ----a-w c:\windows\system32\sethc.exe- 2001-08-18 12:00:00 20,992 ----a-w c:\windows\system32\setup.exe+ 2004-08-04 05:56:58 23,040 ----a-w c:\windows\system32\setup.exe- 2001-08-18 12:00:00 32,828 ----a-w c:\windows\system32\Setup\fp40ext.dll+ 2004-08-04 05:56:44 32,828 ----a-w c:\windows\system32\Setup\fp40ext.dll- 2001-08-18 12:00:00 122,368 ----a-w c:\windows\system32\Setup\fxsocm.dll+ 2004-08-04 05:56:44 132,608 ----a-w c:\windows\system32\Setup\fxsocm.dll- 2001-08-18 12:00:00 468,480 ------w c:\windows\system32\Setup\iis.dll+ 2004-08-04 05:56:44 505,344 ----a-w c:\windows\system32\Setup\iis.dll- 2001-08-18 12:00:00 24,606 ----a-w c:\windows\system32\Setup\msgrocm.dll+ 2004-08-04 05:56:44 15,360 ----a-w c:\windows\system32\Setup\msgrocm.dll- 2001-08-18 12:00:00 71,168 ----a-w c:\windows\system32\Setup\netoc.dll+ 2004-08-04 05:56:46 77,312 ----a-w c:\windows\system32\Setup\netoc.dll- 2001-08-18 12:00:00 61,440 ----a-w c:\windows\system32\Setup\ntoc.dll+ 2004-08-04 05:56:46 62,976 ----a-w c:\windows\system32\Setup\ntoc.dll- 2001-08-18 12:00:00 11,776 ----a-w c:\windows\system32\Setup\ocgen.dll+ 2004-08-04 05:56:46 15,872 ----a-w c:\windows\system32\Setup\ocgen.dll- 2001-08-18 12:00:00 36,864 ----a-w c:\windows\system32\Setup\ocmsn.dll+ 2004-08-04 05:56:46 17,408 ----a-w c:\windows\system32\Setup\ocmsn.dll- 2001-08-18 12:00:00 96,768 ----a-w c:\windows\system32\Setup\setupqry.dll+ 2004-08-04 05:56:46 101,376 ----a-w c:\windows\system32\Setup\setupqry.dll+ 2004-08-04 05:56:46 22,016 ----a-w c:\windows\system32\Setup\startoc.dll- 2001-08-18 12:00:00 99,840 ----a-w c:\windows\system32\Setup\tsoc.dll+ 2004-08-04 05:56:48 121,856 ----a-w c:\windows\system32\Setup\tsoc.dll- 2001-08-18 12:00:00 922,624 ----a-w c:\windows\system32\setupapi.dll+ 2004-08-04 05:56:46 983,552 ----a-w c:\windows\system32\setupapi.dll- 2001-08-18 12:00:00 4,096 ----a-w c:\windows\system32\sfc.dll+ 2004-08-04 05:56:46 5,120 ----a-w c:\windows\system32\sfc.dll- 2001-08-18 12:00:00 132,608 ----a-w c:\windows\system32\sfc_os.dll+ 2004-08-04 05:56:46 140,288 ----a-w c:\windows\system32\sfc_os.dll- 2001-08-18 12:00:00 1,562,112 ----a-w c:\windows\system32\sfcfiles.dll+ 2004-08-04 05:56:46 1,580,544 ----a-w c:\windows\system32\sfcfiles.dll- 2001-08-18 12:00:00 548,864 ----a-w c:\windows\system32\shdoclc.dll+ 2004-08-04 05:56:28 549,376 ----a-w c:\windows\system32\shdoclc.dll- 2001-08-18 12:00:00 1,338,880 ----a-w c:\windows\system32\shdocvw.dll+ 2004-08-04 05:56:46 1,483,264 ----a-w c:\windows\system32\shdocvw.dll- 2001-08-18 12:00:00 8,222,208 ----a-w c:\windows\system32\shell32.dll+ 2004-08-04 05:56:46 8,384,000 ----a-w c:\windows\system32\shell32.dll- 2001-08-18 12:00:00 22,528 ------w c:\windows\system32\shfolder.dll+ 2004-08-04 05:56:46 25,088 ----a-w c:\windows\system32\shfolder.dll- 2001-08-18 12:00:00 62,464 ----a-w c:\windows\system32\shgina.dll+ 2004-08-04 05:56:46 68,096 ----a-w c:\windows\system32\shgina.dll- 2001-08-18 12:00:00 54,784 ----a-w c:\windows\system32\shimeng.dll+ 2004-08-04 05:56:46 65,536 ----a-w c:\windows\system32\shimeng.dll- 2001-08-18 12:00:00 419,840 ----a-w c:\windows\system32\shimgvw.dll+ 2004-08-04 05:56:46 438,272 ----a-w c:\windows\system32\shimgvw.dll- 2001-08-18 12:00:00 397,824 ----a-w c:\windows\system32\shlwapi.dll+ 2004-08-04 05:56:46 473,600 ----a-w c:\windows\system32\shlwapi.dll- 2002-09-19 15:27:40 126,464 ----a-w c:\windows\system32\shmedia.dll+ 2004-08-04 05:56:46 151,552 ----a-w c:\windows\system32\shmedia.dll- 2001-08-18 12:00:00 21,504 ----a-w c:\windows\system32\shmgrate.exe+ 2004-08-04 05:56:58 42,496 ----a-w c:\windows\system32\shmgrate.exe- 2001-08-18 12:00:00 69,632 ----a-w c:\windows\system32\shrpubw.exe+ 2004-08-04 05:56:58 77,824 ----a-w c:\windows\system32\shrpubw.exe- 2001-08-18 12:00:00 23,040 ----a-w c:\windows\system32\shscrap.dll+ 2004-08-04 05:56:46 27,648 ----a-w c:\windows\system32\shscrap.dll- 2001-08-18 12:00:00 114,688 ----a-w c:\windows\system32\shsvcs.dll+ 2004-08-04 05:56:46 134,656 ----a-w c:\windows\system32\shsvcs.dll- 2001-08-18 12:00:00 17,920 ----a-w c:\windows\system32\shutdown.exe+ 2004-08-04 05:56:58 19,456 ----a-w c:\windows\system32\shutdown.exe- 2001-08-18 12:00:00 11,776 ----a-w c:\windows\system32\sigtab.dll+ 2004-08-04 05:56:46 13,312 ----a-w c:\windows\system32\sigtab.dll- 2001-08-18 12:00:00 66,048 ----a-w c:\windows\system32\sigverif.exe+ 2004-08-04 05:56:58 70,144 ----a-w c:\windows\system32\sigverif.exe- 2001-08-18 12:00:00 24,064 ----a-w c:\windows\system32\skeys.exe+ 2004-08-04 05:56:58 26,112 ----a-w c:\windows\system32\skeys.exe- 2001-08-18 12:00:00 22,016 ----a-w c:\windows\system32\slayerxp.dll+ 2004-08-04 05:56:46 25,088 ----a-w c:\windows\system32\slayerxp.dll- 2001-08-18 12:00:00 276,480 ----a-w c:\windows\system32\slbcsp.dll+ 2004-08-04 03:31:44 306,176 ----a-w c:\windows\system32\slbcsp.dll- 2001-08-18 12:00:00 89,600 ----a-w c:\windows\system32\slbiop.dll+ 2004-08-04 05:56:46 98,304 ----a-w c:\windows\system32\slbiop.dll+ 2004-08-04 05:56:46 73,832 ------w c:\windows\system32\slcoinst.dll+ 2004-08-04 05:56:46 286,792 ------w c:\windows\system32\slextspk.dll+ 2004-08-04 05:56:46 188,508 ------w c:\windows\system32\slgen.dll+ 2004-08-04 05:56:58 32,866 ------w c:\windows\system32\slrundll.exe+ 2004-08-04 05:56:58 73,796 ------w c:\windows\system32\slserv.exe+ 2004-08-04 05:56:58 8,192 ------w c:\windows\system32\smbinst.exe- 2001-08-18 12:00:00 332,288 ----a-w c:\windows\system32\smlogcfg.dll+ 2004-08-04 05:56:46 363,008 ----a-w c:\windows\system32\smlogcfg.dll- 2001-08-18 12:00:00 86,016 ----a-w c:\windows\system32\smlogsvc.exe+ 2004-08-04 05:56:58 89,600 ----a-w c:\windows\system32\smlogsvc.exe- 2001-08-18 12:00:00 45,568 ----a-w c:\windows\system32\smss.exe+ 2004-08-04 05:56:58 50,688 ----a-w c:\windows\system32\smss.exe- 2001-08-18 12:00:00 124,416 ----a-w c:\windows\system32\sndrec32.exe+ 2004-08-04 05:56:58 131,584 ----a-w c:\windows\system32\sndrec32.exe- 2001-08-18 12:00:00 16,896 ----a-w c:\windows\system32\snmpapi.dll+ 2004-08-04 05:56:46 18,944 ----a-w c:\windows\system32\snmpapi.dll- 2001-08-18 12:00:00 172,032 ----a-w c:\windows\system32\snmpsnap.dll+ 2004-08-04 05:56:46 182,272 ----a-w c:\windows\system32\snmpsnap.dll+ 2004-08-04 05:56:58 8,192 ----a-w c:\windows\system32\spdwnwxp.exe- 2001-08-18 12:00:00 534,016 ----a-w c:\windows\system32\spider.exe+ 2004-08-04 05:56:58 538,624 ----a-w c:\windows\system32\spider.exe+ 2004-08-04 05:56:58 11,776 ------w c:\windows\system32\spnpinst.exe- 2004-03-22 20:17:04 765,680 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mdigraph.dll+ 2007-04-09 18:24:04 758,664 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mdigraph.dll- 2004-03-22 20:17:10 42,224 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mdiui.dll+ 2007-04-09 18:23:58 46,472 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mdiui.dll- 2004-03-22 20:17:04 765,680 ----a-w c:\windows\system32\spool\drivers\w32x86\mdigraph.dll+ 2007-04-09 18:24:04 758,664 ----a-w c:\windows\system32\spool\drivers\w32x86\mdigraph.dll- 2004-03-22 20:17:10 42,224 ----a-w c:\windows\system32\spool\drivers\w32x86\mdiui.dll+ 2007-04-09 18:23:58 46,472 ----a-w c:\windows\system32\spool\drivers\w32x86\mdiui.dll- 2004-03-22 20:17:08 25,840 ----a-w c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll+ 2007-04-09 18:23:54 28,552 ----a-w c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll- 2001-08-18 12:00:00 66,560 ----a-w c:\windows\system32\spoolss.dll+ 2004-08-04 05:56:46 74,752 ----a-w c:\windows\system32\spoolss.dll- 2001-08-18 12:00:00 51,200 ----a-w c:\windows\system32\spoolsv.exe+ 2004-08-04 05:56:58 57,856 ----a-w c:\windows\system32\spoolsv.exe+ 2004-08-04 05:56:58 21,504 ------w c:\windows\system32\spupdwxp.exe- 2001-08-18 12:00:00 356,352 ----a-w c:\windows\system32\sqlsrv32.dll+ 2004-08-04 05:56:46 442,368 ----a-w c:\windows\system32\sqlsrv32.dll- 2001-08-18 12:00:00 180,800 ----a-w c:\windows\system32\sqlunirl.dll+ 2004-08-04 05:56:46 180,800 ----a-w c:\windows\system32\sqlunirl.dll- 2001-08-18 12:00:00 61,952 ----a-w c:\windows\system32\srclient.dll+ 2004-08-04 05:56:46 67,584 ----a-w c:\windows\system32\srclient.dll- 2002-11-14 19:42:34 218,624 ----a-w c:\windows\system32\srrstr.dll+ 2004-08-04 05:56:46 239,104 ----a-w c:\windows\system32\srrstr.dll- 2001-08-18 12:00:00 155,136 ----a-w c:\windows\system32\srsvc.dll+ 2004-08-04 05:56:46 170,496 ----a-w c:\windows\system32\srsvc.dll- 2001-08-18 12:00:00 87,040 ----a-w c:\windows\system32\srvsvc.dll+ 2004-08-04 05:56:46 96,768 ----a-w c:\windows\system32\srvsvc.dll- 2001-08-18 12:00:00 667,648 ----a-w c:\windows\system32\ss3dfo.scr+ 2004-08-04 05:56:58 704,512 ----a-w c:\windows\system32\ss3dfo.scr- 2001-08-18 12:00:00 18,944 ----a-w c:\windows\system32\ssbezier.scr+ 2004-08-04 05:56:58 19,968 ----a-w c:\windows\system32\ssbezier.scr- 2001-08-18 12:00:00 26,624 ----a-w c:\windows\system32\ssdpapi.dll+ 2004-08-04 05:56:46 34,816 ----a-w c:\windows\system32\ssdpapi.dll- 2001-08-18 12:00:00 41,472 ----a-w c:\windows\system32\ssdpsrv.dll+ 2004-08-04 05:56:46 71,680 ----a-w c:\windows\system32\ssdpsrv.dll- 2001-08-18 12:00:00 364,544 ----a-w c:\windows\system32\ssflwbox.scr+ 2004-08-04 05:56:58 393,216 ----a-w c:\windows\system32\ssflwbox.scr- 2001-08-18 12:00:00 19,456 ----a-w c:\windows\system32\ssmarque.scr+ 2004-08-04 05:56:58 20,992 ----a-w c:\windows\system32\ssmarque.scr- 2001-08-18 12:00:00 43,008 ----a-w c:\windows\system32\ssmypics.scr+ 2004-08-04 05:56:58 47,104 ----a-w c:\windows\system32\ssmypics.scr- 2001-08-18 12:00:00 17,408 ----a-w c:\windows\system32\ssmyst.scr+ 2004-08-04 05:56:58 18,944 ----a-w c:\windows\system32\ssmyst.scr- 2001-08-18 12:00:00 569,344 ----a-w c:\windows\system32\sspipes.scr+ 2004-08-04 05:56:58 610,304 ----a-w c:\windows\system32\sspipes.scr- 2001-08-18 12:00:00 13,312 ----a-w c:\windows\system32\ssstars.scr+ 2004-08-04 05:56:58 14,336 ----a-w c:\windows\system32\ssstars.scr- 2001-08-18 12:00:00 638,976 ----a-w c:\windows\system32\sstext3d.scr+ 2004-08-04 05:56:58 679,936 ----a-w c:\windows\system32\sstext3d.scr- 2001-08-18 12:00:00 60,928 ----a-w c:\windows\system32\sti.dll+ 2004-08-04 05:56:46 67,584 ----a-w c:\windows\system32\sti.dll- 2001-08-18 12:00:00 132,096 ----a-w c:\windows\system32\sti_ci.dll+ 2004-08-04 05:56:46 136,704 ----a-w c:\windows\system32\sti_ci.dll- 2001-08-18 12:00:00 20,480 ----a-w c:\windows\system32\stimon.exe+ 2004-08-04 05:56:58 14,848 ----a-w c:\windows\system32\stimon.exe- 2001-08-18 12:00:00 117,760 ----a-w c:\windows\system32\stobject.dll+ 2004-08-04 05:56:46 121,856 ----a-w c:\windows\system32\stobject.dll- 2001-08-17 22:36:32 70,656 ----a-w c:\windows\system32\storprop.dll+ 2004-08-04 05:56:46 74,752 ----a-w c:\windows\system32\storprop.dll- 2001-08-18 12:00:00 246,302 ----a-w c:\windows\system32\strmdll.dll+ 2004-08-04 05:56:46 246,302 ----a-w c:\windows\system32\strmdll.dll+ 2004-08-04 05:56:46 75,776 ------w c:\windows\system32\strmfilt.dll- 2001-08-18 12:00:00 12,800 ----a-w c:\windows\system32\svchost.exe+ 2004-08-04 05:56:58 14,336 ----a-w c:\windows\system32\svchost.exe- 2001-08-18 12:00:00 647,680 ----a-w c:\windows\system32\sxs.dll+ 2004-08-04 05:56:48 713,216 ----a-w c:\windows\system32\sxs.dll- 2001-08-18 12:00:00 51,712 ----a-w c:\windows\system32\synceng.dll+ 2004-08-04 05:56:48 57,856 ----a-w c:\windows\system32\synceng.dll- 2001-08-18 12:00:00 183,296 ----a-w c:\windows\system32\syncui.dll+ 2004-08-04 05:56:48 191,488 ----a-w c:\windows\system32\syncui.dll- 2001-08-18 12:00:00 103,936 ----a-w c:\windows\system32\sysocmgr.exe+ 2004-08-04 05:56:58 105,984 ----a-w c:\windows\system32\sysocmgr.exe- 2001-08-18 12:00:00 927,232 ----a-w c:\windows\system32\syssetup.dll+ 2004-08-04 05:56:48 984,576 ----a-w c:\windows\system32\syssetup.dll- 2001-08-18 12:00:00 198,656 ----a-w c:\windows\system32\t2embed.dll+ 2004-08-04 05:56:48 210,432 ----a-w c:\windows\system32\t2embed.dll- 2001-08-18 12:00:00 829,952 ----a-w c:\windows\system32\tapi3.dll+ 2004-08-04 05:56:48 858,624 ----a-w c:\windows\system32\tapi3.dll- 2001-08-18 12:00:00 163,328 ----a-w c:\windows\system32\tapi32.dll+ 2004-08-04 05:56:48 181,760 ----a-w c:\windows\system32\tapi32.dll- 2001-08-18 12:00:00 233,984 ----a-w c:\windows\system32\tapisrv.dll+ 2004-08-04 05:56:48 246,272 ----a-w c:\windows\system32\tapisrv.dll- 2001-08-18 12:00:00 128,512 ----a-w c:\windows\system32\taskmgr.exe+ 2004-08-04 05:56:58 135,680 ----a-w c:\windows\system32\taskmgr.exe- 2001-08-18 12:00:00 13,312 ----a-w c:\windows\system32\tcpmib.dll+ 2004-08-04 05:56:48 14,848 ----a-w c:\windows\system32\tcpmib.dll- 2001-08-18 12:00:00 40,448 ----a-w c:\windows\system32\tcpmon.dll+ 2004-08-04 05:56:48 45,568 ----a-w c:\windows\system32\tcpmon.dll- 2001-08-18 12:00:00 40,960 ----a-w c:\windows\system32\tcpmonui.dll+ 2004-08-04 05:56:48 45,568 ----a-w c:\windows\system32\tcpmonui.dll- 2001-08-18 12:00:00 70,144 ----a-w c:\windows\system32\telnet.exe+ 2004-08-04 05:56:58 75,264 ----a-w c:\windows\system32\telnet.exe- 2001-08-18 12:00:00 343,552 ----a-w c:\windows\system32\termmgr.dll+ 2004-08-04 05:56:48 358,400 ----a-w c:\windows\system32\termmgr.dll- 2001-08-18 12:00:00 197,632 ----a-r c:\windows\system32\termsrv.dll+ 2004-08-04 05:56:48 295,424 ----a-r c:\windows\system32\termsrv.dll- 2001-08-18 12:00:00 383,488 ----a-w c:\windows\system32\themeui.dll+ 2004-08-04 05:56:48 385,536 ----a-w c:\windows\system32\themeui.dll- 2001-08-18 12:00:00 346,624 ----a-w c:\windows\system32\tourstart.exe+ 2004-08-04 05:56:58 347,136 ----a-w c:\windows\system32\tourstart.exe- 2001-08-18 12:00:00 9,728 ----a-w c:\windows\system32\tracert.exe+ 2004-08-04 05:56:58 12,288 ----a-w c:\windows\system32\tracert.exe- 2001-08-18 12:00:00 80,384 ----a-w c:\windows\system32\trkwks.dll+ 2004-08-04 05:56:48 90,624 ----a-w c:\windows\system32\trkwks.dll- 2001-08-18 12:00:00 88,576 ----a-w c:\windows\system32\tscfgwmi.dll+ 2004-08-04 05:56:48 93,696 ----a-w c:\windows\system32\tscfgwmi.dll- 2001-08-18 12:00:00 40,448 ----a-w c:\windows\system32\tscupgrd.exe+ 2004-08-04 03:59:28 44,544 ----a-w c:\windows\system32\tscupgrd.exe- 2001-08-18 12:00:00 8,456 ----a-w c:\windows\system32\tsddd.dll+ 2004-08-04 06:01:08 12,168 ----a-w c:\windows\system32\tsddd.dll+ 2004-08-04 05:56:48 44,032 ------w c:\windows\system32\twext.dll- 2001-08-18 12:00:00 90,624 ----a-w c:\windows\system32\txflog.dll+ 2004-08-04 05:56:48 101,376 ----a-w c:\windows\system32\txflog.dll- 2001-08-18 12:00:00 21,504 ----a-w c:\windows\system32\udhisapi.dll+ 2004-08-04 05:56:48 25,600 ----a-w c:\windows\system32\udhisapi.dll- 2001-08-18 12:00:00 268,800 ----a-w c:\windows\system32\ulib.dll+ 2004-08-04 05:56:48 275,456 ----a-w c:\windows\system32\ulib.dll- 2001-08-18 12:00:00 31,744 ----a-w c:\windows\system32\umandlg.dll+ 2004-08-04 05:56:48 35,840 ----a-w c:\windows\system32\umandlg.dll- 2001-08-18 12:00:00 105,472 ----a-w c:\windows\system32\umpnpmgr.dll+ 2004-08-04 05:56:48 118,272 ----a-w c:\windows\system32\umpnpmgr.dll- 2001-08-18 12:00:00 69,120 ----a-w c:\windows\system32\unimdmat.dll+ 2004-08-04 05:56:48 74,240 ----a-w c:\windows\system32\unimdmat.dll- 2001-08-18 12:00:00 13,824 ----a-w c:\windows\system32\uniplat.dll+ 2004-08-04 05:56:48 13,824 ----a-w c:\windows\system32\uniplat.dll- 2001-08-18 12:00:00 302,080 ----a-w c:\windows\system32\untfs.dll+ 2004-08-04 05:56:48 316,416 ----a-w c:\windows\system32\untfs.dll- 2001-08-18 12:00:00 119,808 ----a-w c:\windows\system32\upnp.dll+ 2004-08-04 05:56:48 132,608 ----a-w c:\windows\system32\upnp.dll- 2001-08-18 12:00:00 14,848 ----a-w c:\windows\system32\upnpcont.exe+ 2004-08-04 05:56:58 16,896 ----a-w c:\windows\system32\upnpcont.exe- 2001-08-18 12:00:00 162,816 ----a-w c:\windows\system32\upnphost.dll+ 2004-08-04 05:56:48 185,344 ----a-w c:\windows\system32\upnphost.dll- 2001-08-18 12:00:00 231,424 ----a-w c:\windows\system32\upnpui.dll+ 2004-08-04 05:56:48 239,616 ----a-w c:\windows\system32\upnpui.dll- 2001-08-18 12:00:00 16,384 ----a-w c:\windows\system32\ups.exe+ 2004-08-04 05:56:58 18,432 ----a-w c:\windows\system32\ups.exe- 2001-08-18 12:00:00 109,568 ----a-w c:\windows\system32\url.dll+ 2004-08-04 05:56:48 37,888 ----a-w c:\windows\system32\url.dll- 2001-08-18 12:00:00 452,096 ----a-w c:\windows\system32\urlmon.dll+ 2004-08-04 05:56:48 601,088 ----a-w c:\windows\system32\urlmon.dll- 2001-08-18 12:00:00 14,848 ----a-w c:\windows\system32\usbmon.dll+ 2004-08-04 05:56:48 16,896 ----a-w c:\windows\system32\usbmon.dll- 2001-08-18 02:36:34 67,072 ----a-w c:\windows\system32\usbui.dll+ 2004-08-04 05:56:48 74,240 ----a-w c:\windows\system32\usbui.dll- 2001-08-18 12:00:00 561,152 ----a-w c:\windows\system32\user32.dll+ 2004-08-04 05:56:48 577,024 ----a-w c:\windows\system32\user32.dll- 2001-08-18 12:00:00 656,896 ----a-w c:\windows\system32\userenv.dll+ 2004-08-04 05:56:48 723,456 ----a-w c:\windows\system32\userenv.dll- 2001-08-18 12:00:00 21,504 ----a-w c:\windows\system32\userinit.exe+ 2004-08-04 05:56:58 24,576 ----a-w c:\windows\system32\userinit.exe- 2001-08-18 12:00:00 113,664 ----a-w c:\windows\system32\usmt\guitrn.dll+ 2004-08-04 05:56:44 123,904 ----a-w c:\windows\system32\usmt\guitrn.dll- 2001-08-18 12:00:00 100,864 ----a-w c:\windows\system32\usmt\guitrn_a.dll+ 2004-08-04 05:56:44 108,544 ----a-w c:\windows\system32\usmt\guitrn_a.dll- 2001-08-18 12:00:00 3,584 ----a-w c:\windows\system32\usmt\iconlib.dll+ 2004-08-04 05:56:44 4,096 ----a-w c:\windows\system32\usmt\iconlib.dll- 2001-08-18 12:00:00 16,896 ----a-w c:\windows\system32\usmt\log.dll+ 2004-08-04 05:56:44 19,968 ----a-w c:\windows\system32\usmt\log.dll- 2001-08-18 12:00:00 185,344 ----a-w c:\windows\system32\usmt\migism.dll+ 2004-08-04 05:56:44 201,216 ----a-w c:\windows\system32\usmt\migism.dll- 2001-08-18 12:00:00 179,200 ----a-w c:\windows\system32\usmt\migism_a.dll+ 2004-08-04 05:56:44 192,512 ----a-w c:\windows\system32\usmt\migism_a.dll- 2001-08-18 12:00:00 98,816 ----a-w c:\windows\system32\usmt\migload.exe+ 2004-08-04 05:56:52 103,424 ----a-w c:\windows\system32\usmt\migload.exe- 2001-08-18 12:00:00 230,400 ----a-w c:\windows\system32\usmt\migwiz.exe+ 2004-08-04 05:56:52 240,128 ----a-w c:\windows\system32\usmt\migwiz.exe- 2001-08-18 12:00:00 226,816 ----a-w c:\windows\system32\usmt\migwiz_a.exe+ 2004-08-04 05:56:52 236,032 ----a-w c:\windows\system32\usmt\migwiz_a.exe- 2001-08-18 12:00:00 186,368 ----a-w c:\windows\system32\usmt\script.dll+ 2004-08-04 05:56:46 202,752 ----a-w c:\windows\system32\usmt\script.dll- 2001-08-18 12:00:00 167,424 ----a-w c:\windows\system32\usmt\script_a.dll+ 2004-08-04 05:56:46 188,416 ----a-w c:\windows\system32\usmt\script_a.dll- 2001-08-18 12:00:00 141,312 ----a-w c:\windows\system32\usmt\sysmod.dll+ 2004-08-04 05:56:48 168,960 ----a-w c:\windows\system32\usmt\sysmod.dll- 2001-08-18 12:00:00 130,560 ----a-w c:\windows\system32\usmt\sysmod_a.dll+ 2004-08-04 05:56:48 155,648 ----a-w c:\windows\system32\usmt\sysmod_a.dll- 2001-08-18 12:00:00 339,456 ----a-w c:\windows\system32\usp10.dll+ 2004-08-04 05:56:48 406,528 ----a-w c:\windows\system32\usp10.dll- 2001-08-18 12:00:00 46,592 ----a-w c:\windows\system32\utilman.exe+ 2004-08-04 05:56:58 50,176 ----a-w c:\windows\system32\utilman.exe- 2001-08-18 12:00:00 202,752 ----a-w c:\windows\system32\uxtheme.dll+ 2004-08-04 05:56:48 218,624 ----a-w c:\windows\system32\uxtheme.dll- 2001-08-18 12:00:00 30,992 ----a-w c:\windows\system32\vbajet32.dll+ 2004-08-04 05:56:48 30,749 ----a-w c:\windows\system32\vbajet32.dll- 2001-08-18 12:00:00 479,261 ----a-w c:\windows\system32\vbscript.dll+ 2004-08-04 05:56:48 417,792 ----a-w c:\windows\system32\vbscript.dll- 2001-08-18 12:00:00 24,064 ----a-w c:\windows\system32\vdmdbg.dll+ 2004-08-04 05:56:48 26,112 ----a-w c:\windows\system32\vdmdbg.dll- 2001-08-18 12:00:00 48,640 ----a-w c:\windows\system32\vdmredir.dll+ 2004-08-04 05:56:48 51,712 ----a-w c:\windows\system32\vdmredir.dll- 2001-08-18 12:00:00 16,384 ----a-w c:\windows\system32\version.dll+ 2004-08-04 05:56:48 18,944 ----a-w c:\windows\system32\version.dll- 2001-08-18 12:00:00 409,088 ----a-w c:\windows\system32\vssapi.dll+ 2004-08-04 05:56:48 430,592 ----a-w c:\windows\system32\vssapi.dll- 2001-08-18 12:00:00 275,456 ----a-w c:\windows\system32\vssvc.exe+ 2004-08-04 05:56:58 289,792 ----a-w c:\windows\system32\vssvc.exe- 2001-08-18 12:00:00 165,376 ----a-w c:\windows\system32\w32time.dll+ 2004-08-04 05:56:48 174,592 ----a-w c:\windows\system32\w32time.dll+ 2004-08-04 05:56:48 15,872 ------w c:\windows\system32\w3ssl.dll- 2001-08-18 12:00:00 14,592 ----a-w c:\windows\system32\watchdog.sys+ 2004-08-04 04:07:34 17,664 ----a-w c:\windows\system32\watchdog.sys- 2001-08-18 12:00:00 1,266,688 ----a-w c:\windows\system32\wbem\cimwin32.dll+ 2004-08-04 05:56:42 1,352,192 ----a-w c:\windows\system32\wbem\cimwin32.dll- 2001-08-18 12:00:00 235,520 ----a-w c:\windows\system32\wbem\esscli.dll+ 2004-08-04 05:56:44 247,808 ----a-w c:\windows\system32\wbem\esscli.dll- 2001-08-18 12:00:00 19,456 ----a-w c:\windows\system32\wbem\evntrprv.dll+ 2004-08-04 05:56:44 22,016 ----a-w c:\windows\system32\wbem\evntrprv.dll- 2001-08-18 12:00:00 585,216 ----a-w c:\windows\system32\wbem\fastprox.dll+ 2004-08-04 05:56:44 472,064 ----a-w c:\windows\system32\wbem\fastprox.dll- 2001-08-18 12:00:00 174,592 ----a-w c:\windows\system32\wbem\framedyn.dll+ 2004-08-04 05:56:44 185,856 ----a-w c:\windows\system32\wbem\framedyn.dll- 2001-08-18 12:00:00 23,552 ----a-w c:\windows\system32\wbem\krnlprov.dll+ 2004-08-04 05:56:44 24,576 ----a-w c:\windows\system32\wbem\krnlprov.dll- 2001-08-18 12:00:00 14,336 ----a-w c:\windows\system32\wbem\mofcomp.exe+ 2004-08-04 05:56:52 16,384 ----a-w c:\windows\system32\wbem\mofcomp.exe- 2001-08-18 12:00:00 104,960 ----a-w c:\windows\system32\wbem\mofd.dll+ 2004-08-04 05:56:44 123,904 ----a-w c:\windows\system32\wbem\mofd.dll- 2001-08-18 12:00:00 60,928 ----a-w c:\windows\system32\wbem\ncprov.dll+ 2004-08-04 05:56:46 47,104 ----a-w c:\windows\system32\wbem\ncprov.dll- 2001-08-18 12:00:00 203,264 ----a-w c:\windows\system32\wbem\ntevt.dll+ 2004-08-04 05:56:46 212,992 ----a-w c:\windows\system32\wbem\ntevt.dll- 2001-08-18 12:00:00 226,304 ----a-w c:\windows\system32\wbem\provthrd.dll+ 2004-08-04 05:56:46 237,056 ----a-w c:\windows\system32\wbem\provthrd.dll- 2001-08-18 12:00:00 137,216 ----a-w c:\windows\system32\wbem\repdrvfs.dll+ 2004-08-04 05:56:46 177,152 ----a-w c:\windows\system32\wbem\repdrvfs.dll- 2001-08-18 12:00:00 33,792 ----a-w c:\windows\system32\wbem\scrcons.exe+ 2004-08-04 05:56:56 36,864 ----a-w c:\windows\system32\wbem\scrcons.exe- 2001-08-18 12:00:00 80,896 ----a-w c:\windows\system32\wbem\stdprov.dll+ 2004-08-04 05:56:46 86,528 ----a-w c:\windows\system32\wbem\stdprov.dll- 2001-08-18 12:00:00 125,952 ----a-w c:\windows\system32\wbem\viewprov.dll+ 2004-08-04 05:56:48 131,584 ----a-w c:\windows\system32\wbem\viewprov.dll- 2001-08-18 12:00:00 183,808 ----a-w c:\windows\system32\wbem\wbemcntl.dll+ 2004-08-04 05:56:48 196,608 ----a-w c:\windows\system32\wbem\wbemcntl.dll- 2001-08-18 12:00:00 214,528 ----a-w c:\windows\system32\wbem\wbemcomn.dll+ 2004-08-04 05:56:48 214,528 ----a-w c:\windows\system32\wbem\wbemcomn.dll- 2001-08-18 12:00:00 66,048 ----a-w c:\windows\system32\wbem\wbemcons.dll+ 2004-08-04 05:56:48 71,680 ----a-w c:\windows\system32\wbem\wbemcons.dll- 2001-08-18 12:00:00 477,184 ----a-w c:\windows\system32\wbem\wbemcore.dll+ 2004-08-04 05:56:48 530,944 ----a-w c:\windows\system32\wbem\wbemcore.dll- 2001-08-18 12:00:00 167,936 ----a-w c:\windows\system32\wbem\wbemdisp.dll+ 2004-08-04 05:56:48 178,176 ----a-w c:\windows\system32\wbem\wbemdisp.dll- 2001-08-18 12:00:00 259,072 ----a-w c:\windows\system32\wbem\wbemess.dll+ 2004-08-04 05:56:48 273,920 ----a-w c:\windows\system32\wbem\wbemess.dll- 2001-08-18 12:00:00 38,400 ----a-w c:\windows\system32\wbem\wbemperf.dll+ 2004-08-04 05:56:48 43,008 ----a-w c:\windows\system32\wbem\wbemperf.dll- 2001-08-18 12:00:00 28,160 ----a-w c:\windows\system32\wbem\wbemprox.dll+ 2004-08-04 05:56:48 18,944 ----a-w c:\windows\system32\wbem\wbemprox.dll- 2001-08-18 12:00:00 48,128 ----a-w c:\windows\system32\wbem\wbemsvc.dll+ 2004-08-04 05:56:48 43,520 ----a-w c:\windows\system32\wbem\wbemsvc.dll- 2001-08-18 12:00:00 157,696 ----a-w c:\windows\system32\wbem\wbemtest.exe+ 2004-08-04 05:56:58 116,224 ----a-w c:\windows\system32\wbem\wbemtest.exe- 2001-08-18 12:00:00 106,496 ----a-w c:\windows\system32\wbem\wbemupgd.dll+ 2004-08-04 05:56:48 197,120 ----a-w c:\windows\system32\wbem\wbemupgd.dll- 2001-08-18 12:00:00 183,808 ----a-w c:\windows\system32\wbem\wmiadap.exe+ 2004-08-04 05:56:58 196,608 ----a-w c:\windows\system32\wbem\wmiadap.exe- 2001-08-18 12:00:00 6,144 ----a-w c:\windows\system32\wbem\wmiapres.dll+ 2004-08-04 05:56:36 6,656 ----a-w c:\windows\system32\wbem\wmiapres.dll- 2001-08-18 12:00:00 82,432 ----a-w c:\windows\system32\wbem\wmiaprpl.dll+ 2004-08-04 05:56:48 89,088 ----a-w c:\windows\system32\wbem\wmiaprpl.dll- 2001-08-18 12:00:00 117,248 ----a-w c:\windows\system32\wbem\wmiapsrv.exe+ 2004-08-04 05:56:58 126,464 ----a-w c:\windows\system32\wbem\wmiapsrv.exe- 2001-08-18 12:00:00 55,808 ----a-w c:\windows\system32\wbem\wmicookr.dll+ 2004-08-04 05:56:48 60,928 ----a-w c:\windows\system32\wbem\wmicookr.dll- 2001-08-18 12:00:00 138,752 ----a-w c:\windows\system32\wbem\wmidcprv.dll+ 2004-08-04 05:56:48 140,800 ----a-w c:\windows\system32\wbem\wmidcprv.dll- 2001-08-18 12:00:00 149,504 ----a-w c:\windows\system32\wbem\wmipcima.dll+ 2004-08-04 05:56:48 156,672 ----a-w c:\windows\system32\wbem\wmipcima.dll- 2001-08-18 12:00:00 124,928 ----a-w c:\windows\system32\wbem\wmipdskq.dll+ 2004-08-04 05:56:48 132,096 ----a-w c:\windows\system32\wbem\wmipdskq.dll- 2001-08-18 12:00:00 58,880 ----a-w c:\windows\system32\wbem\wmipiprt.dll+ 2004-08-04 05:56:48 62,464 ----a-w c:\windows\system32\wbem\wmipiprt.dll- 2001-08-18 12:00:00 59,904 ----a-w c:\windows\system32\wbem\wmipjobj.dll+ 2004-08-04 05:56:48 62,976 ----a-w c:\windows\system32\wbem\wmipjobj.dll- 2001-08-18 12:00:00 122,368 ----a-w c:\windows\system32\wbem\wmiprov.dll+ 2004-08-04 05:56:48 144,896 ----a-w c:\windows\system32\wbem\wmiprov.dll- 2001-08-18 12:00:00 407,040 ----a-w c:\windows\system32\wbem\wmiprvsd.dll+ 2004-08-04 05:56:48 437,248 ----a-w c:\windows\system32\wbem\wmiprvsd.dll- 2001-08-18 12:00:00 203,264 ----a-w c:\windows\system32\wbem\wmiprvse.exe+ 2004-08-04 05:56:58 218,112 ----a-w c:\windows\system32\wbem\wmiprvse.exe- 2001-08-18 12:00:00 38,912 ----a-w c:\windows\system32\wbem\wmipsess.dll+ 2004-08-04 05:56:48 41,472 ----a-w c:\windows\system32\wbem\wmipsess.dll- 2001-08-18 12:00:00 100,864 ----a-w c:\windows\system32\wbem\wmisvc.dll+ 2004-08-04 05:56:48 144,896 ----a-w c:\windows\system32\wbem\wmisvc.dll- 2001-08-18 12:00:00 95,744 ----a-w c:\windows\system32\wbem\wmiutils.dll+ 2004-08-04 05:56:48 95,232 ----a-w c:\windows\system32\wbem\wmiutils.dll- 2001-08-18 12:00:00 46,592 ----a-w c:\windows\system32\wdigest.dll+ 2004-08-04 05:56:48 49,152 ----a-w c:\windows\system32\wdigest.dll- 2001-08-18 02:37:04 22,016 ----a-w c:\windows\system32\wdmaud.drv+ 2004-08-04 05:56:58 23,552 ----a-w c:\windows\system32\wdmaud.drv- 2001-08-18 12:00:00 258,560 ----a-w c:\windows\system32\webcheck.dll+ 2004-08-04 05:56:48 276,480 ----a-w c:\windows\system32\webcheck.dll- 2001-08-18 12:00:00 61,440 ----a-w c:\windows\system32\webclnt.dll+ 2004-08-04 05:56:48 67,584 ----a-w c:\windows\system32\webclnt.dll- 2001-08-18 12:00:00 124,928 ----a-w c:\windows\system32\webvw.dll+ 2004-08-04 05:56:48 135,680 ----a-w c:\windows\system32\webvw.dll- 2001-08-18 12:00:00 60,416 ----a-w c:\windows\system32\wextract.exe+ 2004-08-04 05:56:58 65,536 ----a-w c:\windows\system32\wextract.exe- 2001-08-18 12:00:00 414,720 ----a-w c:\windows\system32\wiaacmgr.exe+ 2004-08-04 05:56:58 433,664 ----a-w c:\windows\system32\wiaacmgr.exe- 2001-08-18 12:00:00 449,536 ----a-w c:\windows\system32\wiadefui.dll+ 2004-08-04 05:56:48 463,360 ----a-w c:\windows\system32\wiadefui.dll- 2001-08-18 12:00:00 118,272 ----a-w c:\windows\system32\wiadss.dll+ 2004-08-04 05:56:48 124,416 ----a-w c:\windows\system32\wiadss.dll- 2001-08-18 12:00:00 70,656 ----a-w c:\windows\system32\wiascr.dll+ 2004-08-04 05:56:48 75,776 ----a-w c:\windows\system32\wiascr.dll- 2001-08-18 12:00:00 314,368 ----a-w c:\windows\system32\wiaservc.dll+ 2004-08-04 05:56:48 333,312 ----a-w c:\windows\system32\wiaservc.dll- 2001-08-18 12:00:00 568,832 ----a-w c:\windows\system32\wiashext.dll+ 2004-08-04 05:56:48 589,312 ----a-w c:\windows\system32\wiashext.dll- 2001-08-18 12:00:00 104,448 ----a-w c:\windows\system32\wiavideo.dll+ 2004-08-04 05:56:48 111,104 ----a-w c:\windows\system32\wiavideo.dll- 2001-08-18 12:00:00 1,670,912 ----a-w c:\windows\system32\win32k.sys+ 2004-08-04 04:17:42 1,835,904 ----a-w c:\windows\system32\win32k.sys- 2001-08-18 12:00:00 95,232 ----a-w c:\windows\system32\win32spl.dll+ 2004-08-04 05:56:48 101,888 ----a-w c:\windows\system32\win32spl.dll+ 2004-08-04 05:56:36 937,984 ------w c:\windows\system32\winbrand.dll- 2004-07-01 22:08:18 331,776 ----a-w c:\windows\system32\winhttp.dll+ 2004-08-04 05:56:48 351,232 ----a-w c:\windows\system32\winhttp.dll- 2001-08-18 12:00:00 593,920 ----a-w c:\windows\system32\wininet.dll+ 2004-08-04 05:56:48 656,384 ----a-w c:\windows\system32\wininet.dll- 2001-08-18 12:00:00 25,600 ----a-w c:\windows\system32\winipsec.dll+ 2004-08-04 05:56:48 32,768 ----a-w c:\windows\system32\winipsec.dll- 2001-08-18 12:00:00 429,056 ----a-w c:\windows\system32\winlogon.exe+ 2004-08-04 05:56:58 502,272 ----a-w c:\windows\system32\winlogon.exe- 2001-08-18 12:00:00 170,496 ----a-w c:\windows\system32\winmm.dll+ 2004-08-04 05:56:48 176,128 ----a-w c:\windows\system32\winmm.dll- 2001-08-18 12:00:00 762,368 ----a-w c:\windows\system32\winntbbu.dll+ 2004-08-04 05:56:36 764,928 ----a-w c:\windows\system32\winntbbu.dll- 2001-08-18 12:00:00 14,848 ----a-w c:\windows\system32\winrnr.dll+ 2004-08-04 05:56:48 16,896 ----a-w c:\windows\system32\winrnr.dll- 2001-08-18 12:00:00 93,184 ----a-w c:\windows\system32\winscard.dll+ 2004-08-04 05:56:48 99,328 ----a-w c:\windows\system32\winscard.dll+ 2004-08-04 05:56:48 17,408 ------w c:\windows\system32\winshfhc.dll- 2001-08-18 12:00:00 131,584 ----a-w c:\windows\system32\winspool.drv+ 2004-08-04 05:56:58 146,432 ----a-w c:\windows\system32\winspool.drv- 2001-08-18 12:00:00 275,968 ----a-w c:\windows\system32\winsrv.dll+ 2004-08-04 05:56:48 290,816 ----a-w c:\windows\system32\winsrv.dll- 2001-08-18 12:00:00 47,104 ----a-w c:\windows\system32\winsta.dll+ 2004-08-04 05:56:48 53,760 ----a-w c:\windows\system32\winsta.dll- 2001-08-18 12:00:00 166,912 ----a-w c:\windows\system32\wintrust.dll+ 2004-08-04 05:56:48 176,640 ----a-w c:\windows\system32\wintrust.dll- 2001-08-18 12:00:00 4,096 ----a-w c:\windows\system32\winver.exe+ 2004-08-04 05:56:58 5,632 ----a-w c:\windows\system32\winver.exe- 2001-08-18 12:00:00 120,832 ----a-w c:\windows\system32\wkssvc.dll+ 2004-08-04 05:56:48 132,096 ----a-w c:\windows\system32\wkssvc.dll- 2001-08-18 12:00:00 167,936 ----a-w c:\windows\system32\wldap32.dll+ 2004-08-04 05:56:48 172,032 ----a-w c:\windows\system32\wldap32.dll- 2001-08-18 12:00:00 86,016 ----a-w c:\windows\system32\wlnotify.dll+ 2004-08-04 05:56:48 92,672 ----a-w c:\windows\system32\wlnotify.dll- 2001-08-18 12:00:00 5,632 ----a-w c:\windows\system32\wmi.dll+ 2004-08-04 05:56:36 5,632 ----a-w c:\windows\system32\wmi.dll- 2001-08-18 12:00:00 118,784 ----a-w c:\windows\system32\wmsdmoe.dll+ 2004-08-04 05:56:48 115,200 ----a-w c:\windows\system32\wmsdmoe.dll- 2001-08-18 12:00:00 298,496 ----a-w c:\windows\system32\wmstream.dll+ 2004-08-04 05:56:48 303,616 ----a-w c:\windows\system32\wmstream.dll- 2001-08-18 12:00:00 247,808 ----a-w c:\windows\system32\wow32.dll+ 2004-08-04 05:56:48 264,192 ----a-w c:\windows\system32\wow32.dll- 2001-08-18 12:00:00 31,232 ----a-w c:\windows\system32\wpabaln.exe+ 2004-08-04 05:56:58 32,256 ----a-w c:\windows\system32\wpabaln.exe- 2001-08-18 12:00:00 29,184 ----a-w c:\windows\system32\wpnpinst.exe+ 2004-08-04 05:56:58 32,256 ----a-w c:\windows\system32\wpnpinst.exe- 2001-08-18 12:00:00 75,264 ----a-w c:\windows\system32\ws2_32.dll+ 2004-08-04 05:56:48 82,944 ----a-w c:\windows\system32\ws2_32.dll- 2001-08-18 12:00:00 18,944 ----a-w c:\windows\system32\ws2help.dll+ 2004-08-04 05:56:48 19,968 ----a-w c:\windows\system32\ws2help.dll+ 2004-08-04 05:56:58 13,824 ------w c:\windows\system32\wscntfy.exe- 2001-08-18 12:00:00 118,834 ----a-w c:\windows\system32\wscript.exe+ 2004-08-04 05:56:58 114,688 ----a-w c:\windows\system32\wscript.exe+ 2004-08-04 05:56:48 81,408 ------w c:\windows\system32\wscsvc.dll+ 2004-08-04 05:56:48 108,032 ------w c:\windows\system32\wshbth.dll- 2001-08-18 12:00:00 28,721 ----a-w c:\windows\system32\wshcon.dll+ 2004-08-04 05:56:48 28,672 ----a-w c:\windows\system32\wshcon.dll- 2001-08-18 12:00:00 65,585 ----a-w c:\windows\system32\wshext.dll+ 2004-08-04 05:56:48 65,536 ----a-w c:\windows\system32\wshext.dll- 2001-08-18 12:00:00 13,824 ----a-w c:\windows\system32\wship6.dll+ 2004-08-04 05:56:48 14,336 ----a-w c:\windows\system32\wship6.dll- 2001-08-18 12:00:00 10,240 ----a-w c:\windows\system32\WshRm.dll+ 2004-08-04 05:56:48 11,776 ----a-w c:\windows\system32\wshrm.dll- 2001-08-18 12:00:00 17,408 ----a-w c:\windows\system32\wshtcpip.dll+ 2004-08-04 05:56:48 19,968 ----a-w c:\windows\system32\wshtcpip.dll- 2001-08-18 12:00:00 38,912 ----a-w c:\windows\system32\wsnmp32.dll+ 2004-08-04 05:56:48 42,496 ----a-w c:\windows\system32\wsnmp32.dll- 2001-08-18 12:00:00 21,504 ----a-w c:\windows\system32\wsock32.dll+ 2004-08-04 05:56:48 22,528 ----a-w c:\windows\system32\wsock32.dll- 2004-07-09 08:26:40 47,104 ----a-w c:\windows\system32\wstdecod.dll+ 2004-08-04 05:56:48 50,688 ----a-w c:\windows\system32\wstdecod.dll- 2001-08-18 12:00:00 16,896 ----a-w c:\windows\system32\wtsapi32.dll+ 2004-08-04 05:56:48 18,432 ----a-w c:\windows\system32\wtsapi32.dll+ 2004-08-04 05:56:58 165,888 ------w c:\windows\system32\wuauclt1.exe+ 2004-08-04 05:56:48 183,296 ------w c:\windows\system32\wuaueng1.dll- 2001-08-18 12:00:00 4,096 ----a-w c:\windows\system32\wuauserv.dll+ 2004-08-04 05:56:48 6,656 ----a-w c:\windows\system32\wuauserv.dll- 2001-08-18 12:00:00 47,616 ----a-w c:\windows\system32\wzcdlg.dll+ 2004-08-04 05:56:48 378,368 ----a-w c:\windows\system32\wzcdlg.dll- 2001-08-18 12:00:00 18,944 ----a-w c:\windows\system32\wzcsapi.dll+ 2004-08-04 05:56:48 51,712 ----a-w c:\windows\system32\wzcsapi.dll- 2001-08-18 12:00:00 184,320 ----a-w c:\windows\system32\wzcsvc.dll+ 2004-08-04 05:56:48 359,936 ----a-w c:\windows\system32\wzcsvc.dll- 2001-08-18 12:00:00 85,504 ----a-w c:\windows\system32\xactsrv.dll+ 2004-08-04 05:56:48 91,648 ----a-w c:\windows\system32\xactsrv.dll- 2001-08-18 12:00:00 28,160 ----a-w c:\windows\system32\xcopy.exe+ 2004-08-04 05:56:58 30,720 ----a-w c:\windows\system32\xcopy.exe- 2001-08-18 12:00:00 165,744 ----a-w c:\windows\system32\xenroll.dll+ 2004-07-17 16:39:16 174,200 ----a-w c:\windows\system32\xenroll.dll+ 2004-08-04 05:56:48 129,536 ------w c:\windows\system32\xmlprov.dll+ 2004-08-04 05:56:48 50,176 ------w c:\windows\system32\xmlprovi.dll- 2001-08-18 12:00:00 9,728 ----a-w c:\windows\system32\xolehlp.dll+ 2004-08-04 05:56:48 11,776 ----a-w c:\windows\system32\xolehlp.dll- 2004-06-30 23:59:25 158,720 ------w c:\windows\system32\xpob2res.dll+ 2004-08-04 05:56:38 438,784 ------w c:\windows\system32\xpob2res.dll+ 2004-08-04 05:56:38 187,392 ------w c:\windows\system32\xpsp1res.dll- 2002-09-25 16:21:56 316,928 ----a-w c:\windows\system32\zipfldr.dll+ 2004-08-04 05:56:48 337,920 ----a-w c:\windows\system32\zipfldr.dll+ 2009-02-20 23:33:31 16,384 ----atw c:\windows\temp\Perflib_Perfdata_5b0.dat- 2001-08-18 12:00:00 46,592 ----a-w c:\windows\twain_32.dll+ 2004-08-04 05:56:48 50,688 ----a-w c:\windows\twain_32.dll- 2001-08-18 12:00:00 266,752 ----a-w c:\windows\winhlp32.exe+ 2004-08-04 05:56:58 283,648 ----a-w c:\windows\winhlp32.exe+ 2004-08-04 05:57:02 1,050,624 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll+ 2004-08-04 05:57:02 54,784 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcirt.dll+ 2004-08-04 05:57:02 343,040 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll+ 2004-08-04 05:57:00 1,712,128 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll+ 2004-08-04 05:57:00 853,504 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll+ 2004-08-04 05:57:00 991,232 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll+ 2004-08-04 05:55:58 132,096 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll.-- Snapshot reset to current date --.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"MMTray"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2006-01-19 110592]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-25 136600]"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-06-17 98304]"IgfxTray"="c:\windows\System32\igfxtray.exe" [2002-06-19 155648]"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2002-06-19 114688]"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-07-11 180269]"MimBoot"="c:\progra~1\MUSICM~1\MUSICM~1\mimboot.exe" [2006-01-19 11776]"D-Link AirPlus G"="c:\program files\D-Link\AirPlus G\AirGCFG.exe" [2007-04-14 1556480]"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 221184]"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]"1331176861"="c:\documents and settings\All Users\Application Data\1447988137\1331176861.exe" [2009-01-25 2096677][HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"=--- Other Services/Drivers In Memory ---*NewlyCreated* - KRNCHTJU.Contents of the 'Scheduled Tasks' folder2009-02-20 c:\windows\Tasks\RegTool Scan.job- c:\program files\RegTool\RegTool.exe []2009-02-20 c:\windows\Tasks\RegTool Scan.job- c:\program files\RegTool [].- - - - ORPHANS REMOVED - - - -BHO-{DCFBA5E4-23ED-49F9-A5C2-99607670DA51} - c:\windows\System32\avica.dll.------- Supplementary Scan -------.uStart Page = hxxp://www.google.commStart Page = about:blankmWindow Title = Microsoft Internet ExploreruInternet Connection Wizard,ShellNext = hxxp://adserving.cpxinteractive.com/iframe3?0j4EAPLyAwDp-AYASnkCAAIBAAAAAP8AAAD..wICAAJWxwQA.-IDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM3MzMzMzPA.zczMzMzM8D8BAAAAAAD8PwEAAAAAAPw.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA-Zc2EhmSoAR3CUCiFLJku-nURFVowed0ylzM3wAAAAA=,,http://www3.evilshare.com/accd7d46-5618-102b-a5a4-000b6aa2a5f8IE: &AOL Toolbar search - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTMLIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000Trusted Zone: musicmatch.com\onlineDPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cabFF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\aw4dysyr.default\FF - plugin: c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\aw4dysyr.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npmnqmp071101000055.dllFF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-02-20 18:34:14Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... **************************************************************************.------------------------ Other Running Processes ------------------------.c:\program files\Java\jre6\bin\jqs.exec:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEc:\windows\system32\wdfmgr.exec:\windows\system32\wscntfy.exec:\progra~1\MUSICM~1\MUSICM~1\MMDiag.exec:\program files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe.**************************************************************************.Completion time: 2009-02-20 18:39:23 - machine was rebootedComboFix-quarantined-files.txt 2009-02-20 23:37:55ComboFix2.txt 2009-02-17 16:37:16Pre-Run: 25,922,072,576 bytes freePost-Run: 25,836,834,816 bytes free4308 --- E O F --- 2009-02-20 23:00:43 Quote Link to post Share on other sites
therock247uk Posted February 22, 2009 Report Share Posted February 22, 2009 Ok can i see a fresh Hijackthis log? Quote Link to post Share on other sites
lashaun84 Posted February 22, 2009 Author Report Share Posted February 22, 2009 Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:24:23 PM, on 22/02/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\wscntfy.exeC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\QuickTime\qttask.exeC:\WINDOWS\System32\hkcmd.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\D-Link\AirPlus G\AirGCFG.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Messenger\msmsgs.exeC:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exeC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://adserving.cpxinteractive.com/iframe...a4-000b6aa2a5f8O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exeO4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exeO4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startupO4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exeO4 - HKLM\..\Run: [1331176861] "C:\Documents and Settings\All Users\Application Data\1447988137\1331176861.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTMLO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} (CPlayFirstChocolatieControl Object) - http://zone.msn.com/bingame/choc/default/C...eb.1.0.0.15.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1213917412731O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1213962550419O16 - DPF: {E9B80D94-D8BC-43DE-9138-75605A8D9666} (CPlayFirstWeddingDasControl Object) - http://zone.msn.com/bingame/wedd/default/W...sh.1.0.0.50.cabO23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe--End of file - 5198 bytes Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.