Aller au contenu

Kryx

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    28

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Kryx

  1. Kryx
    Oui j'imagine^^ en tout cas merci bcp pour ce que vous faîtes,c'est vraiment .
  2. Kryx
    J'ai pensé que vous diriez celà, çà ne m'étonne pas du tout. Mais j'ai l'occasion de vraiment apprendre et le domaine sécurité m'intéresse beaucoup. Je me permet d'insister donc.
  3. Kryx
    Merci bcp Kalfra! Longue vie à la machine... J'ai déjà MBAM^^. Où est-ce qu'on pourrait se former pour la sécurité informatique et lectures de log comme vous le faites? Merci!
  4. Kryx
    Me revoici ainsi qu'un log tout frais Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:53:24, on 17/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\COMODO\SafeSurf\cssurf.exe C:\Program Files\COMODO\Firewall\cfp.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Secunia\PSI (RC3)\psi.exe C:\Program Files\Star Downloader\stardown.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E112D0B4-9BCE-4A5E-B251-65F50979E8BA}: NameServer = 80.10.246.130 80.10.246.3 O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6112 bytes
  5. Kryx
    Voici donc le rapport d'hier soir par Avira. Avira AntiVir Personal Report file date: samedi 16 août 2008 19:18 Scanning for 1559120 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 3) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: MICHEL Version information: BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 07:02:56 AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 06:43:37 LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 06:41:23 LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 06:28:40 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 08:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 10:20:44 ANTIVIR2.VDF : 7.0.6.10 2587136 Bytes 14/08/2008 14:38:55 ANTIVIR3.VDF : 7.0.6.24 103424 Bytes 16/08/2008 10:39:53 Engineversion : 8.1.1.19 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 07:58:21 AESCRIPT.DLL : 8.1.0.63 311673 Bytes 10/08/2008 10:22:09 AESCN.DLL : 8.1.0.23 119156 Bytes 10/08/2008 10:22:06 AERDL.DLL : 8.1.0.20 418165 Bytes 10/08/2008 10:22:04 AEPACK.DLL : 8.1.2.1 364917 Bytes 10/08/2008 10:22:00 AEOFFICE.DLL : 8.1.0.21 192891 Bytes 10/08/2008 10:21:56 AEHEUR.DLL : 8.1.0.47 1368437 Bytes 10/08/2008 10:21:54 AEHELP.DLL : 8.1.0.15 115063 Bytes 10/08/2008 10:21:42 AEGEN.DLL : 8.1.0.35 315764 Bytes 10/08/2008 10:21:41 AEEMU.DLL : 8.1.0.7 430452 Bytes 10/08/2008 10:21:37 AECORE.DLL : 8.1.1.8 172406 Bytes 10/08/2008 10:21:34 AEBB.DLL : 8.1.0.1 53617 Bytes 10/08/2008 10:21:32 AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 15:07:53 AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 08:37:50 AVREP.DLL : 8.0.0.2 98344 Bytes 10/08/2008 10:21:31 AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 15:07:49 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 06:29:23 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 06:31:31 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 15:28:02 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 15:08:39 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 10:05:10 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 12:37:25 RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 10:02:11 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: high Start of the scan: samedi 16 août 2008 19:18 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'psi.exe' - '1' Module(s) have been scanned Scan process 'msmsgs.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'cfp.exe' - '1' Module(s) have been scanned Scan process 'cssurf.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'reader_sl.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'CnxDslTb.exe' - '1' Module(s) have been scanned Scan process 'raid_tool.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'usnsvc.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned Scan process 'cmdagent.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'a2service.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 33 processes with 33 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '30' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\System Volume Information\_restore{D7EECC2D-28C6-4BDD-96FB-FE9A7880C30A}\RP511\A0607729.exe [DETECTION] Contains detection pattern of the dropper DR/Dldr.FraudLoad.vaxg.1 [NOTE] The file was moved to '48dd077d.qua'! C:\System Volume Information\_restore{D7EECC2D-28C6-4BDD-96FB-FE9A7880C30A}\RP511\A0610948.exe [DETECTION] Is the Trojan horse TR/Monder.790528 [NOTE] The file was moved to '48dd078f.qua'! C:\System Volume Information\_restore{D7EECC2D-28C6-4BDD-96FB-FE9A7880C30A}\RP525\A0622357.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [NOTE] The file was moved to '48dd0876.qua'! C:\System Volume Information\_restore{D7EECC2D-28C6-4BDD-96FB-FE9A7880C30A}\RP525\A0622358.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [NOTE] The file was moved to '48dd087a.qua'! C:\System Volume Information\_restore{D7EECC2D-28C6-4BDD-96FB-FE9A7880C30A}\RP525\A0622359.dll [DETECTION] Is the Trojan horse TR/Monderc.103424.1 [NOTE] The file was moved to '48dd087f.qua'! C:\System Volume Information\_restore{D7EECC2D-28C6-4BDD-96FB-FE9A7880C30A}\RP525\A0622360.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [NOTE] The file was moved to '48dd0881.qua'! C:\System Volume Information\_restore{D7EECC2D-28C6-4BDD-96FB-FE9A7880C30A}\RP525\A0622361.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [NOTE] The file was moved to '48dd0883.qua'! C:\System Volume Information\_restore{D7EECC2D-28C6-4BDD-96FB-FE9A7880C30A}\RP525\A0622362.dll [DETECTION] Is the Trojan horse TR/Vundo.ewz.40 [NOTE] The file was moved to '48dd088e.qua'! C:\System Volume Information\_restore{D7EECC2D-28C6-4BDD-96FB-FE9A7880C30A}\RP525\A0622363.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [NOTE] The file was moved to '48dd0890.qua'! C:\System Volume Information\_restore{D7EECC2D-28C6-4BDD-96FB-FE9A7880C30A}\RP525\A0622364.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [NOTE] The file was moved to '48dd0892.qua'! C:\System Volume Information\_restore{D7EECC2D-28C6-4BDD-96FB-FE9A7880C30A}\RP525\A0622365.dll [DETECTION] Is the Trojan horse TR/Monderc.103424.1 [NOTE] The file was moved to '48dd0895.qua'! C:\System Volume Information\_restore{D7EECC2D-28C6-4BDD-96FB-FE9A7880C30A}\RP525\A0622366.dll [DETECTION] Is the Trojan horse TR/Monderc.103424.1 [NOTE] The file was moved to '48dd0896.qua'! C:\System Volume Information\_restore{D7EECC2D-28C6-4BDD-96FB-FE9A7880C30A}\RP525\A0622367.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [NOTE] The file was moved to '48dd0899.qua'! End of the scan: samedi 16 août 2008 20:17 Used time: 59:34 min The scan has been done completely. 6455 Scanning directories 308005 Files were scanned 13 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 13 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 307992 Files not concerned 3710 Archives were scanned 1 Warnings 13 Notes
  6. Kryx
    Voilà j'ai bien fini de scanné le système. Plus de problèmes apparents. Qques détections tout de même par Avira et ce toujours dans le fameux système volume information ^^: il s'agit donc des trojans Vundo.gen, Vundo.ewz, Monderc ainsi qu'un dropper Fraudload(un truc du genre). J'ai déjà les outils que vous m'avez proposés. En esperant que çà n'est pas très grave.
  7. Kryx
    Merci Falkra. Encore une chose nettoyer la restauration système avec antivir?Cad? Je ne vois pas très bien l'arborescence à suivre.
  8. Kryx
    Voici donc un log de HijackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:27:56, on 12/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\COMODO\SafeSurf\cssurf.exe C:\Program Files\COMODO\Firewall\cfp.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - https://download.macromedia.com/pub/shockwa...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E112D0B4-9BCE-4A5E-B251-65F50979E8BA}: NameServer = 80.10.246.130 80.10.246.3 O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5858 bytes J'espère que çà va aller mieux lol ( c'est juste qu' Avira m'alerte que certains trojans se logent encore ds on système. Mais s'ils s'y trouvent volume system information alors n'ai-je rien à craindre puisqu'inactifs? Merci bcp bcp bcp en tt cas; c'est vrai la machine respire mieux.
  9. Kryx
    Bonjour Kalfra, dsl jn'ai pas pu y être hier soir à cause du décalage horaire. Voici donc le log de combo avec le script que vous m'avez envoyé. ComboFix 08-08-10.05 - Karnik 2008-08-12 8:48:43.4 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.265 [GMT 4:00] Endroit: C:\Documents and Settings\Karnik\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Karnik\Bureau\CFScript.txt * Création d'un nouveau point de restauration FILE :: C:\WINDOWS\system32\Smab0.dll C:\WINDOWS\system32\yvrgme.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\Smab0.dll . ((((((((((((((((((((((((((((( Fichiers créés 2008-07-12 to 2008-08-12 )))))))))))))))))))))))))))))))))))) . 2008-08-11 21:04 . 2008-08-11 21:04 <REP> d-------- C:\Deckard 2008-08-11 17:59 . 2008-08-11 17:59 <REP> d-------- C:\Program Files\OpenOffice.org 2.4 2008-08-10 20:26 . 2008-08-10 23:58 <REP> d-------- C:\Program Files\a-squared Free 2008-08-10 17:33 . 2008-08-10 17:33 <REP> d-------- C:\Documents and Settings\matthias\Application Data\Comodo 2008-08-10 14:26 . 2008-08-10 14:26 249,592 --a------ C:\WINDOWS\system32\cssdll32.dll 2008-08-10 14:25 . 2008-08-10 14:26 <REP> d-------- C:\Program Files\COMODO 2008-08-10 14:25 . 2008-08-10 14:25 <REP> d-------- C:\Documents and Settings\Karnik\Application Data\Comodo 2008-08-10 14:25 . 2008-08-10 15:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\comodo 2008-08-10 14:25 . 2008-08-10 14:25 143,104 --a------ C:\WINDOWS\system32\guard32.dll 2008-08-10 14:25 . 2008-08-10 14:25 87,056 --a------ C:\WINDOWS\system32\drivers\cmdguard.sys 2008-08-10 14:25 . 2008-08-10 14:25 24,208 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys 2008-08-10 14:15 . 2008-08-10 14:15 <REP> d-------- C:\Program Files\Avira 2008-08-10 14:15 . 2008-08-10 14:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-08-10 12:46 . 2008-08-10 12:46 <REP> d-------- C:\Program Files\Secunia 2008-08-10 12:23 . 2008-08-11 19:49 <REP> d-------- C:\Documents and Settings\Karnik\Application Data\.purple 2008-08-10 12:22 . 2008-08-10 12:22 <REP> d-------- C:\Program Files\Pidgin 2008-08-10 04:47 . 2008-08-10 04:47 <REP> d-------- C:\Program Files\MSXML 4.0 2008-08-10 04:38 . 2008-06-14 21:33 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-08-10 04:35 . 2008-05-08 18:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys 2008-08-10 04:04 . 2008-08-10 04:04 <REP> d-------- C:\WINDOWS\system32\fr 2008-08-10 03:59 . 2008-08-10 04:05 <REP> d-------- C:\WINDOWS\ServicePackFiles 2008-08-10 03:58 . 2008-04-13 19:34 294,912 -----c--- C:\WINDOWS\system32\dllcache\dlimport.exe 2008-08-10 03:52 . 2006-12-28 12:01 19,569 --a------ C:\WINDOWS\002952_.tmp 2008-08-10 00:34 . 2008-08-10 04:49 <REP> d-------- C:\WINDOWS\system32\fr-fr 2008-08-10 00:28 . 2008-08-10 04:49 <REP> d--h----- C:\WINDOWS\$hf_mig$ 2008-08-09 20:10 . 2008-08-09 20:10 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-09 20:10 . 2008-08-09 20:10 <REP> d-------- C:\Documents and Settings\Karnik\Application Data\Malwarebytes 2008-08-09 20:10 . 2008-08-09 20:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-09 20:10 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-08-09 20:10 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-08-09 19:25 . 2008-08-09 19:25 <REP> d-------- C:\WINDOWS\ERUNT 2008-08-09 14:16 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-08-09 14:16 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-08-09 14:16 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-08-09 14:16 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-08-09 13:10 . 2008-08-09 13:10 <REP> d-------- C:\Program Files\Trend Micro 2008-07-30 14:19 . 2008-08-04 14:04 <REP> d-------- C:\Program Files\GOA 2008-07-29 22:08 . 2008-07-29 22:08 <REP> d---s---- C:\Documents and Settings\guilli\UserData 2008-07-29 10:31 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui 2008-07-29 10:31 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui 2008-07-29 10:31 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui 2008-07-29 10:31 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2060-08-18 14:40 909,824 ----a-w C:\WINDOWS\system32\cp3245mt.dll 2008-08-11 13:58 --------- d-----w C:\Program Files\OpenOffice.org 2.3 2008-08-11 13:53 --------- d-----w C:\Program Files\Java 2008-08-11 13:49 --------- d-----w C:\Documents and Settings\Karnik\Application Data\OpenOffice.org2 2008-08-10 12:20 --------- d-----w C:\Documents and Settings\Karnik\Application Data\gtk-2.0 2008-08-10 10:05 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-08-10 04:32 --------- d-----w C:\Program Files\MSN Messenger 2008-08-09 21:06 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-08-09 20:49 --------- d-----w C:\Documents and Settings\Karnik\Application Data\AdobeUM 2008-08-06 17:53 --------- d-----w C:\Documents and Settings\guilli\Application Data\OpenOffice.org2 2008-07-30 12:22 --------- d-----w C:\Program Files\Common Files 2008-07-30 10:13 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-07-30 10:13 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2008-07-28 12:59 --------- d-----w C:\Program Files\Slayers Online 2008-07-11 10:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\CopyTransControlCenter 2008-07-10 03:56 --------- d-----w C:\Program Files\eRightSoft 2008-07-09 19:50 --------- d-----w C:\Documents and Settings\Karnik\Application Data\Xilisoft Corporation 2008-07-08 14:55 --------- d-----w C:\Documents and Settings\guilli\Application Data\ESET 2008-07-07 13:55 --------- d-----w C:\Program Files\SUPERAntiSpyware 2008-07-07 11:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-07-07 11:28 --------- d-----w C:\Documents and Settings\Karnik\Application Data\ESET 2008-07-07 11:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET 2008-07-05 23:31 --------- d-----w C:\Program Files\KeeBoo 2008-07-05 22:56 --------- d-----w C:\Program Files\MidiNotate 2008-07-05 22:54 --------- d-----w C:\Program Files\Klondike WAP Browser 2008-07-05 22:32 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-07-05 22:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-07-05 22:14 --------- d-----w C:\Documents and Settings\Karnik\Application Data\Lavasoft 2008-07-04 08:32 --------- d-----w C:\Program Files\Yacc Yet Another CSO Compressor 2008-06-29 16:50 --------- d-----w C:\Documents and Settings\guilli\Application Data\AdobeUM 2008-06-29 13:29 --------- d-----w C:\Program Files\WinAVI MP4 Converter 2008-06-29 08:25 --------- d-----w C:\Program Files\PhotoFiltre 2008-06-25 13:41 --------- d-----w C:\Documents and Settings\Karnik\Application Data\CopyTrans 2008-06-25 10:28 --------- d-----w C:\Documents and Settings\Karnik\Application Data\CopyTransControlCenter 2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-16 08:31 7,808 ----a-w C:\WINDOWS\system32\drivers\psi_mf.sys 2008-06-15 14:29 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-14 17:33 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-06-11 11:43 48 ----a-w C:\Documents and Settings\Karnik\Mes documentsUMD_DATA.BIN 2008-06-11 11:43 48 ----a-w C:\Documents and Settings\Karnik\BureauUMD_DATA.BIN 2005-07-14 08:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll 2005-06-26 11:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll 2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll 2004-01-24 20:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll 2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll 2005-02-28 09:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe 2004-01-24 20:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:34 15360] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 19:34 1695232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "RaidTool"="C:\Program Files\VIA\RAID\raid_tool.exe" [2005-04-26 11:22 589824] "CnxDslTaskBar"="C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe" [2002-04-04 13:33 397312] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 08:22 7700480] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 08:22 86016] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38 34672] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] "COMODO SafeSurf"="C:\Program Files\COMODO\SafeSurf\cssurf.exe" [2008-08-10 14:26 278264] "COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-08-10 14:25 1655552] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784] "nwiz"="nwiz.exe" [2006-10-22 08:22 1622016 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 19:34 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "UseDesktopIniCache"= 1 (0x1) "AllowLegacyWebView"= 1 (0x1) "AllowUnhashedWebView"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-07-07 17:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.I420"= i420vfw.dll "vidc.yv12"= yv12vfw.dll "vidc.I263"= i263_32.drv [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-08-10 14:25] R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-08-10 14:25] R3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2002-04-01 15:39] R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2002-04-01 15:39] R3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgN.sys [2002-04-04 13:31] S3 ASPI;Advanced SCSI Programming Interface Driver;C:\WINDOWS\System32\DRIVERS\ASPI32.sys [2002-07-17 09:05] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\k510bus.sys [2007-07-05 13:03] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2007-07-05 13:03] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2007-07-05 13:03] S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;C:\WINDOWS\system32\DRIVERS\libusb0.sys [2006-04-22 22:34] S3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 12:31] S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 11:45] S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 11:45] S3 z530bus;Sony Ericsson Z530 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\z530bus.sys [2007-07-05 13:03] S3 z530mdfl;Sony Ericsson Z530 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\z530mdfl.sys [2007-07-05 13:03] S3 z530mdm;Sony Ericsson Z530 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\z530mdm.sys [2007-07-05 13:03] S3 z530obex;Sony Ericsson Z530 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\z530obex.sys [2007-07-05 13:03] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56136216-321f-11dd-9ed5-d8171836e77e}] \Shell\AutoRun\command - SETUP.EXE -0 \Shell\Explore\Command - SETUP.EXE -E \Shell\Open\Command - SETUP.EXE -O [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56136217-321f-11dd-9ed5-d8171836e77e}] \Shell\AutoRun\command - SETUP.EXE -0 \Shell\Explore\Command - SETUP.EXE -E \Shell\Open\Command - SETUP.EXE -O *Newly Created Service* - CATCHME . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-12 08:52:29 Windows 5.1.2600 Service Pack 3 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-08-12 8:54:16 ComboFix-quarantined-files.txt 2008-08-12 04:54:08 ComboFix2.txt 2008-08-11 20:32:02 ComboFix3.txt 2008-08-11 18:04:13 ComboFix4.txt 2008-07-28 19:30:20 Pre-Run: 22,970,355,712 octets libres Post-Run: 22,957,895,680 octets libres 196 --- E O F --- 2008-08-10 00:49:58
  10. Kryx
    Bonsoir Kalfra. Ce doit être un vrai casse-tête,non? Voici le log de ComboFix: ComboFix 08-08-10.05 - Karnik 2008-08-12 0:22:24.3 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.305 [GMT 4:00] Endroit: C:\Documents and Settings\Karnik\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Karnik\Bureau\CFScript.txt * Création d'un nouveau point de restauration FILE :: C:\WINDOWS\system32\tmp.reg C:\WINDOWS\Tasks\SpyHunter Scanner.job GenC:\WINDOWS\system32\yvrgme.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\tmp.reg C:\WINDOWS\Tasks\SpyHunter Scanner.job . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_DAEDRIVER54 -------\Service_DAEDriver54 ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-11 to 2008-08-11 )))))))))))))))))))))))))))))))))))) . 2008-08-11 21:04 . 2008-08-11 21:04 <REP> d-------- C:\Deckard 2008-08-11 17:59 . 2008-08-11 17:59 <REP> d-------- C:\Program Files\OpenOffice.org 2.4 2008-08-10 20:26 . 2008-08-10 23:58 <REP> d-------- C:\Program Files\a-squared Free 2008-08-10 17:33 . 2008-08-10 17:33 <REP> d-------- C:\Documents and Settings\matthias\Application Data\Comodo 2008-08-10 14:26 . 2008-08-10 14:26 249,592 --a------ C:\WINDOWS\system32\cssdll32.dll 2008-08-10 14:25 . 2008-08-10 14:26 <REP> d-------- C:\Program Files\COMODO 2008-08-10 14:25 . 2008-08-10 14:25 <REP> d-------- C:\Documents and Settings\Karnik\Application Data\Comodo 2008-08-10 14:25 . 2008-08-10 15:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\comodo 2008-08-10 14:25 . 2008-08-10 14:25 143,104 --a------ C:\WINDOWS\system32\guard32.dll 2008-08-10 14:25 . 2008-08-10 14:25 87,056 --a------ C:\WINDOWS\system32\drivers\cmdguard.sys 2008-08-10 14:25 . 2008-08-10 14:25 24,208 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys 2008-08-10 14:15 . 2008-08-10 14:15 <REP> d-------- C:\Program Files\Avira 2008-08-10 14:15 . 2008-08-10 14:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-08-10 12:46 . 2008-08-10 12:46 <REP> d-------- C:\Program Files\Secunia 2008-08-10 12:23 . 2008-08-11 19:49 <REP> d-------- C:\Documents and Settings\Karnik\Application Data\.purple 2008-08-10 12:22 . 2008-08-10 12:22 <REP> d-------- C:\Program Files\Pidgin 2008-08-10 04:47 . 2008-08-10 04:47 <REP> d-------- C:\Program Files\MSXML 4.0 2008-08-10 04:38 . 2008-06-14 21:33 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-08-10 04:35 . 2008-05-08 18:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys 2008-08-10 04:04 . 2008-08-10 04:04 <REP> d-------- C:\WINDOWS\system32\fr 2008-08-10 03:59 . 2008-08-10 04:05 <REP> d-------- C:\WINDOWS\ServicePackFiles 2008-08-10 03:58 . 2008-04-13 19:34 294,912 -----c--- C:\WINDOWS\system32\dllcache\dlimport.exe 2008-08-10 03:52 . 2006-12-28 12:01 19,569 --a------ C:\WINDOWS\002952_.tmp 2008-08-10 00:34 . 2008-08-10 04:49 <REP> d-------- C:\WINDOWS\system32\fr-fr 2008-08-10 00:28 . 2008-08-10 04:49 <REP> d--h----- C:\WINDOWS\$hf_mig$ 2008-08-09 20:10 . 2008-08-09 20:10 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-09 20:10 . 2008-08-09 20:10 <REP> d-------- C:\Documents and Settings\Karnik\Application Data\Malwarebytes 2008-08-09 20:10 . 2008-08-09 20:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-09 20:10 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-08-09 20:10 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-08-09 19:25 . 2008-08-09 19:25 <REP> d-------- C:\WINDOWS\ERUNT 2008-08-09 14:16 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-08-09 14:16 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-08-09 14:16 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-08-09 14:16 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-08-09 13:10 . 2008-08-09 13:10 <REP> d-------- C:\Program Files\Trend Micro 2008-07-30 14:19 . 2008-08-04 14:04 <REP> d-------- C:\Program Files\GOA 2008-07-29 22:08 . 2008-07-29 22:08 <REP> d---s---- C:\Documents and Settings\guilli\UserData 2008-07-29 10:31 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui 2008-07-29 10:31 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui 2008-07-29 10:31 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui 2008-07-29 10:31 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui 2008-07-11 13:51 . 2008-07-11 14:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\CopyTransControlCenter . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2060-08-18 14:40 909,824 ----a-w C:\WINDOWS\system32\cp3245mt.dll 2008-08-11 13:58 --------- d-----w C:\Program Files\OpenOffice.org 2.3 2008-08-11 13:53 --------- d-----w C:\Program Files\Java 2008-08-11 13:49 --------- d-----w C:\Documents and Settings\Karnik\Application Data\OpenOffice.org2 2008-08-10 12:20 --------- d-----w C:\Documents and Settings\Karnik\Application Data\gtk-2.0 2008-08-10 10:05 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-08-10 04:32 --------- d-----w C:\Program Files\MSN Messenger 2008-08-09 21:06 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-08-09 20:49 --------- d-----w C:\Documents and Settings\Karnik\Application Data\AdobeUM 2008-08-06 17:53 --------- d-----w C:\Documents and Settings\guilli\Application Data\OpenOffice.org2 2008-07-30 12:22 --------- d-----w C:\Program Files\Common Files 2008-07-30 10:13 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-07-30 10:13 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2008-07-28 12:59 --------- d-----w C:\Program Files\Slayers Online 2008-07-10 03:56 --------- d-----w C:\Program Files\eRightSoft 2008-07-09 19:50 --------- d-----w C:\Documents and Settings\Karnik\Application Data\Xilisoft Corporation 2008-07-08 14:55 --------- d-----w C:\Documents and Settings\guilli\Application Data\ESET 2008-07-07 13:55 --------- d-----w C:\Program Files\SUPERAntiSpyware 2008-07-07 11:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-07-07 11:28 --------- d-----w C:\Documents and Settings\Karnik\Application Data\ESET 2008-07-07 11:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET 2008-07-05 23:31 --------- d-----w C:\Program Files\KeeBoo 2008-07-05 22:56 --------- d-----w C:\Program Files\MidiNotate 2008-07-05 22:54 --------- d-----w C:\Program Files\Klondike WAP Browser 2008-07-05 22:32 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-07-05 22:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-07-05 22:14 --------- d-----w C:\Documents and Settings\Karnik\Application Data\Lavasoft 2008-07-04 08:32 --------- d-----w C:\Program Files\Yacc Yet Another CSO Compressor 2008-06-29 16:50 --------- d-----w C:\Documents and Settings\guilli\Application Data\AdobeUM 2008-06-29 13:29 --------- d-----w C:\Program Files\WinAVI MP4 Converter 2008-06-29 08:25 --------- d-----w C:\Program Files\PhotoFiltre 2008-06-25 13:41 --------- d-----w C:\Documents and Settings\Karnik\Application Data\CopyTrans 2008-06-25 10:28 --------- d-----w C:\Documents and Settings\Karnik\Application Data\CopyTransControlCenter 2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-16 08:31 7,808 ----a-w C:\WINDOWS\system32\drivers\psi_mf.sys 2008-06-15 14:29 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-14 17:33 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-06-11 11:43 48 ----a-w C:\Documents and Settings\Karnik\Mes documentsUMD_DATA.BIN 2008-06-11 11:43 48 ----a-w C:\Documents and Settings\Karnik\BureauUMD_DATA.BIN 2008-06-11 11:35 --------- d-----w C:\Program Files\Apollo PSP Video Converter 2005-07-14 08:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll 2005-06-26 11:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll 2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll 2004-01-24 20:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll 2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll 2007-12-17 13:43 27,648 --sh--w C:\WINDOWS\system32\Smab0.dll 2005-02-28 09:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe 2004-01-24 20:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:34 15360] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 19:34 1695232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "RaidTool"="C:\Program Files\VIA\RAID\raid_tool.exe" [2005-04-26 11:22 589824] "CnxDslTaskBar"="C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe" [2002-04-04 13:33 397312] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 08:22 7700480] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 08:22 86016] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38 34672] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] "COMODO SafeSurf"="C:\Program Files\COMODO\SafeSurf\cssurf.exe" [2008-08-10 14:26 278264] "COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-08-10 14:25 1655552] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784] "nwiz"="nwiz.exe" [2006-10-22 08:22 1622016 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 19:34 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "UseDesktopIniCache"= 1 (0x1) "AllowLegacyWebView"= 1 (0x1) "AllowUnhashedWebView"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-07-07 17:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.I420"= i420vfw.dll "vidc.yv12"= yv12vfw.dll "vidc.I263"= i263_32.drv [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-08-10 14:25] R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-08-10 14:25] R3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2002-04-01 15:39] R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2002-04-01 15:39] R3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgN.sys [2002-04-04 13:31] S3 ASPI;Advanced SCSI Programming Interface Driver;C:\WINDOWS\System32\DRIVERS\ASPI32.sys [2002-07-17 09:05] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\k510bus.sys [2007-07-05 13:03] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2007-07-05 13:03] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2007-07-05 13:03] S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;C:\WINDOWS\system32\DRIVERS\libusb0.sys [2006-04-22 22:34] S3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 12:31] S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 11:45] S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 11:45] S3 z530bus;Sony Ericsson Z530 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\z530bus.sys [2007-07-05 13:03] S3 z530mdfl;Sony Ericsson Z530 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\z530mdfl.sys [2007-07-05 13:03] S3 z530mdm;Sony Ericsson Z530 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\z530mdm.sys [2007-07-05 13:03] S3 z530obex;Sony Ericsson Z530 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\z530obex.sys [2007-07-05 13:03] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56136216-321f-11dd-9ed5-d8171836e77e}] \Shell\AutoRun\command - SETUP.EXE -0 \Shell\Explore\Command - SETUP.EXE -E \Shell\Open\Command - SETUP.EXE -O [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56136217-321f-11dd-9ed5-d8171836e77e}] \Shell\AutoRun\command - SETUP.EXE -0 \Shell\Explore\Command - SETUP.EXE -E \Shell\Open\Command - SETUP.EXE -O . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-12 00:27:59 Windows 5.1.2600 Service Pack 3 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\WINDOWS\system32\nvsvc32.exe . ************************************************************************** . Temps d'accomplissement: 2008-08-12 0:32:00 - machine was rebooted ComboFix-quarantined-files.txt 2008-08-11 20:31:48 ComboFix2.txt 2008-08-11 18:04:13 ComboFix3.txt 2008-07-28 19:30:20 Pre-Run: 23,008,960,512 octets libres Post-Run: 22,992,400,384 octets libres 212 --- E O F --- 2008-08-10 00:49:58 + unnew log de hijackthis come demandé^^: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:42:47, on 12/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\COMODO\SafeSurf\cssurf.exe C:\Program Files\COMODO\Firewall\cfp.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - https://download.macromedia.com/pub/shockwa...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E112D0B4-9BCE-4A5E-B251-65F50979E8BA}: NameServer = 80.10.246.130 80.10.246.3 O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5806 bytes p.s: mon lecteur de cd-dvd a la mauvaise manie de rester ouvert, ceci pourrait-il être dû à un malware?( qd je reboot la machine il ferme puis s'ouvre et reste ainsi ouvert ). Merci de m'aider en tout cas!
  11. Kryx
    Désolé du double-poste, je voulais juste rajouter qu'aucun de mes périphériques de bases ( sauf l'imprimante ) ne fonctionnent sous USB. Peut-être ces librairies sont-elles les traces de lecteurs mp3, gsm ou autres périph du genre.
  12. Kryx
    Re! Avec le log de Combofix sous les bras: ComboFix 08-08-10.05 - Karnik 2008-08-11 21:52:30.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.204 [GMT 4:00] Endroit: C:\Documents and Settings\Karnik\Bureau\ComboFix.exe * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\pack.epk C:\WINDOWS\system32\DgPqsvut.ini C:\WINDOWS\system32\DgPqsvut.ini2 C:\WINDOWS\system32\gbmnjviv.ini C:\WINDOWS\system32\gifplvxf.ini C:\WINDOWS\system32\iiceypaw.ini C:\WINDOWS\system32\ijvmdnyj.ini C:\WINDOWS\system32\lsprst7.dll C:\WINDOWS\system32\lsxbuvfl.ini C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\MlmTEfhk.ini C:\WINDOWS\system32\MlmTEfhk.ini2 C:\WINDOWS\system32\nwpvalxa.ini C:\WINDOWS\system32\sjrginae.ini C:\WINDOWS\system32\ssprs.dll C:\WINDOWS\system32\ttcusgno.ini C:\WINDOWS\system32\txbggysp.ini . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-11 to 2008-08-11 )))))))))))))))))))))))))))))))))))) . 2008-08-11 21:04 . 2008-08-11 21:04 <REP> d-------- C:\Deckard 2008-08-11 17:59 . 2008-08-11 17:59 <REP> d-------- C:\Program Files\OpenOffice.org 2.4 2008-08-10 20:26 . 2008-08-10 23:58 <REP> d-------- C:\Program Files\a-squared Free 2008-08-10 17:33 . 2008-08-10 17:33 <REP> d-------- C:\Documents and Settings\matthias\Application Data\Comodo 2008-08-10 14:26 . 2008-08-10 14:26 249,592 --a------ C:\WINDOWS\system32\cssdll32.dll 2008-08-10 14:25 . 2008-08-10 14:26 <REP> d-------- C:\Program Files\COMODO 2008-08-10 14:25 . 2008-08-10 14:25 <REP> d-------- C:\Documents and Settings\Karnik\Application Data\Comodo 2008-08-10 14:25 . 2008-08-10 15:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\comodo 2008-08-10 14:25 . 2008-08-10 14:25 143,104 --a------ C:\WINDOWS\system32\guard32.dll 2008-08-10 14:25 . 2008-08-10 14:25 87,056 --a------ C:\WINDOWS\system32\drivers\cmdguard.sys 2008-08-10 14:25 . 2008-08-10 14:25 24,208 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys 2008-08-10 14:15 . 2008-08-10 14:15 <REP> d-------- C:\Program Files\Avira 2008-08-10 14:15 . 2008-08-10 14:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-08-10 12:46 . 2008-08-10 12:46 <REP> d-------- C:\Program Files\Secunia 2008-08-10 12:23 . 2008-08-11 19:49 <REP> d-------- C:\Documents and Settings\Karnik\Application Data\.purple 2008-08-10 12:22 . 2008-08-10 12:22 <REP> d-------- C:\Program Files\Pidgin 2008-08-10 04:47 . 2008-08-10 04:47 <REP> d-------- C:\Program Files\MSXML 4.0 2008-08-10 04:38 . 2008-06-14 21:33 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-08-10 04:35 . 2008-05-08 18:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys 2008-08-10 04:04 . 2008-08-10 04:04 <REP> d-------- C:\WINDOWS\system32\fr 2008-08-10 03:59 . 2008-08-10 04:05 <REP> d-------- C:\WINDOWS\ServicePackFiles 2008-08-10 03:58 . 2008-04-13 19:34 294,912 -----c--- C:\WINDOWS\system32\dllcache\dlimport.exe 2008-08-10 03:52 . 2006-12-28 12:01 19,569 --a------ C:\WINDOWS\002952_.tmp 2008-08-10 00:34 . 2008-08-10 04:49 <REP> d-------- C:\WINDOWS\system32\fr-fr 2008-08-10 00:28 . 2008-08-10 04:49 <REP> d--h----- C:\WINDOWS\$hf_mig$ 2008-08-09 20:10 . 2008-08-09 20:10 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-09 20:10 . 2008-08-09 20:10 <REP> d-------- C:\Documents and Settings\Karnik\Application Data\Malwarebytes 2008-08-09 20:10 . 2008-08-09 20:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-09 20:10 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-08-09 20:10 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-08-09 19:25 . 2008-08-09 19:25 <REP> d-------- C:\WINDOWS\ERUNT 2008-08-09 14:18 . 2008-08-09 18:08 2,952 --a------ C:\WINDOWS\system32\tmp.reg 2008-08-09 14:16 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-08-09 14:16 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-08-09 14:16 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-08-09 14:16 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-08-09 13:10 . 2008-08-09 13:10 <REP> d-------- C:\Program Files\Trend Micro 2008-07-30 14:19 . 2008-08-04 14:04 <REP> d-------- C:\Program Files\GOA 2008-07-29 22:08 . 2008-07-29 22:08 <REP> d---s---- C:\Documents and Settings\guilli\UserData 2008-07-29 10:31 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui 2008-07-29 10:31 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui 2008-07-29 10:31 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui 2008-07-29 10:31 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui 2008-07-11 13:51 . 2008-07-11 14:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\CopyTransControlCenter . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2060-08-18 14:40 909,824 ----a-w C:\WINDOWS\system32\cp3245mt.dll 2008-08-11 13:58 --------- d-----w C:\Program Files\OpenOffice.org 2.3 2008-08-11 13:53 --------- d-----w C:\Program Files\Java 2008-08-11 13:49 --------- d-----w C:\Documents and Settings\Karnik\Application Data\OpenOffice.org2 2008-08-10 12:20 --------- d-----w C:\Documents and Settings\Karnik\Application Data\gtk-2.0 2008-08-10 10:05 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-08-10 04:32 --------- d-----w C:\Program Files\MSN Messenger 2008-08-09 21:06 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-08-09 20:49 --------- d-----w C:\Documents and Settings\Karnik\Application Data\AdobeUM 2008-08-06 17:53 --------- d-----w C:\Documents and Settings\guilli\Application Data\OpenOffice.org2 2008-07-30 12:22 --------- d-----w C:\Program Files\Common Files 2008-07-30 10:13 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-07-30 10:13 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2008-07-28 12:59 --------- d-----w C:\Program Files\Slayers Online 2008-07-10 03:56 --------- d-----w C:\Program Files\eRightSoft 2008-07-09 19:50 --------- d-----w C:\Documents and Settings\Karnik\Application Data\Xilisoft Corporation 2008-07-08 14:55 --------- d-----w C:\Documents and Settings\guilli\Application Data\ESET 2008-07-07 13:55 --------- d-----w C:\Program Files\SUPERAntiSpyware 2008-07-07 11:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-07-07 11:28 --------- d-----w C:\Documents and Settings\Karnik\Application Data\ESET 2008-07-07 11:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET 2008-07-05 23:31 --------- d-----w C:\Program Files\KeeBoo 2008-07-05 22:56 --------- d-----w C:\Program Files\MidiNotate 2008-07-05 22:54 --------- d-----w C:\Program Files\Klondike WAP Browser 2008-07-05 22:32 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-07-05 22:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-07-05 22:14 --------- d-----w C:\Documents and Settings\Karnik\Application Data\Lavasoft 2008-07-04 08:32 --------- d-----w C:\Program Files\Yacc Yet Another CSO Compressor 2008-06-29 16:50 --------- d-----w C:\Documents and Settings\guilli\Application Data\AdobeUM 2008-06-29 13:29 --------- d-----w C:\Program Files\WinAVI MP4 Converter 2008-06-29 08:25 --------- d-----w C:\Program Files\PhotoFiltre 2008-06-25 13:41 --------- d-----w C:\Documents and Settings\Karnik\Application Data\CopyTrans 2008-06-25 10:28 --------- d-----w C:\Documents and Settings\Karnik\Application Data\CopyTransControlCenter 2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-16 08:31 7,808 ----a-w C:\WINDOWS\system32\drivers\psi_mf.sys 2008-06-15 14:29 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-14 17:33 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-06-11 11:43 48 ----a-w C:\Documents and Settings\Karnik\Mes documentsUMD_DATA.BIN 2008-06-11 11:43 48 ----a-w C:\Documents and Settings\Karnik\BureauUMD_DATA.BIN 2008-06-11 11:35 --------- d-----w C:\Program Files\Apollo PSP Video Converter 2005-07-14 08:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll 2005-06-26 11:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll 2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll 2004-01-24 20:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll 2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll 2007-12-17 13:43 27,648 --sh--w C:\WINDOWS\system32\Smab0.dll 2005-02-28 09:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe 2004-01-24 20:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll . ((((((((((((((((((((((((((((( snapshot@2008-07-28_23.28.48.81 ))))))))))))))))))))))))))))))))))))))))) . + 2008-04-13 15:33:20 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll - 2004-06-11 16:43:18 1,852,416 ----a-w C:\WINDOWS\AppPatch\AcGenral.dll + 2008-04-13 15:33:20 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll - 2004-06-11 16:43:18 449,536 ----a-w C:\WINDOWS\AppPatch\AcLayers.dll + 2008-04-13 15:33:20 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll - 2004-06-11 16:43:18 137,728 ----a-w C:\WINDOWS\AppPatch\AcLua.dll + 2008-04-13 15:33:20 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll - 2004-06-11 16:43:18 243,712 ----a-w C:\WINDOWS\AppPatch\AcSpecfc.dll + 2008-04-13 15:33:20 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll - 2004-06-11 16:43:18 116,224 ----a-w C:\WINDOWS\AppPatch\AcXtrnal.dll + 2008-04-13 15:33:20 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll + 2008-06-14 17:33:37 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys + 2008-04-13 15:34:12 58,368 ------w C:\WINDOWS\ehome\medctrro.exe + 2005-10-20 16:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE + 2008-08-07 12:27:05 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2008-08-09 15:25:25 8,175,616 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT + 2008-08-09 15:25:26 1,691,648 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-08-07 12:27:05 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2008-08-09 15:25:14 8,175,616 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT + 2008-08-09 15:25:15 1,691,648 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat - 2004-06-11 16:43:42 1,034,240 ----a-w C:\WINDOWS\explorer.exe + 2008-04-13 15:34:04 1,037,824 ----a-w C:\WINDOWS\explorer.exe - 2004-06-11 16:43:34 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll + 2008-04-13 15:33:42 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll - 2004-06-11 16:43:36 33,280 ----a-w C:\WINDOWS\Help\sstub.dll + 2008-04-13 15:33:48 33,280 ----a-w C:\WINDOWS\Help\sstub.dll - 2004-06-11 16:43:36 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll + 2008-04-13 15:33:48 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll - 2004-06-11 16:43:42 10,752 ----a-w C:\WINDOWS\hh.exe + 2008-04-13 15:34:08 10,752 ----a-w C:\WINDOWS\hh.exe + 2004-06-11 16:43:18 61,440 -c----w C:\WINDOWS\ie7\admparse.dll + 2004-06-11 16:43:18 101,888 -c----w C:\WINDOWS\ie7\advpack.dll + 2004-06-11 16:43:18 869,888 -c----w C:\WINDOWS\ie7\browseui.dll + 2006-06-02 19:32:20 33,792 -c----w C:\WINDOWS\ie7\custsat.dll + 2004-06-11 16:43:22 358,912 -c----w C:\WINDOWS\ie7\dxtmsft.dll + 2004-06-11 16:43:22 205,824 -c----w C:\WINDOWS\ie7\dxtrans.dll + 2004-06-11 16:43:22 55,808 -c----w C:\WINDOWS\ie7\extmgr.dll + 2004-06-11 16:43:24 38,400 -c----w C:\WINDOWS\ie7\hmmapi.dll + 2004-06-11 16:43:42 33,280 -c----w C:\WINDOWS\ie7\ie4uinit.exe + 2004-06-11 16:43:24 139,264 -c----w C:\WINDOWS\ie7\ieakeng.dll + 2004-06-11 16:43:24 221,696 -c----w C:\WINDOWS\ie7\ieaksie.dll + 2001-08-28 13:00:00 245,760 -c----w C:\WINDOWS\ie7\ieakui.dll + 2004-06-11 16:43:24 319,488 -c----w C:\WINDOWS\ie7\iedkcs32.dll + 2004-06-11 16:43:42 18,432 -c----w C:\WINDOWS\ie7\iedw.exe + 2004-06-11 16:43:24 81,920 -c----w C:\WINDOWS\ie7\ieencode.dll + 2004-06-11 16:43:24 247,296 -c----w C:\WINDOWS\ie7\iepeers.dll + 2004-06-11 16:43:24 26,624 -c----w C:\WINDOWS\ie7\iernonce.dll + 2004-06-11 16:43:24 62,976 -c----w C:\WINDOWS\ie7\iesetup.dll + 2004-06-11 16:43:42 93,184 -c----w C:\WINDOWS\ie7\iexplore.exe + 2004-06-11 16:43:24 34,816 -c----w C:\WINDOWS\ie7\imgutil.dll + 2004-06-11 16:43:24 81,408 -c----w C:\WINDOWS\ie7\inseng.dll + 2004-06-11 16:43:26 450,560 -c----w C:\WINDOWS\ie7\jscript.dll + 2004-06-11 16:43:26 15,872 -c----w C:\WINDOWS\ie7\jsproxy.dll + 2004-06-11 16:43:26 22,528 -c----w C:\WINDOWS\ie7\licmgr10.dll + 2004-06-11 16:43:44 29,184 -c----w C:\WINDOWS\ie7\mshta.exe + 2004-06-11 16:43:28 3,035,136 -c----w C:\WINDOWS\ie7\mshtml.dll + 2004-06-11 16:43:28 452,608 -c----w C:\WINDOWS\ie7\mshtmled.dll + 2004-06-11 16:35:40 57,344 -c----w C:\WINDOWS\ie7\mshtmler.dll + 2001-08-28 13:00:00 146,432 -c----w C:\WINDOWS\ie7\msls31.dll + 2004-06-11 16:43:30 146,432 -c----w C:\WINDOWS\ie7\msrating.dll + 2004-06-11 16:43:30 530,432 -c----w C:\WINDOWS\ie7\mstime.dll + 2004-06-11 16:43:30 96,768 -c----w C:\WINDOWS\ie7\occache.dll + 2004-06-11 16:43:32 39,424 -c----w C:\WINDOWS\ie7\pngfilt.dll + 2004-06-11 16:43:34 1,464,320 -c----w C:\WINDOWS\ie7\shdocvw.dll + 2004-06-11 16:43:34 474,112 -c----w C:\WINDOWS\ie7\shlwapi.dll + 2007-09-26 14:34:42 33,472 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll + 2007-09-26 14:32:30 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe + 2006-09-06 13:43:28 216,800 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe + 2006-09-06 13:43:30 394,976 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll + 2004-06-11 16:43:36 37,376 -c----w C:\WINDOWS\ie7\url.dll + 2004-06-11 16:43:36 599,552 -c----w C:\WINDOWS\ie7\urlmon.dll + 2004-06-11 16:43:36 421,888 -c----w C:\WINDOWS\ie7\vbscript.dll + 2004-06-11 16:43:36 848,896 -c----w C:\WINDOWS\ie7\vgx.dll + 2004-06-11 16:43:38 281,600 -c----w C:\WINDOWS\ie7\webcheck.dll + 2004-06-11 16:43:38 652,800 -c----w C:\WINDOWS\ie7\wininet.dll + 2007-08-13 14:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll + 2007-08-13 14:35:46 346,624 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll + 2007-08-13 14:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll + 2007-08-13 14:54:10 131,584 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll + 2007-08-13 14:36:26 61,952 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll + 2007-08-13 14:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe + 2007-08-13 14:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll + 2007-08-13 14:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll + 2007-08-13 13:56:54 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll + 2007-02-12 12:10:12 2,451,312 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dat + 2007-07-11 08:27:48 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll + 2007-08-13 14:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll + 2007-08-13 14:54:10 6,049,280 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll + 2007-08-13 14:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll + 2007-08-13 14:34:04 266,752 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll + 2007-08-13 14:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe + 2007-08-13 14:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe + 2007-08-13 14:54:10 27,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll + 2007-08-13 14:54:10 458,752 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll + 2007-08-13 14:54:10 50,688 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll + 2007-08-13 14:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll + 2007-08-13 14:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll + 2007-08-13 14:44:26 192,000 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll + 2007-08-13 14:54:10 670,720 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll + 2007-08-13 14:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll + 2007-08-13 14:36:12 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll + 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe + 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll + 2007-08-13 14:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll + 2007-08-13 14:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll + 2007-08-13 14:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll + 2007-08-13 14:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll - 2004-06-11 16:43:28 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll + 2008-04-13 15:33:32 220,160 ----a-w C:\WINDOWS\ime\mscandui.dll - 2004-06-11 16:43:34 129,536 ----a-w C:\WINDOWS\ime\SOFTKBD.DLL + 2008-04-13 15:33:42 130,048 ----a-w C:\WINDOWS\ime\softkbd.dll - 2004-06-10 15:45:58 62,976 ----a-w C:\WINDOWS\ime\SPGRMR.dll + 2008-04-13 05:43:20 62,976 ----a-w C:\WINDOWS\ime\spgrmr.dll - 2004-06-11 16:43:34 272,384 ----a-w C:\WINDOWS\ime\SPTIP.dll + 2008-04-13 15:33:48 272,384 ----a-w C:\WINDOWS\ime\sptip.dll - 2004-06-11 16:43:46 208,896 ----a-w C:\WINDOWS\inf\unregmp2.exe + 2008-04-13 15:34:28 208,896 ----a-w C:\WINDOWS\inf\unregmp2.exe + 2008-08-11 14:01:15 2,363,392 ----a-r C:\WINDOWS\Installer\{A122962F-331A-4C2E-93DB-AD92D8A4FB14}\soffice.exe + 2007-12-12 11:06:42 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A90000000001}\SC_Reader.exe + 2008-08-10 00:47:49 32,768 ----a-r C:\WINDOWS\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe - 2008-04-20 09:42:05 29,926 ----a-r C:\WINDOWS\Installer\{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}\MsblIco.Exe + 2008-08-10 04:32:54 29,926 ----a-r C:\WINDOWS\Installer\{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}\MsblIco.Exe + 2008-01-18 04:13:10 2,247 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscdsbl.bat + 2007-12-11 23:33:52 18,917 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscinst.vbs + 2007-10-29 23:06:48 13,801 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscuinst.vbs + 2008-04-13 15:33:08 25,600 ------w C:\WINDOWS\Installer\tsclientmsitrans\tscupdc.dll - 2004-06-11 16:43:18 23,552 ----a-w C:\WINDOWS\msagent\agentanm.dll + 2008-04-13 15:33:20 24,064 ----a-w C:\WINDOWS\msagent\agentanm.dll - 2004-06-11 16:43:18 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll + 2008-04-13 15:33:20 214,016 ----a-w C:\WINDOWS\msagent\agentctl.dll - 2004-06-11 16:43:18 41,984 ----a-w C:\WINDOWS\msagent\agentdp2.dll + 2008-04-13 15:33:20 42,496 ----a-w C:\WINDOWS\msagent\agentdp2.dll - 2004-06-11 16:43:18 58,880 ----a-w C:\WINDOWS\msagent\agentdpv.dll + 2008-04-13 15:33:20 57,344 ----a-w C:\WINDOWS\msagent\agentdpv.dll - 2004-06-11 16:43:18 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll + 2008-04-13 15:33:20 49,152 ----a-w C:\WINDOWS\msagent\agentmpx.dll - 2004-06-11 16:43:18 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll + 2008-04-13 15:33:20 24,064 ----a-w C:\WINDOWS\msagent\agentpsh.dll - 2004-06-11 16:43:18 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll + 2008-04-13 15:33:20 44,032 ----a-w C:\WINDOWS\msagent\agentsr.dll - 2004-06-11 16:43:40 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe + 2008-04-13 15:33:54 256,512 ----a-w C:\WINDOWS\msagent\agentsvr.exe - 2004-06-11 16:43:18 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll + 2008-04-13 15:33:20 24,064 ----a-w C:\WINDOWS\msagent\agtintl.dll - 2001-08-28 13:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll + 2007-04-02 07:26:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0405.dll - 2001-08-28 13:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll + 2007-04-02 07:26:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0406.dll - 2001-08-28 13:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll + 2007-04-02 07:26:02 21,504 ----a-w C:\WINDOWS\msagent\intl\agt0407.dll - 2001-08-28 13:00:00 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll + 2007-04-02 07:26:02 22,016 ----a-w C:\WINDOWS\msagent\intl\agt0408.dll - 2001-08-28 13:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll + 2008-04-13 06:32:30 19,968 ----a-w C:\WINDOWS\msagent\intl\agt0409.dll - 2001-08-28 13:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll + 2007-04-02 07:26:02 19,456 ----a-w C:\WINDOWS\msagent\intl\agt040b.dll - 2001-08-28 13:00:00 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll + 2007-04-02 07:26:02 21,504 ----a-w C:\WINDOWS\msagent\intl\agt040c.dll - 2001-08-28 13:00:00 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll + 2007-04-02 07:26:02 19,968 ----a-w C:\WINDOWS\msagent\intl\agt040e.dll - 2001-08-28 13:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll + 2007-04-02 07:26:02 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0410.dll - 2001-08-28 13:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll + 2007-04-02 07:26:02 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0413.dll - 2001-08-28 13:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll + 2007-04-02 07:26:02 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0414.dll - 2001-08-28 13:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll + 2007-04-02 07:26:02 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0415.dll - 2001-08-28 13:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll + 2007-04-02 07:26:02 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0416.dll - 2001-08-28 13:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll + 2007-04-02 07:26:02 19,456 ----a-w C:\WINDOWS\msagent\intl\agt0419.dll - 2001-08-28 13:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll + 2007-04-02 07:26:02 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041d.dll - 2001-08-28 13:00:00 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll + 2007-04-02 07:26:02 19,456 ----a-w C:\WINDOWS\msagent\intl\agt041f.dll - 2001-08-28 13:00:00 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll + 2007-04-02 07:26:04 20,992 ----a-w C:\WINDOWS\msagent\intl\agt0816.dll - 2001-08-28 13:00:00 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll + 2007-04-02 07:26:04 20,480 ----a-w C:\WINDOWS\msagent\intl\agt0c0a.dll - 2004-06-11 16:43:28 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll + 2008-04-13 15:33:34 39,936 ----a-w C:\WINDOWS\msagent\mslwvtts.dll + 2008-04-13 15:33:24 33,792 ------w C:\WINDOWS\network diagnostic\custsat.dll + 2008-04-13 07:53:34 558,080 ------w C:\WINDOWS\network diagnostic\xpnetdiag.exe - 2004-06-11 16:43:44 70,656 ----a-w C:\WINDOWS\NOTEPAD.EXE + 2008-04-13 15:34:16 70,656 ----a-w C:\WINDOWS\notepad.exe - 2004-06-11 16:43:42 767,488 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe + 2008-04-13 15:34:08 769,024 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe - 2004-06-11 16:43:42 743,936 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe + 2008-04-13 15:34:08 744,448 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe - 2004-06-11 16:43:42 18,944 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HscUpd.exe + 2008-04-13 15:34:08 18,432 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\hscupd.exe - 2004-06-11 16:43:44 160,768 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe + 2008-04-13 15:34:14 172,544 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe - 2004-06-11 16:43:28 381,952 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll + 2008-04-13 15:33:34 382,464 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msinfo.dll - 2004-06-11 16:43:32 102,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll + 2008-04-13 15:33:40 102,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchshell.dll - 2004-06-11 16:43:32 38,912 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll + 2008-04-13 15:33:40 38,400 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - 2006-05-25 08:47:30 8,738 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cntstore.bin + 2008-08-10 00:07:07 8,972 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cntstore.bin - 2006-05-25 08:47:27 86,331 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat + 2008-08-10 00:08:30 86,331 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat - 2006-05-25 09:17:43 2,424 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin + 2008-08-10 00:08:30 2,738 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin - 2004-06-11 16:43:46 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\UploadM.exe + 2008-04-13 15:34:28 151,040 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\uploadm.exe - 2004-06-11 16:43:34 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll + 2008-04-13 15:33:48 151,552 ----a-w C:\WINDOWS\PeerNet\sqldb20.dll - 2004-06-11 16:43:34 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll + 2008-04-13 15:33:48 462,848 ----a-w C:\WINDOWS\PeerNet\sqlqp20.dll - 2004-06-11 16:43:34 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll + 2008-04-13 15:33:48 110,592 ----a-w C:\WINDOWS\PeerNet\sqlse20.dll - 2004-06-11 16:43:46 152,064 ----a-w C:\WINDOWS\regedit.exe + 2008-04-13 15:34:20 153,088 ----a-w C:\WINDOWS\regedit.exe + 2008-04-13 07:46:20 53,376 ------w C:\WINDOWS\ServicePackFiles\i386\1394bus.sys + 2008-04-13 07:40:52 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\4mmdat.sys + 2008-04-13 07:46:22 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\61883.sys + 2008-04-13 15:33:20 100,352 ------w C:\WINDOWS\ServicePackFiles\i386\6to4svc.dll + 2008-04-13 15:33:20 136,192 ------w C:\WINDOWS\ServicePackFiles\i386\aaclient.dll + 2008-04-13 05:36:02 231,552 ------w C:\WINDOWS\ServicePackFiles\i386\ac97ali.sys + 2008-04-13 05:36:08 84,480 ------w C:\WINDOWS\ServicePackFiles\i386\ac97via.sys + 2008-04-13 15:33:20 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\acadproc.dll + 2008-04-13 15:33:54 190,464 ------w C:\WINDOWS\ServicePackFiles\i386\accwiz.exe + 2008-04-13 15:33:20 1,852,928 ------w C:\WINDOWS\ServicePackFiles\i386\acgenral.dll + 2008-04-13 15:33:20 451,072 ------w C:\WINDOWS\ServicePackFiles\i386\aclayers.dll + 2008-04-13 15:33:20 141,312 ------w C:\WINDOWS\ServicePackFiles\i386\aclua.dll + 2008-04-13 15:33:20 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\aclui.dll + 2008-04-13 14:52:44 188,672 ------w C:\WINDOWS\ServicePackFiles\i386\acpi.sys + 2008-04-13 15:33:20 245,248 ------w C:\WINDOWS\ServicePackFiles\i386\acspecfc.dll + 2008-04-13 15:33:20 193,536 ------w C:\WINDOWS\ServicePackFiles\i386\activeds.dll + 2008-04-13 15:33:54 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\actmovie.exe + 2008-04-13 15:33:20 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\actxprxy.dll + 2008-04-13 15:33:20 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\acxtrnal.dll + 2008-04-13 15:33:20 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\admexs.dll + 2008-04-13 15:33:20 20,540 ------w C:\WINDOWS\ServicePackFiles\i386\admin.dll + 2008-04-13 15:33:54 16,439 ------w C:\WINDOWS\ServicePackFiles\i386\admin.exe + 2008-04-13 05:36:02 10,880 ------w C:\WINDOWS\ServicePackFiles\i386\admjoy.sys + 2008-04-13 15:33:20 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\admparse.dll + 2008-04-13 15:33:20 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\admwprox.dll + 2008-04-13 15:33:20 290,816 ------w C:\WINDOWS\ServicePackFiles\i386\adsiis51.dll + 2008-04-13 15:33:20 175,616 ------w C:\WINDOWS\ServicePackFiles\i386\adsldp.dll + 2008-04-13 15:33:20 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\adsldpc.dll + 2008-04-13 15:33:20 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\adsmsext.dll + 2008-04-13 15:33:20 263,680 ------w C:\WINDOWS\ServicePackFiles\i386\adsnt.dll + 2008-04-13 15:33:20 123,392 ------w C:\WINDOWS\ServicePackFiles\i386\adsnw.dll + 2007-04-02 02:10:46 85,813 ------w C:\WINDOWS\ServicePackFiles\i386\adsutil.vbs + 2008-04-13 15:33:20 4,255 ------w C:\WINDOWS\ServicePackFiles\i386\adv01nt5.dll + 2008-04-13 15:33:20 3,967 ------w C:\WINDOWS\ServicePackFiles\i386\adv02nt5.dll + 2008-04-13 15:33:20 3,615 ------w C:\WINDOWS\ServicePackFiles\i386\adv05nt5.dll + 2008-04-13 15:33:20 3,647 ------w C:\WINDOWS\ServicePackFiles\i386\adv07nt5.dll + 2008-04-13 15:33:20 3,135 ------w C:\WINDOWS\ServicePackFiles\i386\adv08nt5.dll + 2008-04-13 15:33:20 3,711 ------w C:\WINDOWS\ServicePackFiles\i386\adv09nt5.dll + 2008-04-13 15:33:20 3,775 ------w C:\WINDOWS\ServicePackFiles\i386\adv11nt5.dll + 2008-04-13 15:33:20 685,568 ------w C:\WINDOWS\ServicePackFiles\i386\advapi32.dll + 2008-04-13 15:33:20 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\advpack.dll + 2008-04-13 05:39:24 142,592 ------w C:\WINDOWS\ServicePackFiles\i386\aec.sys + 2008-04-13 08:19:24 138,112 ------w C:\WINDOWS\ServicePackFiles\i386\afd.sys + 2008-04-13 15:33:20 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentanm.dll + 2008-04-13 15:33:20 214,016 ------w C:\WINDOWS\ServicePackFiles\i386\agentctl.dll + 2008-04-13 15:33:20 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\agentdp2.dll + 2008-04-13 15:33:20 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\agentdpv.dll + 2008-04-13 15:33:20 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\agentmpx.dll + 2008-04-13 15:33:20 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agentpsh.dll + 2008-04-13 15:33:20 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\agentsr.dll + 2008-04-13 15:33:54 256,512 ------w C:\WINDOWS\ServicePackFiles\i386\agentsvr.exe + 2008-04-13 07:36:40 42,368 ------w C:\WINDOWS\ServicePackFiles\i386\agp440.sys + 2008-04-13 07:36:40 44,928 ------w C:\WINDOWS\ServicePackFiles\i386\agpcpq.sys + 2007-04-02 07:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0401.dll + 2007-04-02 07:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0404.dll + 2007-04-02 07:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0405.dll + 2007-04-02 07:26:00 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0406.dll + 2007-04-02 07:26:02 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\agt0407.dll + 2007-04-02 07:26:02 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\agt0408.dll + 2008-04-13 06:32:30 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\agt0409.dll + 2007-04-02 07:26:02 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt040b.dll + 2007-04-02 07:26:02 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\agt040c.dll + 2007-04-02 07:26:02 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt040d.dll + 2007-04-02 07:26:02 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\agt040e.dll + 2007-04-02 07:26:02 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0410.dll + 2007-04-02 07:26:02 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0411.dll + 2007-04-02 07:26:02 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0412.dll + 2007-04-02 07:26:02 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0413.dll + 2007-04-02 07:26:02 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0414.dll + 2007-04-02 07:26:02 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0415.dll + 2007-04-02 07:26:02 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\agt0416.dll + 2007-04-02 07:26:02 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0419.dll + 2007-04-02 07:26:02 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt041d.dll + 2007-04-02 07:26:02 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt041f.dll + 2007-04-02 07:26:04 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\agt0804.dll + 2007-04-02 07:26:04 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\agt0816.dll + 2007-04-02 07:26:04 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\agt0c0a.dll + 2008-04-13 15:33:20 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\agtintl.dll + 2008-04-13 15:33:54 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\ahui.exe + 2008-04-13 15:33:54 44,544 ------w C:\WINDOWS\ServicePackFiles\i386\alg.exe + 2008-04-13 07:36:40 42,752 ------w C:\WINDOWS\ServicePackFiles\i386\alim1541.sys + 2008-04-13 15:33:20 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\alrsvc.dll + 2008-04-13 07:36:40 43,008 ------w C:\WINDOWS\ServicePackFiles\i386\amdagp.sys + 2008-04-13 14:54:30 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\amdk6.sys + 2008-04-13 14:54:30 41,856 ------w C:\WINDOWS\ServicePackFiles\i386\amdk7.sys + 2008-04-13 15:33:20 70,656 ------w C:\WINDOWS\ServicePackFiles\i386\amstream.dll + 2008-04-13 05:35:30 36,224 ------w C:\WINDOWS\ServicePackFiles\i386\an983.sys + 2008-04-13 15:33:20 110,080 ------w C:\WINDOWS\ServicePackFiles\i386\appconf.dll + 2008-04-13 15:33:20 125,952 ------w C:\WINDOWS\ServicePackFiles\i386\apphelp.dll + 2008-04-13 15:33:20 176,640 ------w C:\WINDOWS\ServicePackFiles\i386\appmgmts.dll + 2008-04-13 15:33:20 302,592 ------w C:\WINDOWS\ServicePackFiles\i386\appmgr.dll + 2008-04-13 15:33:20 334,336 ------w C:\WINDOWS\ServicePackFiles\i386\aqueue.dll + 2008-04-13 07:51:26 60,800 ------w C:\WINDOWS\ServicePackFiles\i386\arp1394.sys + 2008-04-13 15:33:20 377,344 ------w C:\WINDOWS\ServicePackFiles\i386\asp51.dll + 2008-04-13 05:10:00 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\aspnet_filter.dll + 2008-04-13 05:10:00 200,704 ------w C:\WINDOWS\ServicePackFiles\i386\aspnet_isapi.dll + 2008-04-13 05:10:02 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\aspnet_regiis.exe + 2008-04-13 05:10:02 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\aspnet_state.exe + 2008-04-13 05:10:02 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\aspnet_wp.exe + 2008-04-13 15:33:54 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\asr_fmt.exe + 2008-04-13 15:33:54 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\asr_pfu.exe + 2008-04-13 15:33:20 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\asycfilt.dll + 2008-04-13 07:57:28 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\asyncmac.sys + 2008-04-13 15:33:54 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\at.exe + 2008-04-13 07:40:32 96,512 ------w C:\WINDOWS\ServicePackFiles\i386\atapi.sys + 2008-04-13 05:34:18 56,623 ------w C:\WINDOWS\ServicePackFiles\i386\ati1btxx.sys + 2008-04-13 05:34:18 11,615 ------w C:\WINDOWS\ServicePackFiles\i386\ati1mdxx.sys + 2008-04-13 05:34:18 12,047 ------w C:\WINDOWS\ServicePackFiles\i386\ati1pdxx.sys + 2008-04-13 05:34:18 30,671 ------w C:\WINDOWS\ServicePackFiles\i386\ati1raxx.sys + 2008-04-13 05:34:18 63,663 ------w C:\WINDOWS\ServicePackFiles\i386\ati1rvxx.sys + 2008-04-13 05:34:18 26,367 ------w C:\WINDOWS\ServicePackFiles\i386\ati1snxx.sys + 2008-04-13 05:34:18 21,343 ------w C:\WINDOWS\ServicePackFiles\i386\ati1ttxx.sys + 2008-04-13 05:34:18 36,463 ------w C:\WINDOWS\ServicePackFiles\i386\ati1tuxx.sys + 2008-04-13 05:34:20 29,455 ------w C:\WINDOWS\ServicePackFiles\i386\ati1xbxx.sys + 2008-04-13 05:34:20 34,735 ------w C:\WINDOWS\ServicePackFiles\i386\ati1xsxx.sys + 2008-04-13 15:33:20 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\ati2cqag.dll + 2008-04-13 15:33:20 377,984 ------w C:\WINDOWS\ServicePackFiles\i386\ati2dvaa.dll + 2008-04-13 15:33:20 201,728 ------w C:\WINDOWS\ServicePackFiles\i386\ati2dvag.dll + 2008-04-13 14:55:32 327,168 ------w C:\WINDOWS\ServicePackFiles\i386\ati2mtaa.sys + 2008-04-13 14:55:34 701,440 ------w C:\WINDOWS\ServicePackFiles\i386\ati2mtag.sys + 2008-04-13 15:33:20 870,784 ------w C:\WINDOWS\ServicePackFiles\i386\ati3d1ag.dll + 2008-04-13 15:33:20 1,057,760 ------w C:\WINDOWS\ServicePackFiles\i386\ati3d2ag.dll + 2008-04-13 15:33:20 1,888,992 ------w C:\WINDOWS\ServicePackFiles\i386\ati3duag.dll + 2008-04-13 05:34:18 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\atinbtxx.sys + 2008-04-13 05:34:18 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\atinmdxx.sys + 2008-04-13 05:34:18 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\atinpdxx.sys + 2008-04-13 05:34:18 52,224 ------w C:\WINDOWS\ServicePackFiles\i386\atinraxx.sys + 2008-04-13 05:34:18 104,960 ------w C:\WINDOWS\ServicePackFiles\i386\atinrvxx.sys + 2008-04-13 05:34:18 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\atinsnxx.sys + 2008-04-13 05:34:18 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\atinttxx.sys + 2008-04-13 05:34:18 73,216 ------w C:\WINDOWS\ServicePackFiles\i386\atintuxx.sys + 2008-04-13 05:34:20 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\atinxbxx.sys + 2008-04-13 05:34:20 63,488 ------w C:\WINDOWS\ServicePackFiles\i386\atinxsxx.sys + 2008-04-13 15:33:20 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\ativtmxx.dll + 2008-04-13 15:33:20 516,768 ------w C:\WINDOWS\ServicePackFiles\i386\ativvaxx.dll + 2008-04-13 15:33:20 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\atl.dll + 2008-04-13 15:33:54 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\atmadm.exe + 2008-04-13 07:51:26 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\atmarpc.sys + 2008-04-13 15:31:02 285,696 ------w C:\WINDOWS\ServicePackFiles\i386\atmfd.dll + 2008-04-13 07:51:32 55,808 ------w C:\WINDOWS\ServicePackFiles\i386\atmlane.sys + 2008-04-13 15:33:20 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\atmlib.dll + 2008-04-13 15:33:54 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\attrib.exe + 2008-04-13 15:33:20 21,183 ------w C:\WINDOWS\ServicePackFiles\i386\atv01nt5.dll + 2008-04-13 15:33:20 11,359 ------w C:\WINDOWS\ServicePackFiles\i386\atv02nt5.dll + 2008-04-13 15:33:20 25,471 ------w C:\WINDOWS\ServicePackFiles\i386\atv04nt5.dll + 2008-04-13 15:33:20 14,143 ------w C:\WINDOWS\ServicePackFiles\i386\atv06nt5.dll + 2008-04-13 15:33:20 17,279 ------w C:\WINDOWS\ServicePackFiles\i386\atv10nt5.dll + 2008-04-13 15:33:20 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\audiosrv.dll + 2008-04-13 15:33:54 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\auditusr.exe + 2008-04-13 15:33:20 20,540 ------w C:\WINDOWS\ServicePackFiles\i386\author.dll + 2008-04-13 15:33:54 16,439 ------w C:\WINDOWS\ServicePackFiles\i386\author.exe + 2008-04-13 15:33:20 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\authz.dll + 2008-04-13 15:33:54 625,152 ------w C:\WINDOWS\ServicePackFiles\i386\autochk.exe + 2008-04-13 15:33:54 638,976 ------w C:\WINDOWS\ServicePackFiles\i386\autoconv.exe + 2008-04-13 15:33:56 616,960 ------w C:\WINDOWS\ServicePackFiles\i386\autofmt.exe + 2008-04-13 15:33:56 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\autolfn.exe + 2008-04-13 07:46:22 38,912 ------w C:\WINDOWS\ServicePackFiles\i386\avc.sys + 2008-04-13 07:46:08 13,696 ------w C:\WINDOWS\ServicePackFiles\i386\avcstrm.sys + 2008-04-13 15:33:20 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\avifil32.dll + 2008-04-13 15:33:20 233,472 ------w C:\WINDOWS\ServicePackFiles\i386\azroles.dll + 2008-04-13 15:33:20 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\basesrv.dll + 2008-04-13 15:33:20 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\batmeter.dll + 2008-04-13 15:33:20 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\batt.dll + 2008-04-13 07:36:34 14,208 ------w C:\WINDOWS\ServicePackFiles\i386\battc.sys + 2008-04-13 07:46:22 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\bdasup.sys + 2008-04-13 15:33:20 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\bidispl.dll + 2008-04-13 15:33:20 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx2.dll + 2008-04-13 15:33:20 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx3.dll + 2008-04-13 15:33:20 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\bitsprx4.dll + 2008-04-13 15:33:56 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\blastcln.exe + 2008-04-13 15:33:56 158,208 ------w C:\WINDOWS\ServicePackFiles\i386\bootcfg.exe + 2008-04-13 07:53:24 71,552 ------w C:\WINDOWS\ServicePackFiles\i386\bridge.sys + 2008-04-13 14:57:50 70,144 ------w C:\WINDOWS\ServicePackFiles\i386\browselc.dll + 2008-04-13 15:33:22 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\browser.dll + 2008-04-13 15:33:22 1,025,024 ------w C:\WINDOWS\ServicePackFiles\i386\browseui.dll + 2008-04-13 15:33:22 78,336 ------w C:\WINDOWS\ServicePackFiles\i386\browsewm.dll + 2008-04-13 15:33:22 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\bthci.dll + 2008-04-13 07:46:34 17,024 ------w C:\WINDOWS\ServicePackFiles\i386\bthenum.sys + 2008-04-13 07:46:34 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\bthmodem.sys + 2008-04-13 07:51:36 101,120 ------w C:\WINDOWS\ServicePackFiles\i386\bthpan.sys + 2008-04-13 14:58:02 273,664 ------w C:\WINDOWS\ServicePackFiles\i386\bthport.sys + 2008-04-13 07:46:32 36,480 ------w C:\WINDOWS\ServicePackFiles\i386\bthprint.sys + 2008-04-13 15:33:22 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\bthserv.dll + 2008-04-13 07:46:30 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\bthusb.sys + 2008-04-13 15:33:22 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\btpanui.dll + 2008-04-13 15:33:22 218,112 ------w C:\WINDOWS\ServicePackFiles\i386\c_g18030.dll + 2008-04-13 15:33:22 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\cabinet.dll + 2008-04-13 15:33:22 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\cabview.dll + 2008-04-13 15:33:56 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\cacls.exe + 2008-04-13 15:33:22 385,024 ------w C:\WINDOWS\ServicePackFiles\i386\callcont.dll + 2008-04-13 15:33:22 121,856 ------w C:\WINDOWS\ServicePackFiles\i386\camext30.dll + 2008-04-13 15:33:22 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\camocx.dll + 2008-04-13 15:33:22 153,600 ------w C:\WINDOWS\ServicePackFiles\i386\capesnpn.dll + 2007-06-27 01:53:20 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\caspol.exe + 2008-04-13 15:33:22 226,304 ------w C:\WINDOWS\ServicePackFiles\i386\catsrv.dll + 2008-04-13 15:33:22 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\catsrvps.dll + 2008-04-13 15:33:22 625,664 ------w C:\WINDOWS\ServicePackFiles\i386\catsrvut.dll + 2008-04-13 07:46:24 17,024 ------w C:\WINDOWS\ServicePackFiles\i386\ccdecode.sys + 2008-04-13 08:14:22 63,744 ------w C:\WINDOWS\ServicePackFiles\i386\cdfs.sys + 2008-04-13 15:33:22 152,064 ------w C:\WINDOWS\ServicePackFiles\i386\cdfview.dll + 2008-04-13 15:33:22 66,560 ------w C:\WINDOWS\ServicePackFiles\i386\cdm.dll + 2008-04-13 15:33:22 2,091,520 ------w C:\WINDOWS\ServicePackFiles\i386\cdosys.dll + 2008-04-13 07:40:48 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\cdrom.sys + 2008-04-13 15:33:22 200,192 ------w C:\WINDOWS\ServicePackFiles\i386\certcli.dll + 2008-04-13 15:33:22 467,968 ------w C:\WINDOWS\ServicePackFiles\i386\certmgr.dll + 2008-04-13 15:33:22 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\cfgbkend.dll + 2008-04-13 15:31:04 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\cfgmgr32.dll + 2008-04-13 15:33:58 188,480 ------w C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe + 2008-04-13 15:33:22 15,423 ------w C:\WINDOWS\ServicePackFiles\i386\ch7xxnt5.dll + 2008-04-13 07:41:00 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\changer.sys + 2008-04-13 15:33:22 148,480 ------w C:\WINDOWS\ServicePackFiles\i386\cic.dll + 2008-04-13 15:33:22 1,359,360 ------w C:\WINDOWS\ServicePackFiles\i386\cimwin32.dll + 2008-04-13 15:33:22 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\ciodm.dll + 2008-04-13 15:33:58 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\cipher.exe + 2008-04-13 15:33:58 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\cisvc.exe + 2008-04-13 08:16:24 49,536 ------w C:\WINDOWS\ServicePackFiles\i386\classpnp.sys + 2008-04-13 15:33:22 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\clbcatex.dll + 2008-04-13 15:33:22 498,688 ------w C:\WINDOWS\ServicePackFiles\i386\clbcatq.dll + 2008-04-13 15:33:58 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\cleanmgr.exe + 2008-04-13 15:33:22 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\cliconfg.dll + 2008-04-13 15:33:58 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\cliconfg.exe + 2008-04-13 15:33:58 104,448 ------w C:\WINDOWS\ServicePackFiles\i386\clipbrd.exe + 2008-04-13 15:33:58 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe + 2008-04-13 15:33:22 58,368 ------w C:\WINDOWS\ServicePackFiles\i386\clusapi.dll + 2008-04-13 07:36:38 13,952 ------w C:\WINDOWS\ServicePackFiles\i386\cmbatt.sys + 2008-04-13 15:33:22 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\cmcfg32.dll + 2008-04-13 15:33:58 401,408 ------w C:\WINDOWS\ServicePackFiles\i386\cmd.exe + 2008-04-13 15:33:22 353,280 ------w C:\WINDOWS\ServicePackFiles\i386\cmdial32.dll + 2008-04-13 15:33:58 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\cmdl32.exe + 2008-04-13 15:33:58 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\cmmon32.exe + 2008-04-13 15:33:22 191,488 ------w C:\WINDOWS\ServicePackFiles\i386\cmprops.dll + 2008-04-13 15:33:22 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\cmsetacl.dll + 2008-04-13 15:33:58 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\cmstp.exe + 2008-04-13 15:33:22 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\cmutil.dll + 2008-04-13 15:33:22 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\cnbjmon.dll + 2008-04-13 15:33:22 83,968 ------w C:\WINDOWS\ServicePackFiles\i386\cnbjmon2.dll + 2008-04-13 15:33:22 47,104 ------w C:\WINDOWS\ServicePackFiles\i386\coadmin.dll + 2008-04-13 05:44:18 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\cobramsg.dll + 2008-04-13 15:33:22 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\colbact.dll + 2008-04-13 15:33:22 28,160 ------w C:\WINDOWS\ServicePackFiles\i386\comaddin.dll + 2008-04-13 15:33:22 195,072 ------w C:\WINDOWS\ServicePackFiles\i386\comadmin.dll + 2008-04-13 15:33:22 617,472 ------w C:\WINDOWS\ServicePackFiles\i386\comctl32.dll + 2008-04-13 15:33:22 281,600 ------w C:\WINDOWS\ServicePackFiles\i386\comdlg32.dll + 2008-04-13 15:33:22 253,440 ------w C:\WINDOWS\ServicePackFiles\i386\compatui.dll + 2008-04-13 07:36:38 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\compbatt.sys + 2008-04-13 15:33:22 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\compfilt.dll + 2008-04-13 15:33:22 230,912 ------w C:\WINDOWS\ServicePackFiles\i386\compstui.dll + 2008-04-13 15:33:22 97,792 ------w C:\WINDOWS\ServicePackFiles\i386\comrepl.dll + 2008-04-13 15:33:58 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\comrepl.exe + 2008-04-13 15:33:58 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\comrereg.exe + 2008-04-13 15:33:22 851,968 ------w C:\WINDOWS\ServicePackFiles\i386\comres.dll + 2008-04-13 07:43:34 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\comsdupd.exe + 2008-04-13 15:33:22 274,944 ------w C:\WINDOWS\ServicePackFiles\i386\comsetup.dll + 2008-04-13 15:33:22 167,424 ------w C:\WINDOWS\ServicePackFiles\i386\comsnap.dll + 2008-04-13 15:33:22 1,267,200 ------w C:\WINDOWS\ServicePackFiles\i386\comsvcs.dll + 2008-04-13 15:33:22 539,648 ------w C:\WINDOWS\ServicePackFiles\i386\comuid.dll + 2008-04-13 15:34:00 1,044,480 ------w C:\WINDOWS\ServicePackFiles\i386\conf.exe + 2008-04-13 15:33:22 45,056 ------w C:\WINDOWS\ServicePackFiles\i386\confmrsl.dll + 2008-04-13 15:33:22 358,400 ------w C:\WINDOWS\ServicePackFiles\i386\confmsp.dll + 2008-04-13 15:34:00 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\conime.exe + 2008-04-13 05:10:06 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\corperfmonext.dll + 2008-04-13 15:33:22 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\corpol.dll + 2008-04-13 15:33:22 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\credssp.dll + 2008-04-13 15:33:22 165,888 ------w C:\WINDOWS\ServicePackFiles\i386\credui.dll + 2008-04-13 15:02:48 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\crusoe.sys + 2008-04-13 15:33:22 606,208 ------w C:\WINDOWS\ServicePackFiles\i386\crypt32.dll + 2008-04-13 15:33:22 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\cryptdlg.dll + 2008-04-13 15:33:22 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\cryptdll.dll + 2008-04-13 15:33:22 54,784 ------w C:\WINDOWS\ServicePackFiles\i386\cryptext.dll + 2008-04-13 15:33:22 64,512 ------w C:\WINDOWS\ServicePackFiles\i386\cryptnet.dll + 2008-04-13 15:33:22 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll + 2008-04-13 15:33:22 530,432 ------w C:\WINDOWS\ServicePackFiles\i386\cryptui.dll + 2008-04-13 05:10:14 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\csc.exe + 2008-04-13 15:33:22 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\cscdll.dll + 2007-06-27 01:53:48 589,824 ------w C:\WINDOWS\ServicePackFiles\i386\cscomp.dll + 2008-04-13 15:34:00 139,264 ------w C:\WINDOWS\ServicePackFiles\i386\cscript.exe + 2008-04-13 15:33:22 337,920 ------w C:\WINDOWS\ServicePackFiles\i386\cscui.dll + 2008-04-13 15:33:24 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\csrsrv.dll + 2008-04-13 15:34:00 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\csrss.exe + 2008-04-13 15:34:00 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe + 2008-04-13 15:33:24 252,416 ------w C:\WINDOWS\ServicePackFiles\i386\ctmasetp.dll + 2008-04-13 15:33:24 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\custsat.dll + 2008-04-13 05:36:04 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\cwrwdm.sys + 2008-04-13 15:33:24 1,179,648 ------w C:\WINDOWS\ServicePackFiles\i386\d3d8.dll + 2008-04-13 15:33:24 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\d3d8thk.dll + 2008-04-13 15:33:24 1,689,088 ------w C:\WINDOWS\ServicePackFiles\i386\d3d9.dll + 2008-04-13 15:33:24 824,320 ------w C:\WINDOWS\ServicePackFiles\i386\d3dim700.dll + 2008-04-13 15:33:24 1,056,768 ------w C:\WINDOWS\ServicePackFiles\i386\danim.dll + 2008-01-19 00:04:50 554,008 ------w C:\WINDOWS\ServicePackFiles\i386\dao360.dll + 2008-04-13 15:33:24 55,296 ------w C:\WINDOWS\ServicePackFiles\i386\dataclen.dll + 2008-04-13 15:33:24 165,376 ------w C:\WINDOWS\ServicePackFiles\i386\datime.dll + 2008-04-13 15:34:00 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\davcdata.exe + 2008-04-13 15:33:24 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\davclnt.dll + 2008-04-13 15:33:24 640,000 ------w C:\WINDOWS\ServicePackFiles\i386\dbghelp.dll + 2008-04-13 15:33:24 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\dbmsrpcn.dll + 2008-04-13 15:33:24 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\dbnetlib.dll + 2008-04-13 15:33:24 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dbnmpntw.dll + 2008-04-13 15:50:22 1,804 ------w C:\WINDOWS\ServicePackFiles\i386\dcache.bin + 2008-04-13 15:33:24 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\dcap32.dll + 2008-04-13 15:33:24 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\dciman32.dll + 2008-04-13 15:34:00 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\dcomcnfg.exe + 2008-04-13 15:34:00 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\ddeshare.exe + 2008-04-13 15:33:24 279,552 ------w C:\WINDOWS\ServicePackFiles\i386\ddraw.dll + 2008-04-13 15:33:24 27,136 ------w C:\WINDOWS\ServicePackFiles\i386\ddrawex.dll + 2008-04-13 15:34:00 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\defrag.exe + 2008-04-13 15:33:24 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\devenum.dll + 2008-04-13 15:33:24 290,816 ------w C:\WINDOWS\ServicePackFiles\i386\devmgr.dll + 2008-04-13 15:34:00 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgfat.exe + 2008-04-13 15:34:00 105,472 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgntfs.exe + 2008-04-13 15:33:24 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgsnap.dll + 2008-04-13 15:33:24 124,416 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgui.dll + 2008-04-13 15:33:24 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dfsshlex.dll + 2008-04-13 15:33:24 115,200 ------w C:\WINDOWS\ServicePackFiles\i386\dgnet.dll + 2008-04-13 15:33:24 127,488 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpcsvc.dll + 2008-04-13 15:33:24 411,136 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpmon.dll + 2008-04-13 15:33:24 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\dhcpqec.dll + 2008-04-13 15:34:00 548,352 ------w C:\WINDOWS\ServicePackFiles\i386\dialer.exe + 2008-04-13 15:34:02 87,040 ------w C:\WINDOWS\ServicePackFiles\i386\diantz.exe + 2007-03-28 02:08:58 887,784 ------w C:\WINDOWS\ServicePackFiles\i386\digcore.exe + 2008-04-13 15:33:24 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\digest.dll + 2008-04-13 15:33:24 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\dimsntfy.dll + 2008-04-13 15:33:24 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\dimsroam.dll + 2008-04-13 15:33:24 165,376 ------w C:\WINDOWS\ServicePackFiles\i386\dinput.dll + 2008-04-13 15:33:24 187,904 ------w C:\WINDOWS\ServicePackFiles\i386\dinput8.dll + 2008-04-13 15:33:24 86,528 ------w C:\WINDOWS\ServicePackFiles\i386\directdb.dll + 2008-04-13 07:40:48 36,352 ------w C:\WINDOWS\ServicePackFiles\i386\disk.sys + 2008-04-13 15:33:24 1,504,768 ------w C:\WINDOWS\ServicePackFiles\i386\diskcopy.dll + 2008-04-13 07:40:46 14,208 ------w C:\WINDOWS\ServicePackFiles\i386\diskdump.sys + 2008-04-13 15:34:02 167,936 ------w C:\WINDOWS\ServicePackFiles\i386\diskpart.exe + 2008-04-13 15:33:24 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\dispex.dll + 2008-04-13 15:34:02 5,120 ------w C:\WINDOWS\ServicePackFiles\i386\dllhost.exe + 2008-04-13 07:40:52 8,320 ------w C:\WINDOWS\ServicePackFiles\i386\dlttape.sys + 2008-04-13 15:34:02 225,280 ------w C:\WINDOWS\ServicePackFiles\i386\dmadmin.exe + 2008-04-13 15:33:24 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\dmband.dll + 2008-04-13 15:05:08 800,256 ------w C:\WINDOWS\ServicePackFiles\i386\dmboot.sys + 2008-04-13 15:33:24 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\dmcompos.dll + 2008-04-13 15:33:24 285,184 ------w C:\WINDOWS\ServicePackFiles\i386\dmdlgs.dll + 2008-04-13 15:33:24 200,704 ------w C:\WINDOWS\ServicePackFiles\i386\dmdskmgr.dll + 2008-04-13 15:33:24 181,248 ------w C:\WINDOWS\ServicePackFiles\i386\dmime.dll + 2008-04-13 15:05:14 154,496 ------w C:\WINDOWS\ServicePackFiles\i386\dmio.sys + 2008-04-13 15:33:24 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\dmloader.dll + 2008-04-13 15:34:02 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\dmremote.exe + 2008-04-13 15:33:24 82,432 ------w C:\WINDOWS\ServicePackFiles\i386\dmscript.dll + 2008-04-13 15:33:24 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\dmserver.dll + 2008-04-13 15:33:24 105,984 ------w C:\WINDOWS\ServicePackFiles\i386\dmstyle.dll + 2008-04-13 15:33:24 103,424 ------w C:\WINDOWS\ServicePackFiles\i386\dmsynth.dll + 2008-04-13 15:33:24 104,448 ------w C:\WINDOWS\ServicePackFiles\i386\dmusic.dll + 2008-04-13 07:45:02 52,864 ------w C:\WINDOWS\ServicePackFiles\i386\dmusic.sys + 2008-04-13 15:33:24 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\dmutil.dll + 2008-04-13 15:33:24 147,968 ------w C:\WINDOWS\ServicePackFiles\i386\dnsapi.dll + 2008-04-13 15:33:24 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\dnsrslvr.dll + 2008-04-13 15:33:24 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\docprop2.dll + 2008-04-13 05:54:56 54,080 ------w C:\WINDOWS\ServicePackFiles\i386\dosx.exe + 2008-04-13 15:33:24 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\dot3api.dll + 2008-04-13 15:33:24 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\dot3cfg.dll + 2008-04-13 15:33:24 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\dot3clnt.dll + 2008-04-13 15:33:24 9,216 ------w C:\WINDOWS\ServicePackFiles\i386\dot3dlg.dll + 2008-04-13 15:33:24 56,832 ------w C:\WINDOWS\ServicePackFiles\i386\dot3msm.dll + 2008-04-13 15:33:24 133,120 ------w C:\WINDOWS\ServicePackFiles\i386\dot3svc.dll + 2008-04-13 15:33:24 651,264 ------w C:\WINDOWS\ServicePackFiles\i386\dot3ui.dll + 2008-04-13 07:39:48 206,976 ------w C:\WINDOWS\ServicePackFiles\i386\dot4.sys + 2008-04-13 15:33:24 103,424 ------w C:\WINDOWS\ServicePackFiles\i386\dpcdll.dll + 2008-04-13 15:34:02 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\dplaysvr.exe + 2008-04-13 15:33:24 229,888 ------w C:\WINDOWS\ServicePackFiles\i386\dplayx.dll + 2008-04-13 15:33:24 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\dpmodemx.dll + 2008-04-13 15:31:16 3,072 ------w C:\WINDOWS\ServicePackFiles\i386\dpnaddr.dll + 2008-04-13 15:33:24 375,296 ------w C:\WINDOWS\ServicePackFiles\i386\dpnet.dll + 2008-04-13 15:33:24 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\dpnhpast.dll + 2008-04-13 15:33:24 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\dpnhupnp.dll + 2008-04-13 15:31:16 3,072 ------w C:\WINDOWS\ServicePackFiles\i386\dpnlobby.dll + 2008-04-13 15:34:02 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\dpnsvr.exe + 2008-04-13 15:33:24 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\dpvacm.dll + 2008-04-13 15:33:24 213,504 ------w C:\WINDOWS\ServicePackFiles\i386\dpvoice.dll + 2008-04-13 15:34:02 83,456 ------w C:\WINDOWS\ServicePackFiles\i386\dpvsetup.exe + 2008-04-13 15:33:24 116,736 ------w C:\WINDOWS\ServicePackFiles\i386\dpvvox.dll + 2008-04-13 15:33:24 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\dpwsockx.dll + 2008-04-13 07:45:16 60,160 ------w C:\WINDOWS\ServicePackFiles\i386\drmk.sys + 2008-04-13 07:45:14 2,944 ------w C:\WINDOWS\ServicePackFiles\i386\drmkaud.sys + 2008-04-13 15:33:24 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\drprov.dll + 2008-04-13 15:34:02 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\drvqry.exe + 2007-04-02 03:05:22 4,656 ------w C:\WINDOWS\ServicePackFiles\i386\ds16gt.dll + 2008-04-13 15:33:24 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\ds32gt.dll + 2008-04-13 15:33:24 181,248 ------w C:\WINDOWS\ServicePackFiles\i386\dsdmo.dll + 2008-04-13 15:33:24 72,192 ------w C:\WINDOWS\ServicePackFiles\i386\dsdmoprp.dll + 2008-04-13 15:33:24 93,696 ------w C:\WINDOWS\ServicePackFiles\i386\dskquota.dll + 2008-04-13 15:33:24 161,280 ------w C:\WINDOWS\ServicePackFiles\i386\dskquoui.dll + 2008-04-13 15:33:24 367,616 ------w C:\WINDOWS\ServicePackFiles\i386\dsound.dll + 2008-04-13 15:33:24 1,293,824 ------w C:\WINDOWS\ServicePackFiles\i386\dsound3d.dll + 2008-04-13 15:33:24 145,920 ------w C:\WINDOWS\ServicePackFiles\i386\dsprop.dll + 2008-04-13 15:06:30 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\dsprpres.dll + 2008-04-13 15:33:24 240,640 ------w C:\WINDOWS\ServicePackFiles\i386\dsquery.dll + 2008-04-13 15:33:24 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\dssec.dll + 2008-04-13 06:37:58 138,752 ------w C:\WINDOWS\ServicePackFiles\i386\dssenh.dll + 2008-04-13 15:33:24 113,664 ------w C:\WINDOWS\ServicePackFiles\i386\dsuiext.dll + 2008-04-13 15:33:24 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\dswave.dll + 2008-04-13 15:34:02 10,752 ------w C:\WINDOWS\ServicePackFiles\i386\dumprep.exe + 2008-04-13 15:33:24 304,128 ------w C:\WINDOWS\ServicePackFiles\i386\duser.dll + 2008-04-13 15:34:02 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\dvdupgrd.exe + 2008-04-13 15:34:02 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\dwwin.exe + 2008-04-13 15:33:24 619,008 ------w C:\WINDOWS\ServicePackFiles\i386\dx7vb.dll + 2008-04-13 15:33:24 1,227,264 ------w C:\WINDOWS\ServicePackFiles\i386\dx8vb.dll + 2008-04-13 15:34:02 1,298,432 ------w C:\WINDOWS\ServicePackFiles\i386\dxdiag.exe + 2008-04-13 15:33:24 2,113,536 ------w C:\WINDOWS\ServicePackFiles\i386\dxdiagn.dll + 2008-04-13 07:38:30 71,168 ------w C:\WINDOWS\ServicePackFiles\i386\dxg.sys + 2008-04-13 15:33:24 357,888 ------w C:\WINDOWS\ServicePackFiles\i386\dxtmsft.dll + 2008-04-13 15:33:24 205,312 ------w C:\WINDOWS\ServicePackFiles\i386\dxtrans.dll + 2008-04-13 15:33:24 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\eapolqec.dll + 2008-04-13 15:33:24 184,832 ------w C:\WINDOWS\ServicePackFiles\i386\eapp3hst.dll + 2008-04-13 15:33:24 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\eappcfg.dll + 2008-04-13 15:33:24 94,720 ------w C:\WINDOWS\ServicePackFiles\i386\eappgnui.dll + 2008-04-13 15:33:24 180,736 ------w C:\WINDOWS\ServicePackFiles\i386\eapphost.dll + 2008-04-13 15:33:24 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\eappprxy.dll + 2008-04-13 15:33:24 59,392 ------w C:\WINDOWS\ServicePackFiles\i386\eapqec.dll + 2008-04-13 15:33:24 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\eapsvc.dll + 2008-04-13 15:33:24 27,136 ------w C:\WINDOWS\ServicePackFiles\i386\efsadu.dll + 2008-04-13 15:33:24 187,392 ------w C:\WINDOWS\ServicePackFiles\i386\els.dll + 2008-04-13 15:33:24 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\encapi.dll + 2008-04-13 15:33:24 186,880 ------w C:\WINDOWS\ServicePackFiles\i386\encdec.dll + 2008-04-13 14:56:20 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\ep9res.dll + 2008-04-13 14:56:22 121,344 ------w C:\WINDOWS\ServicePackFiles\i386\epcl5res.dll + 2008-04-13 15:33:26 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\ersvc.dll + 2008-04-13 15:33:26 246,272 ------w C:\WINDOWS\ServicePackFiles\i386\es.dll + 2008-04-13 15:33:26 1,097,728 ------w C:\WINDOWS\ServicePackFiles\i386\esent.dll + 2008-04-13 15:33:26 247,808 ------w C:\WINDOWS\ServicePackFiles\i386\esscli.dll + 2008-04-13 05:36:06 137,088 ------w C:\WINDOWS\ServicePackFiles\i386\essm2e.sys + 2008-04-13 15:34:02 195,072 ------w C:\WINDOWS\ServicePackFiles\i386\eudcedit.exe + 2008-04-13 15:34:02 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\evcreate.exe + 2008-04-13 15:33:26 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\eventlog.dll + 2007-06-27 01:54:18 798,720 ------w C:\WINDOWS\ServicePackFiles\i386\eventlogmessages.dll + 2008-04-13 15:33:26 109,568 ------w C:\WINDOWS\ServicePackFiles\i386\evntagnt.dll + 2008-04-13 15:34:02 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\evntcmd.exe + 2008-04-13 15:33:26 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\evntrprv.dll + 2008-04-13 15:34:04 94,720 ------w C:\WINDOWS\ServicePackFiles\i386\evntwin.exe + 2008-04-13 15:33:26 45,056 ------w C:\WINDOWS\ServicePackFiles\i386\evtgprov.dll + 2008-04-13 15:34:04 86,528 ------w C:\WINDOWS\ServicePackFiles\i386\evtrig.exe + 2008-04-13 15:34:04 1,037,824 ------w C:\WINDOWS\ServicePackFiles\i386\explorer.exe + 2008-04-13 15:33:26 380,445 ------w C:\WINDOWS\ServicePackFiles\i386\expsrv.dll + 2008-04-13 15:33:26 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\exstrace.dll + 2008-04-13 15:33:26 55,808 ------w C:\WINDOWS\ServicePackFiles\i386\extmgr.dll + 2008-04-13 15:34:06 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\extrac32.exe + 2008-04-13 15:33:26 125,952 ------w C:\WINDOWS\ServicePackFiles\i386\exts.dll + 2008-04-13 15:31:22 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\f3ahvoas.dll + 2008-04-13 08:14:30 143,744 ------w C:\WINDOWS\ServicePackFiles\i386\fastfat.sys + 2008-04-13 15:33:26 472,064 ------w C:\WINDOWS\ServicePackFiles\i386\fastprox.dll + 2008-04-13 15:33:26 80,896 ------w C:\WINDOWS\ServicePackFiles\i386\faultrep.dll + 2008-04-13 15:34:06 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\faxpatch.exe + 2008-04-13 07:40:26 27,392 ------w C:\WINDOWS\ServicePackFiles\i386\fdc.sys + 2008-04-13 15:33:26 126,464 ------w C:\WINDOWS\ServicePackFiles\i386\fde.dll + 2008-04-13 15:33:26 76,288 ------w C:\WINDOWS\ServicePackFiles\i386\fdeploy.dll + 2008-04-13 15:33:26 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\feclient.dll + 2008-04-13 15:33:26 348,160 ------w C:\WINDOWS\ServicePackFiles\i386\filemgmt.dll + 2008-04-13 15:34:06 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\findstr.exe + 2008-04-13 14:57:40 44,672 ------w C:\WINDOWS\ServicePackFiles\i386\fips.sys + 2008-04-13 15:33:26 88,064 ------w C:\WINDOWS\ServicePackFiles\i386\fldrclnr.dll + 2008-04-13 07:40:26 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\flpydisk.sys + 2008-04-13 15:33:26 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\fltlib.dll + 2008-04-13 15:34:06 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\fltmc.exe + 2008-04-13 07:33:00 129,792 ------w C:\WINDOWS\ServicePackFiles\i386\fltmgr.sys + 2008-04-13 15:33:26 386,560 ------w C:\WINDOWS\ServicePackFiles\i386\fontext.dll + 2008-04-13 15:33:26 80,896 ------w C:\WINDOWS\ServicePackFiles\i386\fontsub.dll + 2008-04-13 15:34:06 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\fontview.exe + 2008-04-13 15:34:06 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\forcedos.exe + 2008-04-13 05:35:32 34,173 ------w C:\WINDOWS\ServicePackFiles\i386\forehe.sys + 2008-04-13 15:34:32 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\format.com + 2008-04-13 15:33:26 32,828 ------w C:\WINDOWS\ServicePackFiles\i386\fp40ext.dll + 2008-04-13 15:33:26 184,435 ------w C:\WINDOWS\ServicePackFiles\i386\fp4amsft.dll + 2008-04-13 15:33:26 82,035 ------w C:\WINDOWS\ServicePackFiles\i386\fp4anscp.dll + 2008-04-13 15:33:26 147,513 ------w C:\WINDOWS\ServicePackFiles\i386\fp4apws.dll + 2008-04-13 15:33:26 49,210 ------w C:\WINDOWS\ServicePackFiles\i386\fp4areg.dll + 2008-04-13 15:33:26 102,509 ------w C:\WINDOWS\ServicePackFiles\i386\fp4atxt.dll + 2008-04-13 15:33:26 618,605 ------w C:\WINDOWS\ServicePackFiles\i386\fp4autl.dll + 2008-04-13 15:33:26 41,020 ------w C:\WINDOWS\ServicePackFiles\i386\fp4avnb.dll + 2008-04-13 15:33:26 32,826 ------w C:\WINDOWS\ServicePackFiles\i386\fp4avss.dll + 2008-04-13 15:33:26 49,212 ------w C:\WINDOWS\ServicePackFiles\i386\fp4awebs.dll + 2008-04-13 15:33:26 876,653 ------w C:\WINDOWS\ServicePackFiles\i386\fp4awel.dll + 2008-04-13 15:34:06 15,120 ------w C:\WINDOWS\ServicePackFiles\i386\fp98sadm.exe + 2008-04-13 15:34:06 109,840 ------w C:\WINDOWS\ServicePackFiles\i386\fp98swin.exe + 2008-04-13 15:34:06 24,632 ------w C:\WINDOWS\ServicePackFiles\i386\fpadmcgi.exe + 2008-04-13 15:33:26 20,541 ------w C:\WINDOWS\ServicePackFiles\i386\fpadmdll.dll + 2008-04-13 15:34:06 188,494 ------w C:\WINDOWS\ServicePackFiles\i386\fpcount.exe + 2008-04-13 15:33:26 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\fpencode.dll + 2008-04-13 15:33:26 20,541 ------w C:\WINDOWS\ServicePackFiles\i386\fpexedll.dll + 2008-04-13 15:33:26 598,071 ------w C:\WINDOWS\ServicePackFiles\i386\fpmmc.dll + 2007-03-28 01:53:14 217,088 ------w C:\WINDOWS\ServicePackFiles\i386\fpmmcsat.dll + 2008-04-13 15:34:06 20,538 ------w C:\WINDOWS\ServicePackFiles\i386\fpremadm.exe + 2008-04-13 15:34:06 28,728 ------w C:\WINDOWS\ServicePackFiles\i386\fpsrvadm.exe + 2008-04-13 15:31:24 9,344 ------w C:\WINDOWS\ServicePackFiles\i386\framebuf.dll + 2008-04-13 15:33:26 185,344 ------w C:\WINDOWS\ServicePackFiles\i386\framedyn.dll + 2008-04-13 15:34:06 193,024 ------w C:\WINDOWS\ServicePackFiles\i386\fsquirt.exe + 2008-04-13 15:34:06 46,080 ------w C:\WINDOWS\ServicePackFiles\i386\ftp.exe + 2008-04-13 15:33:26 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\ftpmib.dll + 2008-04-13 15:33:26 127,488 ------w C:\WINDOWS\ServicePackFiles\i386\ftpsv251.dll + 2007-06-27 01:54:18 233,472 ------w C:\WINDOWS\ServicePackFiles\i386\fusion.dll + 2008-04-13 15:33:26 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\fwcfg.dll + 2008-04-13 15:33:26 451,584 ------w C:\WINDOWS\ServicePackFiles\i386\fxsapi.dll + 2008-04-13 15:34:06 142,848 ------w C:\WINDOWS\ServicePackFiles\i386\fxsclnt.exe + 2008-04-13 15:33:26 72,192 ------w C:\WINDOWS\ServicePackFiles\i386\fxscom.dll + 2008-04-13 15:33:26 285,184 ------w C:\WINDOWS\ServicePackFiles\i386\fxscomex.dll + 2008-04-13 15:34:06 238,592 ------w C:\WINDOWS\ServicePackFiles\i386\fxscover.exe + 2008-04-13 15:33:26 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\fxsdrv.dll + 2008-04-13 15:33:26 66,048 ------w C:\WINDOWS\ServicePackFiles\i386\fxsevent.dll + 2008-04-13 15:33:26 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\fxsext32.dll + 2008-04-13 15:33:26 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\fxsmon.dll + 2008-04-13 15:33:26 132,608 ------w C:\WINDOWS\ServicePackFiles\i386\fxsocm.dll + 2008-04-13 15:33:26 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\fxsperf.dll + 2008-04-13 15:31:26 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\fxsres.dll + 2008-04-13 15:33:26 563,712 ------w C:\WINDOWS\ServicePackFiles\i386\fxsst.dll + 2008-04-13 15:34:06 268,800 ------w C:\WINDOWS\ServicePackFiles\i386\fxssvc.exe + 2008-04-13 15:33:26 246,272 ------w C:\WINDOWS\ServicePackFiles\i386\fxst30.dll + 2008-04-13 15:33:26 397,312 ------w C:\WINDOWS\ServicePackFiles\i386\fxstiff.dll + 2008-04-13 15:33:26 156,672 ------w C:\WINDOWS\ServicePackFiles\i386\fxsui.dll + 2008-04-13 15:33:26 197,120 ------w C:\WINDOWS\ServicePackFiles\i386\fxswzrd.dll + 2008-04-13 15:33:26 400,896 ------w C:\WINDOWS\ServicePackFiles\i386\fxsxp32.dll + 2008-04-13 07:36:42 46,464 ------w C:\WINDOWS\ServicePackFiles\i386\gagp30kx.sys + 2008-04-13 07:45:30 10,624 ------w C:\WINDOWS\ServicePackFiles\i386\gameenum.sys + 2008-04-13 07:45:34 59,136 ------w C:\WINDOWS\ServicePackFiles\i386\gckernel.sys + 2008-04-13 15:33:26 285,184 ------w C:\WINDOWS\ServicePackFiles\i386\gdi32.dll + 2008-04-13 15:34:06 61,952 ------w C:\WINDOWS\ServicePackFiles\i386\getmac.exe + 2008-04-13 15:33:26 123,904 ------w C:\WINDOWS\ServicePackFiles\i386\glu32.dll + 2008-04-13 15:33:26 577,536 ------w C:\WINDOWS\ServicePackFiles\i386\gpedit.dll + 2008-04-13 06:38:00 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\gpkcsp.dll + 2008-04-13 14:59:16 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\gpkrsrc.dll + 2008-04-13 15:34:06 124,416 ------w C:\WINDOWS\ServicePackFiles\i386\gprslt.exe + 2008-04-13 15:33:28 202,240 ------w C:\WINDOWS\ServicePackFiles\i386\gptext.dll + 2008-04-13 15:34:06 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\grpconv.exe + 2008-04-13 14:59:22 28,544 ------w C:\WINDOWS\ServicePackFiles\i386\grserial.sys + 2008-04-13 15:33:28 134,656 ------w C:\WINDOWS\ServicePackFiles\i386\guitrn.dll + 2008-04-13 15:33:28 115,712 ------w C:\WINDOWS\ServicePackFiles\i386\guitrna.dll + 2008-04-13 15:33:28 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\gzip.dll + 2008-04-13 15:33:28 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\h323cc.dll + 2008-04-13 15:33:28 614,912 ------w C:\WINDOWS\ServicePackFiles\i386\h323msp.dll + 2008-04-13 07:31:34 105,344 ------w C:\WINDOWS\ServicePackFiles\i386\hal.dll + 2008-04-13 07:31:30 131,840 ------w C:\WINDOWS\ServicePackFiles\i386\halaacpi.dll + 2008-04-13 07:31:28 81,152 ------w C:\WINDOWS\ServicePackFiles\i386\halacpi.dll + 2008-04-13 07:31:30 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\halapic.dll + 2008-04-13 07:31:30 134,400 ------w C:\WINDOWS\ServicePackFiles\i386\halmacpi.dll + 2008-04-13 07:31:34 152,576 ------w C:\WINDOWS\ServicePackFiles\i386\halmps.dll + 2008-04-13 07:31:32 77,696 ------w C:\WINDOWS\ServicePackFiles\i386\halsp.dll + 2008-04-13 15:33:28 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\hccoin.dll + 2008-04-13 05:36:06 144,384 ------w C:\WINDOWS\ServicePackFiles\i386\hdaudbus.sys + 2008-04-13 15:34:06 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\help.exe + 2008-04-13 15:34:08 769,024 ------w C:\WINDOWS\ServicePackFiles\i386\helpctr.exe + 2008-04-13 15:34:08 744,448 ------w C:\WINDOWS\ServicePackFiles\i386\helpsvc.exe + 2008-04-13 15:34:08 10,752 ------w C:\WINDOWS\ServicePackFiles\i386\hh.exe + 2008-04-13 15:33:28 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\hhsetup.dll + 2008-04-13 15:33:28 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\hid.dll + 2008-04-13 07:36:40 20,352 ------w C:\WINDOWS\ServicePackFiles\i386\hidbatt.sys + 2008-04-13 14:59:56 25,856 ------w C:\WINDOWS\ServicePackFiles\i386\hidbth.sys + 2008-04-13 07:45:28 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\hidclass.sys + 2008-04-13 07:45:28 19,200 ------w C:\WINDOWS\ServicePackFiles\i386\hidir.sys + 2008-04-13 07:45:24 24,960 ------w C:\WINDOWS\ServicePackFiles\i386\hidparse.sys + 2008-04-13 15:33:28 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\hidserv.dll + 2008-04-13 07:45:28 10,368 ------w C:\WINDOWS\ServicePackFiles\i386\hidusb.sys + 2008-04-13 15:33:28 72,704 ------w C:\WINDOWS\ServicePackFiles\i386\hlink.dll + 2008-04-13 15:33:28 38,912 ------w C:\WINDOWS\ServicePackFiles\i386\hmmapi.dll + 2008-04-13 15:33:28 347,136 ------w C:\WINDOWS\ServicePackFiles\i386\hnetcfg.dll + 2008-04-13 15:33:28 336,384 ------w C:\WINDOWS\ServicePackFiles\i386\hnetwiz.dll + 2008-04-13 15:33:28 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\hostmib.dll + 2008-04-13 15:33:28 146,944 ------w C:\WINDOWS\ServicePackFiles\i386\hotplug.dll + 2008-04-13 15:33:28 10,752 ------w C:\WINDOWS\ServicePackFiles\i386\hpcjrr.dll + 2008-04-13 15:33:28 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\hpcjrrps.dll + 2008-04-13 15:33:28 87,552 ------w C:\WINDOWS\ServicePackFiles\i386\hpfud50.dll + 2008-04-13 15:34:08 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\hscupd.exe + 2008-04-13 07:23:50 220,032 ------w C:\WINDOWS\ServicePackFiles\i386\hsfbs2s2.sys + 2008-04-13 15:33:28 32,285 ------w C:\WINDOWS\ServicePackFiles\i386\hsfcisp2.dll + 2008-04-13 07:23:52 685,056 ------w C:\WINDOWS\ServicePackFiles\i386\hsfcxts2.sys + 2008-04-13 07:23:54 1,041,536 ------w C:\WINDOWS\ServicePackFiles\i386\hsfdpsp2.sys + 2008-04-13 07:53:54 264,832 ------w C:\WINDOWS\ServicePackFiles\i386\http.sys + 2008-04-13 15:33:28 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\httpapi.dll + 2008-04-13 15:33:28 268,288 ------w C:\WINDOWS\ServicePackFiles\i386\httpext.dll + 2008-04-13 15:33:28 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\httpmb51.dll + 2008-04-13 15:33:28 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\httpod51.dll + 2008-04-13 15:33:28 43,008 ------w C:\WINDOWS\ServicePackFiles\i386\htui.dll + 2008-04-13 15:33:28 354,304 ------w C:\WINDOWS\ServicePackFiles\i386\hypertrm.dll + 2008-04-13 07:41:24 8,576 ------w C:\WINDOWS\ServicePackFiles\i386\i2omgmt.sys + 2008-04-13 07:41:24 18,560 ------w C:\WINDOWS\ServicePackFiles\i386\i2omp.sys + 2008-04-13 15:00:54 54,144 ------w C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys + 2008-04-13 15:33:28 702,845 ------w C:\WINDOWS\ServicePackFiles\i386\i81xdnt5.dll + 2008-04-13 05:34:28 161,020 ------w C:\WINDOWS\ServicePackFiles\i386\i81xnt5.sys + 2008-04-13 15:33:28 119,808 ------w C:\WINDOWS\ServicePackFiles\i386\iasrad.dll + 2008-04-13 15:33:28 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\icaapi.dll + 2008-04-13 15:33:28 80,384 ------w C:\WINDOWS\ServicePackFiles\i386\iccvid.dll + 2008-04-13 15:33:28 254,976 ------w C:\WINDOWS\ServicePackFiles\i386\icm32.dll + 2008-04-13 15:31:32 3,584 ------w C:\WINDOWS\ServicePackFiles\i386\icmp.dll + 2008-04-13 05:44:30 2,560 ------w C:\WINDOWS\ServicePackFiles\i386\iconlib.dll + 2008-04-13 15:33:28 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\icwconn.dll + 2008-04-13 15:34:08 218,624 ------w C:\WINDOWS\ServicePackFiles\i386\icwconn1.exe + 2008-04-13 15:34:08 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\icwconn2.exe + 2008-04-13 15:33:28 73,728 ------w C:\WINDOWS\ServicePackFiles\i386\icwdial.dll + 2008-04-13 15:33:28 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\icwdl.dll + 2008-04-13 15:33:28 176,128 ------w C:\WINDOWS\ServicePackFiles\i386\icwhelp.dll + 2008-04-13 15:33:28 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\icwphbk.dll + 2008-04-13 15:34:08 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\icwrmind.exe + 2008-04-13 15:33:28 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\icwutil.dll + 2008-04-13 15:33:28 121,856 ------w C:\WINDOWS\ServicePackFiles\i386\idq.dll + 2008-04-13 15:34:08 34,304 ------w C:\WINDOWS\ServicePackFiles\i386\ie4uinit.exe + 2008-04-13 15:33:28 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\ieakeng.dll + 2008-04-13 15:33:28 221,184 ------w C:\WINDOWS\ServicePackFiles\i386\ieaksie.dll + 2008-04-13 15:33:28 323,584 ------w C:\WINDOWS\ServicePackFiles\i386\iedkcs32.dll + 2008-04-13 15:34:08 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\iedw.exe + 2008-04-13 15:33:28 81,920 ------w C:\WINDOWS\ServicePackFiles\i386\ieencode.dll + 2007-12-17 00:58:36 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\ieexec.exe + 2007-06-27 01:54:24 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\ieexecremote.dll + 2007-06-27 01:54:24 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\iehost.dll + 2008-04-13 15:33:28 251,904 ------w C:\WINDOWS\ServicePackFiles\i386\iepeers.dll + 2008-04-13 15:33:28 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\iernonce.dll + 2008-04-13 15:33:28 63,488 ------w C:\WINDOWS\ServicePackFiles\i386\iesetup.dll + 2008-04-13 15:34:08 93,184 ------w C:\WINDOWS\ServicePackFiles\i386\iexplore.exe + 2008-04-13 15:34:08 114,688 ------w C:\WINDOWS\ServicePackFiles\i386\iexpress.exe + 2008-04-13 15:33:28 142,848 ------w C:\WINDOWS\ServicePackFiles\i386\ifmon.dll + 2008-04-13 15:33:28 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\igmpagnt.dll + 2008-04-13 15:31:34 508,416 ------w C:\WINDOWS\ServicePackFiles\i386\iis.dll + 2008-04-13 15:33:28 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\iisadmin.dll + 2008-04-13 15:33:28 145,408 ------w C:\WINDOWS\ServicePackFiles\i386\iische51.dll + 2008-04-13 15:33:28 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\iisext51.dll + 2008-04-13 15:33:28 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\iisfecnv.dll + 2008-04-13 15:33:28 79,872 ------w C:\WINDOWS\ServicePackFiles\i386\iislog51.dll + 2008-04-13 15:33:28 64,512 ------w C:\WINDOWS\ServicePackFiles\i386\iismap.dll + 2008-04-13 15:34:08 31,232 ------w C:\WINDOWS\ServicePackFiles\i386\iisrstas.exe + 2008-04-13 15:33:28 133,632 ------w C:\WINDOWS\ServicePackFiles\i386\iisrtl.dll + 2008-04-13 05:10:34 184,320 ------w C:\WINDOWS\ServicePackFiles\i386\ilasm.exe + 2008-04-13 15:33:28 81,920 ------w C:\WINDOWS\ServicePackFiles\i386\ils.dll + 2008-04-13 15:33:28 144,384 ------w C:\WINDOWS\ServicePackFiles\i386\imagehlp.dll + 2008-04-13 15:34:08 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\imapi.exe + 2008-04-13 07:41:00 42,112 ------w C:\WINDOWS\ServicePackFiles\i386\imapi.sys + 2008-04-13 15:33:28 36,921 ------w C:\WINDOWS\ServicePackFiles\i386\imeshare.dll + 2008-04-13 15:33:28 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\imgutil.dll + 2008-04-13 15:33:28 110,080 ------w C:\WINDOWS\ServicePackFiles\i386\imm32.dll + 2008-04-13 15:33:28 126,464 ------w C:\WINDOWS\ServicePackFiles\i386\imsinsnt.dll + 2008-04-13 15:33:28 282,624 ------w C:\WINDOWS\ServicePackFiles\i386\inetcfg.dll + 2008-04-13 15:33:28 691,712 ------w C:\WINDOWS\ServicePackFiles\i386\inetcomm.dll + 2008-04-13 15:34:08 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\inetin51.exe + 2008-04-13 15:33:28 842,240 ------w C:\WINDOWS\ServicePackFiles\i386\inetmgr.dll + 2008-04-13 15:33:28 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\inetmib1.dll + 2008-04-13 15:33:28 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\inetpp.dll + 2008-04-13 15:33:28 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\inetppui.dll + 2008-04-13 15:02:56 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\inetres.dll + 2008-04-13 15:34:08 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\inetwiz.exe + 2008-04-13 15:33:28 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\infoadmn.dll + 2008-04-13 15:33:28 257,024 ------w C:\WINDOWS\ServicePackFiles\i386\infocomm.dll + 2008-04-13 15:33:28 147,456 ------w C:\WINDOWS\ServicePackFiles\i386\initpki.dll + 2008-04-13 15:33:28 126,464 ------w C:\WINDOWS\ServicePackFiles\i386\input.dll + 2008-04-13 15:33:28 96,768 ------w C:\WINDOWS\ServicePackFiles\i386\inseng.dll + 2007-06-27 01:54:30 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\installutil.exe + 2008-04-13 15:03:26 5,504 ------w C:\WINDOWS\ServicePackFiles\i386\intelide.sys + 2008-04-13 15:03:28 40,576 ------w C:\WINDOWS\ServicePackFiles\i386\intelppm.sys + 2008-04-13 07:53:36 36,608 ------w C:\WINDOWS\ServicePackFiles\i386\ip6fw.sys + 2008-04-13 15:34:10 58,368 ------w C:\WINDOWS\ServicePackFiles\i386\ipconfig.exe + 2008-04-13 15:31:22 103,936 ------w C:\WINDOWS\ServicePackFiles\i386\ipevldpc.dll + 2008-04-13 15:31:18 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\ipevlpid.dll + 2008-04-13 15:33:28 95,744 ------w C:\WINDOWS\ServicePackFiles\i386\iphlpapi.dll + 2008-04-13 07:57:08 20,864 ------w C:\WINDOWS\ServicePackFiles\i386\ipinip.sys + 2008-04-13 15:33:28 174,592 ------w C:\WINDOWS\ServicePackFiles\i386\ipmontr.dll + 2008-04-13 07:57:16 152,832 ------w C:\WINDOWS\ServicePackFiles\i386\ipnat.sys + 2008-04-13 15:33:28 332,800 ------w C:\WINDOWS\ServicePackFiles\i386\ipnathlp.dll + 2008-04-13 15:33:28 355,840 ------w C:\WINDOWS\ServicePackFiles\i386\ippromon.dll + 2008-04-13 15:33:28 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\iprip.dll + 2008-04-13 15:33:28 177,152 ------w C:\WINDOWS\ServicePackFiles\i386\iprtrmgr.dll + 2008-04-13 08:19:44 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\ipsec.sys + 2008-04-13 15:33:28 361,472 ------w C:\WINDOWS\ServicePackFiles\i386\ipsecsnp.dll + 2008-04-13 15:33:28 185,344 ------w C:\WINDOWS\ServicePackFiles\i386\ipsecsvc.dll + 2008-04-13 15:32:26 103,424 ------w C:\WINDOWS\ServicePackFiles\i386\ipseldpc.dll + 2008-04-13 15:31:18 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\ipselpid.dll + 2008-04-13 15:33:28 388,096 ------w C:\WINDOWS\ServicePackFiles\i386\ipsmsnap.dll + 2008-04-13 15:34:10 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\ipv6.exe + 2008-04-13 15:33:28 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\ipv6mon.dll + 2008-04-13 15:34:10 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\ipxroute.exe + 2008-04-13 15:33:28 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\ipxwan.dll + 2008-04-13 15:33:28 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\ir41_qc.dll + 2008-04-13 15:33:28 338,432 ------w C:\WINDOWS\ServicePackFiles\i386\ir41_qcx.dll + 2008-04-13 15:33:28 755,200 ------w C:\WINDOWS\ServicePackFiles\i386\ir50_32.dll + 2008-04-13 15:33:28 200,192 ------w C:\WINDOWS\ServicePackFiles\i386\ir50_qc.dll + 2008-04-13 15:33:28 183,808 ------w C:\WINDOWS\ServicePackFiles\i386\ir50_qcx.dll + 2008-04-13 07:45:36 46,592 ------w C:\WINDOWS\ServicePackFiles\i386\irbus.sys + 2008-04-13 07:54:38 88,192 ------w C:\WINDOWS\ServicePackFiles\i386\irda.sys + 2008-04-13 07:54:30 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\irenum.sys + 2008-04-13 15:34:10 153,088 ------w C:\WINDOWS\ServicePackFiles\i386\irftp.exe + 2008-04-13 15:33:28 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\irmon.dll + 2008-04-13 15:04:36 37,632 ------w C:\WINDOWS\ServicePackFiles\i386\isapnp.sys + 2008-04-13 15:33:28 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\isatq.dll + 2008-04-13 15:33:28 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\iscomlog.dll + 2008-04-13 15:32:16 105,984 ------w C:\WINDOWS\ServicePackFiles\i386\isdpc.dll + 2008-04-13 15:32:40 105,984 ------w C:\WINDOWS\ServicePackFiles\i386\isendpc.dll + 2008-04-13 15:32:40 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\isenpid.dll + 2008-04-13 15:33:28 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\isign32.dll + 2008-04-13 15:32:16 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\ispid.dll + 2008-04-13 15:33:28 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\isrdbg32.dll + 2008-04-13 15:33:28 155,136 ------w C:\WINDOWS\ServicePackFiles\i386\itircl.dll + 2008-04-13 15:33:28 138,240 ------w C:\WINDOWS\ServicePackFiles\i386\itss.dll + 2008-04-13 15:33:28 191,488 ------w C:\WINDOWS\ServicePackFiles\i386\iuengine.dll + 2008-04-13 15:33:28 54,784 ------w C:\WINDOWS\ServicePackFiles\i386\ixsso.dll + 2008-04-13 15:33:28 47,616 ------w C:\WINDOWS\ServicePackFiles\i386\iyuv_32.dll + 2008-04-13 15:33:28 163,840 ------w C:\WINDOWS\ServicePackFiles\i386\jgdw400.dll + 2008-04-13 15:33:28 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\jgpl400.dll + 2007-06-27 01:54:36 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\jsc.exe + 2008-04-13 15:33:28 512,000 ------w C:\WINDOWS\ServicePackFiles\i386\jscript.dll + 2008-04-13 15:33:28 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\jsproxy.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbd101.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbd106.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbd106n.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdax2.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdbhc.dll + 2008-04-13 15:05:16 25,216 ------w C:\WINDOWS\ServicePackFiles\i386\kbdclass.sys + 2008-04-13 15:31:44 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdfi1.dll + 2008-04-13 15:05:16 14,720 ------w C:\WINDOWS\ServicePackFiles\i386\kbdhid.sys + 2008-04-13 15:31:44 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdibm02.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdinbe1.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdinben.dll + 2008-04-13 15:31:44 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\kbdinmal.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdiultn.dll + 2008-04-13 15:31:44 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\kbdlk41a.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdlk41j.dll + 2008-04-13 15:31:44 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\kbdmaori.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdmlt47.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdmlt48.dll + 2008-04-13 15:31:44 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdnec.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdnepr.dll + 2008-04-13 15:31:44 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdno1.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\kbdpash.dll + 2008-04-13 15:31:44 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\kbdsmsfi.dll + 2008-04-13 15:31:44 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\kbdsmsno.dll + 2008-04-13 15:31:44 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\kbdukx.dll + 2008-04-13 07:31:36 7,424 ------w C:\WINDOWS\ServicePackFiles\i386\kd1394.dll + 2008-04-13 15:33:30 186,880 ------w C:\WINDOWS\ServicePackFiles\i386\kdcsvc.dll + 2008-04-13 15:33:30 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\kdsui.dll + 2008-04-13 15:33:30 254,464 ------w C:\WINDOWS\ServicePackFiles\i386\kdsusd.dll + 2008-04-13 15:33:30 299,520 ------w C:\WINDOWS\ServicePackFiles\i386\kerberos.dll + 2008-04-13 15:33:30 1,054,720 ------w C:\WINDOWS\ServicePackFiles\i386\kernel32.dll + 2008-04-13 05:50:56 42,537 ------w C:\WINDOWS\ServicePackFiles\i386\keyboard.sys + 2008-04-13 15:33:30 157,184 ------w C:\WINDOWS\ServicePackFiles\i386\keymgr.dll + 2008-04-13 07:45:10 172,416 ------w C:\WINDOWS\ServicePackFiles\i386\kmixer.sys + 2008-04-13 15:33:30 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\kmsvc.dll + 2008-04-13 15:31:44 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\knperdpc.dll + 2008-04-13 15:31:44 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\knperpid.dll + 2008-04-13 15:31:44 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\knprodpc.dll + 2008-04-13 15:31:44 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\knpropid.dll + 2008-04-13 15:33:30 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\koc.dll + 2008-04-13 15:31:44 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\kperdpc.dll + 2008-04-13 15:31:44 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\kperpid.dll + 2008-04-13 15:31:44 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\kprodpc.dll + 2008-04-13 15:31:44 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\kpropid.dll + 2008-04-13 05:53:38 92,608 ------w C:\WINDOWS\ServicePackFiles\i386\krnl386.exe + 2008-04-13 15:33:30 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\krnlprov.dll + 2008-04-13 08:16:38 141,056 ------w C:\WINDOWS\ServicePackFiles\i386\ks.sys + 2008-04-13 07:31:44 92,288 ------w C:\WINDOWS\ServicePackFiles\i386\ksecdd.sys + 2008-04-13 15:33:30 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\ksuser.dll + 2008-04-13 15:33:30 37,376 ------w C:\WINDOWS\ServicePackFiles\i386\l2store.dll + 2008-04-13 15:31:04 97,792 ------w C:\WINDOWS\ServicePackFiles\i386\lang\chtmbx.dll + 2008-04-13 15:31:04 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\lang\chtskdic.dll + 2008-04-13 15:31:04 173,568 ------w C:\WINDOWS\ServicePackFiles\i386\lang\chtskf.dll + 2008-04-13 15:31:06 198,656 ------w C:\WINDOWS\ServicePackFiles\i386\lang\cintime.dll + 2008-04-13 05:43:40 480,256 ------w C:\WINDOWS\ServicePackFiles\i386\lang\cintsetp.exe + 2008-04-13 05:43:34 57,399 ------w C:\WINDOWS\ServicePackFiles\i386\lang\cplexe.exe + 2008-04-13 15:31:32 13,463,552 ------w C:\WINDOWS\ServicePackFiles\i386\lang\hwxjpn.dll + 2008-04-13 15:31:34 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imekrcic.dll + 2008-04-13 15:31:34 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imekrmbx.dll + 2008-04-13 15:31:34 811,064 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjp81k.dll + 2008-04-13 15:31:34 368,696 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpcic.dll + 2008-04-13 15:31:34 716,856 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpcus.dll + 2008-04-13 15:31:34 81,976 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpdct.dll + 2008-04-13 05:43:46 307,257 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpdct.exe + 2008-04-13 05:43:48 155,705 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpdsvr.exe + 2008-04-13 05:43:50 196,665 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpinst.exe + 2008-04-13 05:43:52 208,952 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpmig.exe + 2008-04-13 05:44:00 233,527 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjprw.exe + 2008-04-13 05:44:02 262,200 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjputy.exe + 2008-04-13 15:31:36 274,489 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjputyc.dll + 2008-04-13 15:31:36 102,456 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imlang.dll + 2008-04-13 05:43:38 59,392 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imscinst.exe + 2008-04-13 15:31:36 315,455 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imskf.dll + 2008-04-13 15:32:18 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\lang\padrs404.dll + 2008-04-13 15:32:18 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\lang\padrs804.dll + 2008-04-13 15:32:18 175,104 ------w C:\WINDOWS\ServicePackFiles\i386\lang\pintlcsa.dll + 2008-04-13 15:32:18 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\lang\pintlcsd.dll + 2008-04-13 05:43:38 70,144 ------w C:\WINDOWS\ServicePackFiles\i386\lang\pintlphr.exe + 2008-04-13 15:32:18 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\lang\pmigrate.dll + 2008-04-13 05:43:52 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\lang\tintlphr.exe + 2008-04-13 05:43:54 455,168 ------w C:\WINDOWS\ServicePackFiles\i386\lang\tintsetp.exe + 2008-04-13 15:32:44 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\lang\tmigrate.dll + 2008-04-13 15:32:46 76,288 ------w C:\WINDOWS\ServicePackFiles\i386\lang\uniime.dll + 2008-04-13 15:32:48 426,041 ------w C:\WINDOWS\ServicePackFiles\i386\lang\voicepad.dll + 2008-04-13 15:32:48 86,073 ------w C:\WINDOWS\ServicePackFiles\i386\lang\voicesub.dll + 2008-04-13 07:40:28 34,688 ------w C:\WINDOWS\ServicePackFiles\i386\lbrtfdc.sys + 2008-04-13 15:34:10 677,888 ------w C:\WINDOWS\ServicePackFiles\i386\lhmstsc.exe + 2008-04-13 15:33:30 2,061,824 ------w C:\WINDOWS\ServicePackFiles\i386\lhmstscx.dll + 2008-04-13 15:33:30 424,960 ------w C:\WINDOWS\ServicePackFiles\i386\licdll.dll + 2008-04-13 15:33:30 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\licmgr10.dll + 2008-04-13 15:33:30 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\licwmi.dll + 2008-04-13 15:33:30 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\linkinfo.dll + 2008-04-13 15:33:30 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\lmhsvc.dll + 2008-04-13 15:33:30 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\lmmib2.dll + 2008-04-13 15:33:30 399,872 ------w C:\WINDOWS\ServicePackFiles\i386\lmrt.dll + 2008-04-13 15:33:30 100,352 ------w C:\WINDOWS\ServicePackFiles\i386\loadperf.dll + 2008-04-13 15:33:30 228,352 ------w C:\WINDOWS\ServicePackFiles\i386\localsec.dll + 2008-04-13 15:33:30 346,112 ------w C:\WINDOWS\ServicePackFiles\i386\localspl.dll + 2008-04-13 15:33:30 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\localui.dll + 2008-04-13 15:34:10 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\locator.exe + 2008-04-13 15:33:30 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\log.dll + 2008-04-13 15:34:10 61,952 ------w C:\WINDOWS\ServicePackFiles\i386\logman.exe + 2008-04-13 15:34:34 221,696 ------w C:\WINDOWS\ServicePackFiles\i386\logon.scr + 2008-04-13 15:34:10 515,584 ------w C:\WINDOWS\ServicePackFiles\i386\logonui.exe + 2008-04-13 15:33:30 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\lonsint.dll + 2008-04-13 15:33:30 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\lpdsvc.dll + 2008-04-13 15:33:30 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\lpk.dll + 2008-04-13 15:33:30 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\lprhelp.dll + 2008-04-13 15:33:30 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\lprmon.dll + 2008-04-13 15:33:30 734,720 ------w C:\WINDOWS\ServicePackFiles\i386\lsasrv.dll + 2008-04-13 15:34:10 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\lsass.exe + 2008-04-13 15:07:04 607,452 ------w C:\WINDOWS\ServicePackFiles\i386\ltmdmnt.sys + 2008-04-13 15:07:06 422,528 ------w C:\WINDOWS\ServicePackFiles\i386\ltmdmntt.sys + 2008-04-13 07:40:54 7,040 ------w C:\WINDOWS\ServicePackFiles\i386\ltotape.sys + 2008-04-13 05:39:14 20,864 ------w C:\WINDOWS\ServicePackFiles\i386\lwadihid.sys + 2008-04-13 15:34:12 73,216 ------w C:\WINDOWS\ServicePackFiles\i386\magnify.exe + 2008-04-13 15:34:12 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\makecab.exe + 2008-04-13 15:33:30 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\mcastmib.dll + 2008-04-13 15:33:30 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\mciavi32.dll + 2008-04-13 15:33:30 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\mciqtz32.dll + 2008-04-13 15:33:30 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\mciseq.dll + 2008-04-13 15:33:30 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\mciwave.dll + 2008-04-13 15:33:30 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\md5filt.dll + 2008-04-13 15:33:30 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\mdminst.dll + 2008-04-13 15:33:30 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\mdmxsdk.dll + 2008-04-13 07:23:58 11,868 ------w C:\WINDOWS\ServicePackFiles\i386\mdmxsdk.sys + 2008-04-13 15:33:30 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\medctroc.dll + 2008-04-13 07:41:22 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\memstpci.sys + 2008-04-13 15:33:30 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\metada51.dll + 2008-04-13 07:36:42 63,744 ------w C:\WINDOWS\ServicePackFiles\i386\mf.sys + 2008-04-13 15:33:30 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\mf3216.dll + 2008-04-13 15:33:30 927,504 ------w C:\WINDOWS\ServicePackFiles\i386\mfc40u.dll + 2008-04-13 15:33:30 1,028,096 ------w C:\WINDOWS\ServicePackFiles\i386\mfc42.dll + 2007-04-02 16:14:48 981,760 ------w C:\WINDOWS\ServicePackFiles\i386\mfc42u.dll + 2008-04-13 15:33:30 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\mfcsubs.dll + 2008-04-13 15:33:30 14,848 ------w C:\WINDOWS\ServicePackFiles\i386\mgmtapi.dll + 2007-06-27 01:54:44 712,704 ------w C:\WINDOWS\ServicePackFiles\i386\microsoft.jscript.dll + 2007-06-27 01:54:50 286,720 ------w C:\WINDOWS\ServicePackFiles\i386\microsoft.visualbasic.dll + 2008-04-13 15:33:30 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\midimap.dll + 2008-04-13 15:33:30 274,432 ------w C:\WINDOWS\ServicePackFiles\i386\migism.dll + 2008-04-13 15:33:30 261,120 ------w C:\WINDOWS\ServicePackFiles\i386\migisma.dll + 2008-04-13 15:33:30 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\miglibnt.dll + 2008-04-13 15:34:12 104,448 ------w C:\WINDOWS\ServicePackFiles\i386\migload.exe + 2008-04-13 15:34:12 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\migregdb.exe + 2008-04-13 15:34:12 251,904 ------w C:\WINDOWS\ServicePackFiles\i386\migwiz.exe + 2008-04-13 15:34:12 247,808 ------w C:\WINDOWS\ServicePackFiles\i386\migwiza.exe + 2008-04-13 15:33:30 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\mimefilt.dll + 2008-04-13 15:33:30 586,240 ------w C:\WINDOWS\ServicePackFiles\i386\mlang.dll + 2008-04-13 15:34:12 1,415,680 ------w C:\WINDOWS\ServicePackFiles\i386\mmc.exe + 2008-04-13 15:33:30 184,320 ------w C:\WINDOWS\ServicePackFiles\i386\mmc30.dll + 2008-04-13 15:33:30 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\mmc30r.dll + 2008-04-13 15:33:30 174,080 ------w C:\WINDOWS\ServicePackFiles\i386\mmcbase.dll + 2008-04-13 15:33:32 397,312 ------w C:\WINDOWS\ServicePackFiles\i386\mmcex.dll + 2008-04-13 15:33:32 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\mmcexr.dll + 2008-04-13 15:33:32 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\mmcfxc.dll + 2008-04-13 15:33:32 5,120 ------w C:\WINDOWS\ServicePackFiles\i386\mmcfxcr.dll + 2008-04-13 15:33:32 1,879,040 ------w C:\WINDOWS\ServicePackFiles\i386\mmcndmgr.dll + 2008-04-13 15:34:12 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\mmcperf.exe + 2008-04-13 15:33:32 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\mmcshext.dll + 2008-04-13 15:33:32 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\mmfutil.dll + 2008-04-13 14:53:00 70,688 ------w C:\WINDOWS\ServicePackFiles\i386\mmsystem.dll + 2008-04-13 15:33:32 34,560 ------w C:\WINDOWS\ServicePackFiles\i386\mnmdd.dll + 2008-04-13 15:34:12 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\mnmsrvc.exe + 2008-04-13 15:33:32 210,432 ------w C:\WINDOWS\ServicePackFiles\i386\mobsync.dll + 2008-04-13 15:34:12 143,872 ------w C:\WINDOWS\ServicePackFiles\i386\mobsync.exe + 2008-04-13 14:53:06 30,336 ------w C:\WINDOWS\ServicePackFiles\i386\modem.sys + 2008-04-13 15:33:32 156,160 ------w C:\WINDOWS\ServicePackFiles\i386\modemui.dll + 2008-04-13 15:34:12 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\mofcomp.exe + 2008-04-13 15:33:32 124,928 ------w C:\WINDOWS\ServicePackFiles\i386\mofd.dll + 2008-04-13 15:34:32 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\more.com + 2008-04-13 05:45:32 216,064 ------w C:\WINDOWS\ServicePackFiles\i386\moricons.dll + 2008-04-13 14:53:20 23,680 ------w C:\WINDOWS\ServicePackFiles\i386\mouclass.sys + 2008-04-13 07:39:48 42,368 ------w C:\WINDOWS\ServicePackFiles\i386\mountmgr.sys + 2008-04-13 15:34:14 3,558,912 ------w C:\WINDOWS\ServicePackFiles\i386\moviemk.exe + 2008-04-13 07:46:24 15,232 ------w C:\WINDOWS\ServicePackFiles\i386\mpe.sys + 2008-04-13 15:34:14 124,928 ------w C:\WINDOWS\ServicePackFiles\i386\mplay32.exe + 2008-04-13 15:33:32 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\mpr.dll + 2008-04-13 15:33:32 87,040 ------w C:\WINDOWS\ServicePackFiles\i386\mprapi.dll + 2008-04-13 15:33:32 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\mprdim.dll + 2008-04-13 07:39:46 92,544 ------w C:\WINDOWS\ServicePackFiles\i386\mqac.sys + 2008-04-13 15:33:32 138,240 ------w C:\WINDOWS\ServicePackFiles\i386\mqad.dll + 2008-04-13 15:34:14 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\mqbkup.exe + 2008-04-13 15:33:32 47,616 ------w C:\WINDOWS\ServicePackFiles\i386\mqdscli.dll + 2008-04-13 15:33:32 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\mqise.dll + 2008-04-13 15:33:32 89,088 ------w C:\WINDOWS\ServicePackFiles\i386\mqlogmgr.dll + 2008-04-13 15:33:32 225,280 ------w C:\WINDOWS\ServicePackFiles\i386\mqoa.dll + 2008-04-13 15:33:32 663,040 ------w C:\WINDOWS\ServicePackFiles\i386\mqqm.dll + 2008-04-13 15:33:32 177,152 ------w C:\WINDOWS\ServicePackFiles\i386\mqrt.dll + 2008-04-13 15:33:32 123,904 ------w C:\WINDOWS\ServicePackFiles\i386\mqrtdep.dll + 2008-04-13 15:33:32 95,744 ------w C:\WINDOWS\ServicePackFiles\i386\mqsec.dll + 2008-04-13 15:33:32 517,632 ------w C:\WINDOWS\ServicePackFiles\i386\mqsnap.dll + 2008-04-13 15:34:14 4,608 ------w C:\WINDOWS\ServicePackFiles\i386\mqsvc.exe + 2008-04-13 15:34:14 117,248 ------w C:\WINDOWS\ServicePackFiles\i386\mqtgsvc.exe + 2008-04-13 15:33:32 187,392 ------w C:\WINDOWS\ServicePackFiles\i386\mqtrig.dll + 2008-04-13 15:33:32 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\mqupgrd.dll + 2008-04-13 15:33:32 527,360 ------w C:\WINDOWS\ServicePackFiles\i386\mqutil.dll + 2008-04-13 07:32:46 180,608 ------w C:\WINDOWS\ServicePackFiles\i386\mrxdav.sys + 2008-04-13 08:17:02 456,576 ------w C:\WINDOWS\ServicePackFiles\i386\mrxsmb.sys + 2008-04-13 15:33:32 72,192 ------w C:\WINDOWS\ServicePackFiles\i386\msacm32.dll + 2008-04-13 15:33:32 331,776 ------w C:\WINDOWS\ServicePackFiles\i386\msadce.dll + 2007-03-28 01:56:28 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\msadcer.dll + 2008-04-13 15:33:32 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\msadcf.dll + 2007-03-28 01:56:28 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msadcfr.dll + 2008-04-13 15:33:32 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\msadco.dll + 2007-03-28 01:56:28 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msadcor.dll + 2008-04-13 15:33:32 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\msadcs.dll + 2008-04-13 15:33:32 155,648 ------w C:\WINDOWS\ServicePackFiles\i386\msadds.dll + 2007-03-28 01:56:30 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\msaddsr.dll + 2007-03-28 01:56:30 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\msader15.dll + 2008-04-13 15:33:32 536,576 ------w C:\WINDOWS\ServicePackFiles\i386\msado15.dll + 2008-04-13 15:33:32 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\msadomd.dll + 2008-04-13 15:33:32 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\msador15.dll + 2008-04-13 15:33:32 200,704 ------w C:\WINDOWS\ServicePackFiles\i386\msadox.dll + 2008-04-13 15:33:32 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\msadrh15.dll + 2008-04-13 15:31:52 3,584 ------w C:\WINDOWS\ServicePackFiles\i386\msafd.dll + 2008-04-13 15:33:32 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\msapsspc.dll + 2008-04-13 15:33:32 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\msasn1.dll + 2008-04-13 15:33:32 220,160 ------w C:\WINDOWS\ServicePackFiles\i386\mscandui.dll + 2008-04-13 15:33:32 73,728 ------w C:\WINDOWS\ServicePackFiles\i386\mscms.dll + 2008-04-13 15:33:32 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\msconf.dll + 2008-04-13 15:34:14 172,544 ------w C:\WINDOWS\ServicePackFiles\i386\msconfig.exe + 2007-04-02 09:01:08 116,288 ------w C:\WINDOWS\ServicePackFiles\i386\msconv97.dll + 2007-06-27 01:54:58 1,564,672 ------w C:\WINDOWS\ServicePackFiles\i386\mscorcfg.dll + 2008-04-13 05:10:42 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\mscordbc.dll + 2008-04-13 05:10:44 221,184 ------w C:\WINDOWS\ServicePackFiles\i386\mscordbi.dll + 2007-06-27 01:55:12 131,072 ------w C:\WINDOWS\ServicePackFiles\i386\mscoree.dll + 2008-04-13 05:10:46 73,728 ------w C:\WINDOWS\ServicePackFiles\i386\mscorie.dll + 2007-06-27 01:55:22 303,104 ------w C:\WINDOWS\ServicePackFiles\i386\mscorjit.dll + 2008-04-13 05:10:50 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\mscorld.dll + 2007-12-17 00:58:44 1,998,848 ------w C:\WINDOWS\ServicePackFiles\i386\mscorlib.dll + 2008-04-13 05:10:54 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\mscorpe.dll + 2008-04-13 05:10:54 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.chs.dll + 2008-04-13 05:10:56 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.cht.dll + 2008-04-13 05:10:56 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.dll + 2008-04-13 05:10:56 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.es.dll + 2008-04-13 05:10:56 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.fr.dll + 2008-04-13 05:10:56 167,936 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.ger.dll + 2008-04-13 05:10:56 167,936 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.it.dll + 2008-04-13 05:10:56 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.ja.dll + 2008-04-13 05:10:56 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\mscorrc.kor.dll + 2008-04-13 05:10:56 46,592 ------w C:\WINDOWS\ServicePackFiles\i386\mscorsec.dll + 2008-04-13 05:10:56 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\mscorsn.dll + 2007-12-17 00:58:54 2,273,280 ------w C:\WINDOWS\ServicePackFiles\i386\mscorsvr.dll + 2008-04-13 05:11:00 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\mscortim.dll + 2007-12-17 00:59:28 2,281,472 ------w C:\WINDOWS\ServicePackFiles\i386\mscorwks.dll + 2008-04-13 06:26:08 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\mscpx32r.dll + 2008-04-13 15:33:32 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\mscpxl32.dll + 2008-04-13 15:33:32 297,984 ------w C:\WINDOWS\ServicePackFiles\i386\msctf.dll + 2008-04-13 15:33:32 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\msctfp.dll + 2008-04-13 15:33:32 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdadc.dll + 2008-04-13 15:33:32 118,784 ------w C:\WINDOWS\ServicePackFiles\i386\msdadiag.dll + 2008-04-13 15:33:32 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdaenum.dll + 2008-04-13 15:33:32 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdaer.dll + 2008-04-13 15:33:32 532,480 ------w C:\WINDOWS\ServicePackFiles\i386\msdaipp.dll + 2008-04-13 15:33:32 233,472 ------w C:\WINDOWS\ServicePackFiles\i386\msdaora.dll + 2007-03-28 01:56:32 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msdaorar.dll + 2008-04-13 15:33:32 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\msdaosp.dll + 2007-03-28 01:56:34 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msdaprsr.dll + 2008-04-13 15:33:32 200,704 ------w C:\WINDOWS\ServicePackFiles\i386\msdaprst.dll + 2008-04-13 15:33:32 204,800 ------w C:\WINDOWS\ServicePackFiles\i386\msdaps.dll + 2008-04-13 15:33:32 118,784 ------w C:\WINDOWS\ServicePackFiles\i386\msdarem.dll + 2007-03-28 01:56:34 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msdaremr.dll + 2008-04-13 15:33:32 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\msdart.dll + 2008-04-13 15:33:32 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdasc.dll + 2008-04-13 15:33:32 315,392 ------w C:\WINDOWS\ServicePackFiles\i386\msdasql.dll + 2007-03-28 01:56:34 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msdasqlr.dll + 2008-04-13 15:33:32 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\msdatl3.dll + 2008-04-13 15:33:32 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\msdatt.dll + 2008-04-13 15:33:32 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\msdaurl.dll + 2008-04-13 15:33:32 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\msdfmap.dll + 2008-04-13 15:33:32 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\msdmo.dll + 2008-04-13 15:34:14 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\msdtc.exe + 2008-04-13 15:33:32 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\msdtclog.dll + 2008-04-13 15:33:32 427,008 ------w C:\WINDOWS\ServicePackFiles\i386\msdtcprx.dll + 2008-04-13 15:33:32 90,112 ------w C:\WINDOWS\ServicePackFiles\i386\msdtcstp.dll + 2008-04-13 15:33:32 956,928 ------w C:\WINDOWS\ServicePackFiles\i386\msdtctm.dll + 2008-04-13 15:33:32 161,792 ------w C:\WINDOWS\ServicePackFiles\i386\msdtcuiu.dll + 2008-04-13 07:46:10 51,200 ------w C:\WINDOWS\ServicePackFiles\i386\msdv.sys + 2007-04-02 01:47:44 518,944 ------w C:\WINDOWS\ServicePackFiles\i386\msexch40.dll + 2007-04-02 01:48:00 326,432 ------w C:\WINDOWS\ServicePackFiles\i386\msexcl40.dll + 2008-04-13 07:32:40 19,072 ------w C:\WINDOWS\ServicePackFiles\i386\msfs.sys + 2008-04-13 15:33:32 539,136 ------w C:\WINDOWS\ServicePackFiles\i386\msftedit.dll + 2008-04-13 15:33:32 1,007,104 ------w C:\WINDOWS\ServicePackFiles\i386\msgina.dll + 2008-04-13 07:56:34 35,072 ------w C:\WINDOWS\ServicePackFiles\i386\msgpc.sys + 2008-04-13 15:33:32 3,166,208 ------w C:\WINDOWS\ServicePackFiles\i386\msgr3en.dll + 2008-04-13 15:33:32 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\msgrocm.dll + 2008-04-13 15:33:32 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\msgsc.dll + 2008-04-13 06:30:30 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\msgslang.dll + 2008-04-13 15:33:32 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\msgsvc.dll + 2008-04-13 15:34:36 188,416 ------w C:\WINDOWS\ServicePackFiles\i386\msh261.drv + 2008-04-13 15:34:36 294,912 ------w C:\WINDOWS\ServicePackFiles\i386\msh263.drv + 2008-04-13 15:34:14 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\mshta.exe + 2008-04-13 15:33:32 3,066,880 ------w C:\WINDOWS\ServicePackFiles\i386\mshtml.dll + 2008-04-13 15:33:32 449,024 ------w C:\WINDOWS\ServicePackFiles\i386\mshtmled.dll + 2008-04-13 14:56:26 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\mshtmler.dll + 2008-04-13 15:33:34 2,843,136 ------w C:\WINDOWS\ServicePackFiles\i386\msi.dll + 2008-04-13 15:33:34 51,712 ------w C:\WINDOWS\ServicePackFiles\i386\msident.dll + 2008-04-13 15:33:34 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\msidle.dll + 2008-04-13 15:33:34 252,416 ------w C:\WINDOWS\ServicePackFiles\i386\msieftp.dll + 2008-04-13 15:34:14 78,848 ------w C:\WINDOWS\ServicePackFiles\i386\msiexec.exe + 2008-04-13 15:33:34 271,360 ------w C:\WINDOWS\ServicePackFiles\i386\msihnd.dll + 2008-04-13 15:33:34 4,608 ------w C:\WINDOWS\ServicePackFiles\i386\msimg32.dll + 2008-04-13 15:34:14 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\msimn.exe + 2008-04-13 04:39:44 884,736 ------w C:\WINDOWS\ServicePackFiles\i386\msimsg.dll + 2008-04-13 15:33:34 159,232 ------w C:\WINDOWS\ServicePackFiles\i386\msimtf.dll + 2008-04-13 15:33:34 382,464 ------w C:\WINDOWS\ServicePackFiles\i386\msinfo.dll + 2008-04-13 07:54:30 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\msircomm.sys + 2008-04-13 15:34:14 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\msiregmv.exe + 2008-04-13 15:33:34 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\msisip.dll + 2007-10-21 22:30:52 1,516,568 ------w C:\WINDOWS\ServicePackFiles\i386\msjet40.dll + 2007-04-02 01:49:22 355,112 ------w C:\WINDOWS\ServicePackFiles\i386\msjetol1.dll + 2007-09-10 00:25:02 194,144 ------w C:\WINDOWS\ServicePackFiles\i386\msjint40.dll + 2008-04-13 15:33:34 102,400 ------w C:\WINDOWS\ServicePackFiles\i386\msjro.dll + 2007-04-02 01:49:34 60,192 ------w C:\WINDOWS\ServicePackFiles\i386\msjter40.dll + 2007-04-02 01:49:38 248,608 ------w C:\WINDOWS\ServicePackFiles\i386\msjtes40.dll + 2008-04-13 07:39:54 7,552 ------w C:\WINDOWS\ServicePackFiles\i386\mskssrv.sys + 2008-04-13 15:33:34 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\mslbui.dll + 2007-04-02 01:49:52 219,936 ------w C:\WINDOWS\ServicePackFiles\i386\msltus40.dll + 2008-04-13 15:33:34 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\mslwvtts.dll + 2008-04-13 15:33:34 170,496 ------w C:\WINDOWS\ServicePackFiles\i386\msmqocm.dll + 2008-04-13 15:34:14 1,695,232 ------w C:\WINDOWS\ServicePackFiles\i386\msmsgs.exe + 2006-12-30 02:16:10 11,101,160 ------w C:\WINDOWS\ServicePackFiles\i386\msncli.exe + 2008-04-13 15:33:34 290,816 ------w C:\WINDOWS\ServicePackFiles\i386\msnsspc.dll + 2006-12-30 02:18:52 908,504 ------w C:\WINDOWS\ServicePackFiles\i386\msnsusii.exe + 2008-04-13 15:33:34 122,368 ------w C:\WINDOWS\ServicePackFiles\i386\msobcomm.dll + 2008-04-13 15:33:34 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\msobdl.dll + 2008-04-13 15:33:34 566,272 ------w C:\WINDOWS\ServicePackFiles\i386\msobmain.dll + 2008-04-13 15:33:34 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\msobshel.dll + 2008-04-13 15:33:34 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\msobweb.dll + 2008-04-13 15:33:34 1,314,816 ------w C:\WINDOWS\ServicePackFiles\i386\msoe.dll + 2008-04-13 15:33:34 252,928 ------w C:\WINDOWS\ServicePackFiles\i386\msoeacct.dll + 2008-04-13 15:02:36 2,534,400 ------w C:\WINDOWS\ServicePackFiles\i386\msoeres.dll + 2008-04-13 15:33:34 105,984 ------w C:\WINDOWS\ServicePackFiles\i386\msoert2.dll + 2008-04-13 15:34:14 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\msoobe.exe + 2007-03-28 01:56:36 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\msorc32r.dll + 2008-04-13 15:33:34 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\msorcl32.dll + 2008-04-13 15:34:16 347,648 ------w C:\WINDOWS\ServicePackFiles\i386\mspaint.exe + 2008-04-13 15:33:34 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\mspatcha.dll + 2007-04-02 01:50:06 355,104 ------w C:\WINDOWS\ServicePackFiles\i386\mspbde40.dll + 2008-04-13 07:39:52 5,376 ------w C:\WINDOWS\ServicePackFiles\i386\mspclock.sys + 2008-04-13 07:39:52 4,992 ------w C:\WINDOWS\ServicePackFiles\i386\mspqm.sys + 2008-04-13 05:23:32 48,128 ------w C:\WINDOWS\ServicePackFiles\i386\msprivs.dll + 2008-04-13 15:33:34 146,432 ------w C:\WINDOWS\ServicePackFiles\i386\msrating.dll + 2007-04-02 01:50:28 432,928 ------w C:\WINDOWS\ServicePackFiles\i386\msrd2x40.dll + 2007-04-02 01:50:44 322,336 ------w C:\WINDOWS\ServicePackFiles\i386\msrd3x40.dll + 2007-04-02 01:51:06 559,904 ------w C:\WINDOWS\ServicePackFiles\i386\msrepl40.dll + 2008-04-13 15:33:34 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\msrle32.dll + 2008-04-13 15:33:34 134,656 ------w C:\WINDOWS\ServicePackFiles\i386\mssap.dll + 2008-04-13 15:33:34 155,136 ------w C:\WINDOWS\ServicePackFiles\i386\mssha.dll + 2008-04-13 15:03:10 81,920 ------w C:\WINDOWS\ServicePackFiles\i386\msshamsg.dll + 2008-04-13 07:36:48 15,488 ------w C:\WINDOWS\ServicePackFiles\i386\mssmbios.sys + 2008-04-13 15:33:34 274,432 ------w C:\WINDOWS\ServicePackFiles\i386\mst120.dll + 2008-04-13 15:33:34 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\mst123.dll + 2008-04-13 07:46:10 49,024 ------w C:\WINDOWS\ServicePackFiles\i386\mstape.sys + 2008-04-13 15:33:34 281,600 ------w C:\WINDOWS\ServicePackFiles\i386\mstask.dll + 2008-04-13 07:39:52 5,504 ------w C:\WINDOWS\ServicePackFiles\i386\mstee.sys + 2007-04-02 01:51:28 264,992 ------w C:\WINDOWS\ServicePackFiles\i386\mstext40.dll + 2008-04-13 15:33:34 532,480 ------w C:\WINDOWS\ServicePackFiles\i386\mstime.dll + 2008-04-13 15:34:16 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\mstinit.exe + 2008-04-13 15:33:34 116,224 ------w C:\WINDOWS\ServicePackFiles\i386\mstlsapi.dll + 2008-04-13 15:33:34 195,584 ------w C:\WINDOWS\ServicePackFiles\i386\msutb.dll + 2008-04-13 15:33:34 132,608 ------w C:\WINDOWS\ServicePackFiles\i386\msv1_0.dll + 2008-04-13 15:33:34 1,384,479 ------w C:\WINDOWS\ServicePackFiles\i386\msvbvm60.dll + 2008-04-13 15:33:34 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\msvcirt.dll + 2008-04-13 15:33:34 413,696 ------w C:\WINDOWS\ServicePackFiles\i386\msvcp60.dll + 2008-04-13 15:33:34 343,040 ------w C:\WINDOWS\ServicePackFiles\i386\msvcrt.dll + 2008-04-13 07:30:48 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\msvcrt40.dll + 2008-04-13 15:33:34 122,368 ------w C:\WINDOWS\ServicePackFiles\i386\msvfw32.dll + 2008-04-13 15:33:34 1,434,112 ------w C:\WINDOWS\ServicePackFiles\i386\msvidctl.dll + 2008-04-13 15:33:34 72,704 ------w C:\WINDOWS\ServicePackFiles\i386\msw3prt.dll + 2007-04-02 01:51:48 838,432 ------w C:\WINDOWS\ServicePackFiles\i386\mswdat10.dll + 2008-04-13 15:33:34 204,800 ------w C:\WINDOWS\ServicePackFiles\i386\mswebdvd.dll + 2008-04-13 15:33:34 247,808 ------w C:\WINDOWS\ServicePackFiles\i386\mswsock.dll + 2007-03-28 01:56:40 621,344 ------w C:\WINDOWS\ServicePackFiles\i386\mswstr10.dll + 2008-04-13 15:33:36 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\msxactps.dll + 2007-04-02 01:52:02 355,104 ------w C:\WINDOWS\ServicePackFiles\i386\msxbde40.dll + 2008-04-13 15:33:36 506,368 ------w C:\WINDOWS\ServicePackFiles\i386\msxml.dll + 2008-04-13 15:33:36 701,440 ------w C:\WINDOWS\ServicePackFiles\i386\msxml2.dll + 2008-04-13 15:33:36 1,104,896 ------w C:\WINDOWS\ServicePackFiles\i386\msxml3.dll + 2008-04-13 15:33:36 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\msyuv.dll + 2008-04-13 07:23:42 126,686 ------w C:\WINDOWS\ServicePackFiles\i386\mtlmnt5.sys + 2008-04-13 07:23:40 1,309,184 ------w C:\WINDOWS\ServicePackFiles\i386\mtlstrm.sys + 2008-04-13 15:34:16 119,808 ------w C:\WINDOWS\ServicePackFiles\i386\mtstocom.exe + 2008-04-13 15:33:36 66,560 ------w C:\WINDOWS\ServicePackFiles\i386\mtxclu.dll + 2008-04-13 15:33:36 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\mtxdm.dll + 2008-04-13 15:33:36 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\mtxex.dll + 2008-04-13 15:33:36 34,304 ------w C:\WINDOWS\ServicePackFiles\i386\mtxlegih.dll + 2008-04-13 15:33:36 91,648 ------w C:\WINDOWS\ServicePackFiles\i386\mtxoci.dll + 2008-04-13 15:33:36 1,737,856 ------w C:\WINDOWS\ServicePackFiles\i386\mtxparhd.dll + 2008-04-13 05:34:28 452,736 ------w C:\WINDOWS\ServicePackFiles\i386\mtxparhm.sys + 2008-04-13 08:17:06 105,344 ------w C:\WINDOWS\ServicePackFiles\i386\mup.sys + 2008-04-13 07:43:56 12,672 ------w C:\WINDOWS\ServicePackFiles\i386\mutohpen.sys + 2008-04-13 15:33:36 91,648 ------w C:\WINDOWS\ServicePackFiles\i386\mydocs.dll + 2008-04-13 07:46:26 85,248 ------w C:\WINDOWS\ServicePackFiles\i386\nabtsfec.sys + 2008-04-13 15:33:36 221,184 ------w C:\WINDOWS\ServicePackFiles\i386\nac.dll + 2008-04-13 15:33:36 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\napipsec.dll + 2008-04-13 15:33:36 200,704 ------w C:\WINDOWS\ServicePackFiles\i386\napmontr.dll + 2008-04-13 15:34:16 177,664 ------w C:\WINDOWS\ServicePackFiles\i386\napstat.exe + 2008-04-13 15:34:16 55,296 ------w C:\WINDOWS\ServicePackFiles\i386\narrator.exe + 2008-04-13 15:33:36 36,352 ------w C:\WINDOWS\ServicePackFiles\i386\ncobjapi.dll + 2008-04-13 15:33:36 47,104 ------w C:\WINDOWS\ServicePackFiles\i386\ncprov.dll + 2008-04-13 15:33:36 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\ncpsres.dll + 2008-04-13 15:33:36 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\nddeapi.dll + 2008-04-13 15:34:16 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\nddeapir.exe + 2008-04-13 15:33:36 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\nddenb32.dll + 2008-04-13 08:20:38 182,656 ------w C:\WINDOWS\ServicePackFiles\i386\ndis.sys + 2008-04-13 07:46:24 10,880 ------w C:\WINDOWS\ServicePackFiles\i386\ndisip.sys + 2008-04-13 15:33:36 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\ndisnpp.dll + 2008-04-13 07:57:28 10,112 ------w C:\WINDOWS\ServicePackFiles\i386\ndistapi.sys + 2008-04-13 07:56:00 14,592 ------w C:\WINDOWS\ServicePackFiles\i386\ndisuio.sys + 2008-04-13 08:20:44 91,520 ------w C:\WINDOWS\ServicePackFiles\i386\ndiswan.sys + 2008-04-13 07:57:30 40,576 ------w C:\WINDOWS\ServicePackFiles\i386\ndproxy.sys + 2008-04-13 15:34:16 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\net.exe + 2008-04-13 15:34:16 124,928 ------w C:\WINDOWS\ServicePackFiles\i386\net1.exe + 2008-04-13 15:33:36 337,408 ------w C:\WINDOWS\ServicePackFiles\i386\netapi32.dll + 2008-04-13 07:56:04 34,688 ------w C:\WINDOWS\ServicePackFiles\i386\netbios.sys + 2008-04-13 08:21:02 162,816 ------w C:\WINDOWS\ServicePackFiles\i386\netbt.sys + 2008-04-13 15:33:36 634,368 ------w C:\WINDOWS\ServicePackFiles\i386\netcfgx.dll + 2008-04-13 15:34:16 114,176 ------w C:\WINDOWS\ServicePackFiles\i386\netdde.exe + 2008-04-13 05:09:58 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\netfxocm.dll + 2007-12-17 00:59:54 82,976 ------w C:\WINDOWS\ServicePackFiles\i386\netfxupdate.exe + 2008-04-13 15:33:36 144,896 ------w C:\WINDOWS\ServicePackFiles\i386\netid.dll + 2008-04-13 15:33:36 407,040 ------w C:\WINDOWS\ServicePackFiles\i386\netlogon.dll + 2008-04-13 15:33:36 198,144 ------w C:\WINDOWS\ServicePackFiles\i386\netman.dll + 2008-04-13 15:33:36 78,336 ------w C:\WINDOWS\ServicePackFiles\i386\netoc.dll + 2008-04-13 15:33:36 885,248 ------w C:\WINDOWS\ServicePackFiles\i386\netplwiz.dll + 2008-04-13 15:33:36 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\netrap.dll + 2008-04-13 15:37:12 332,800 ------w C:\WINDOWS\ServicePackFiles\i386\netsetup.exe + 2008-04-13 15:34:16 88,576 ------w C:\WINDOWS\ServicePackFiles\i386\netsh.exe + 2008-04-13 15:33:36 1,719,808 ------w C:\WINDOWS\ServicePackFiles\i386\netshell.dll + 2008-04-13 15:34:16 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\netstat.exe + 2008-04-13 15:33:36 83,456 ------w C:\WINDOWS\ServicePackFiles\i386\netui0.dll + 2008-04-13 15:33:36 245,760 ------w C:\WINDOWS\ServicePackFiles\i386\netui1.dll + 2008-04-13 15:06:02 132,695 ------w C:\WINDOWS\ServicePackFiles\i386\netwlan5.sys + 2008-04-13 15:33:36 250,880 ------w C:\WINDOWS\ServicePackFiles\i386\newdev.dll + 2008-04-13 05:11:08 147,456 ------w C:\WINDOWS\ServicePackFiles\i386\ngen.exe + 2008-04-13 07:51:26 61,824 ------w C:\WINDOWS\ServicePackFiles\i386\nic1394.sys + 2008-04-13 15:33:36 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\nlhtml.dll + 2008-04-13 15:33:38 229,376 ------w C:\WINDOWS\ServicePackFiles\i386\nmas.dll + 2008-04-13 15:33:38 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\nmasnt.dll + 2008-04-13 15:33:38 81,920 ------w C:\WINDOWS\ServicePackFiles\i386\nmchat.dll + 2008-04-13 15:33:38 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\nmcom.dll + 2008-04-13 15:33:38 155,648 ------w C:\WINDOWS\ServicePackFiles\i386\nmft.dll + 2008-04-13 15:33:38 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\nmmkcert.dll + 2008-04-13 07:53:10 40,320 ------w C:\WINDOWS\ServicePackFiles\i386\nmnt.sys + 2008-04-13 15:33:38 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\nmoldwb.dll + 2008-04-13 15:33:38 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\nmwb.dll + 2008-04-13 15:34:16 70,656 ------w C:\WINDOWS\ServicePackFiles\i386\notepad.exe + 2008-04-13 07:32:40 30,848 ------w C:\WINDOWS\ServicePackFiles\i386\npfs.sys + 2008-04-13 15:34:16 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\nppagent.exe + 2008-04-13 15:33:38 55,296 ------w C:\WINDOWS\ServicePackFiles\i386\npptools.dll + 2008-04-13 07:54:38 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\nscirda.sys + 2008-04-13 15:33:38 45,056 ------w C:\WINDOWS\ServicePackFiles\i386\nsepm.dll + 2008-04-13 15:34:16 79,360 ------w C:\WINDOWS\ServicePackFiles\i386\nslookup.exe + 2008-04-13 15:34:18 1,231,360 ------w C:\WINDOWS\ServicePackFiles\i386\ntbackup.exe + 2008-04-13 05:43:04 47,564 ------w C:\WINDOWS\ServicePackFiles\i386\ntdetect.com + 2008-04-13 15:33:04 731,136 ------w C:\WINDOWS\ServicePackFiles\i386\ntdll.dll + 2008-04-13 15:33:38 67,072 ------w C:\WINDOWS\ServicePackFiles\i386\ntdsapi.dll + 2008-04-13 15:33:38 212,992 ------w C:\WINDOWS\ServicePackFiles\i386\ntevt.dll + 2008-04-13 08:15:54 574,976 ------w C:\WINDOWS\ServicePackFiles\i386\ntfs.sys + 2008-04-13 05:49:52 34,000 ------w C:\WINDOWS\ServicePackFiles\i386\ntio.sys + 2008-04-13 05:49:44 34,560 ------w C:\WINDOWS\ServicePackFiles\i386\ntio404.sys + 2008-04-13 05:49:40 35,648 ------w C:\WINDOWS\ServicePackFiles\i386\ntio411.sys + 2008-04-13 05:49:44 35,424 ------w C:\WINDOWS\ServicePackFiles\i386\ntio412.sys + 2008-04-13 05:49:42 34,560 ------w C:\WINDOWS\ServicePackFiles\i386\ntio804.sys + 2008-04-13 15:07:18 2,147,328 ------w C:\WINDOWS\ServicePackFiles\i386\ntkrnlmp.exe + 2008-04-13 15:07:28 2,067,968 ------w C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe + 2008-04-13 15:07:36 2,025,984 ------w C:\WINDOWS\ServicePackFiles\i386\ntkrpamp.exe + 2008-04-13 15:33:38 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\ntlanman.dll + 2008-04-13 15:33:38 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\ntlsapi.dll + 2008-04-13 15:33:38 119,808 ------w C:\WINDOWS\ServicePackFiles\i386\ntmarta.dll + 2008-04-13 15:33:38 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\ntmsapi.dll + 2008-04-13 15:33:38 181,248 ------w C:\WINDOWS\ServicePackFiles\i386\ntmsdba.dll + 2008-04-13 15:33:38 496,640 ------w C:\WINDOWS\ServicePackFiles\i386\ntmsmgr.dll + 2008-04-13 15:33:38 438,272 ------w C:\WINDOWS\ServicePackFiles\i386\ntmssvc.dll + 2008-04-13 07:23:42 180,360 ------w C:\WINDOWS\ServicePackFiles\i386\ntmtlfax.sys + 2008-04-13 15:33:38 63,488 ------w C:\WINDOWS\ServicePackFiles\i386\ntoc.dll + 2008-04-13 15:08:04 2,191,104 ------w C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe + 2008-04-13 15:33:38 91,648 ------w C:\WINDOWS\ServicePackFiles\i386\ntprint.dll + 2008-04-13 15:33:38 145,920 ------w C:\WINDOWS\ServicePackFiles\i386\ntshrui.dll + 2008-04-13 15:34:18 421,888 ------w C:\WINDOWS\ServicePackFiles\i386\ntvdm.exe + 2008-04-13 15:33:38 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\ntvdmd.dll + 2008-04-13 15:33:38 4,274,816 ------w C:\WINDOWS\ServicePackFiles\i386\nv4_disp.dll + 2008-04-13 05:34:32 1,897,408 ------w C:\WINDOWS\ServicePackFiles\i386\nv4_mini.sys + 2008-04-13 15:33:38 64,000 ------w C:\WINDOWS\ServicePackFiles\i386\nwapi32.dll + 2008-04-13 07:56:08 88,320 ------w C:\WINDOWS\ServicePackFiles\i386\nwlnkipx.sys + 2008-04-13 15:33:38 145,920 ------w C:\WINDOWS\ServicePackFiles\i386\nwprovau.dll + 2008-04-13 07:34:14 163,584 ------w C:\WINDOWS\ServicePackFiles\i386\nwrdr.sys + 2008-04-13 15:33:38 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\nwwks.dll + 2008-04-13 15:33:38 271,360 ------w C:\WINDOWS\ServicePackFiles\i386\oakley.dll + 2008-04-13 15:33:38 289,280 ------w C:\WINDOWS\ServicePackFiles\i386\objsel.dll + 2008-04-13 07:40:34 445,440 ------w C:\WINDOWS\ServicePackFiles\i386\obrs040c.dll + 2008-04-13 15:33:40 97,280 ------w C:\WINDOWS\ServicePackFiles\i386\occache.dll + 2008-04-13 15:33:40 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\ocgen.dll + 2008-04-13 15:33:40 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\ocmanage.dll + 2008-04-13 15:33:40 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\ocmsn.dll + 2007-04-02 03:05:22 26,224 ------w C:\WINDOWS\ServicePackFiles\i386\odbc16gt.dll + 2008-04-13 15:33:40 249,856 ------w C:\WINDOWS\ServicePackFiles\i386\odbc32.dll + 2008-04-13 15:33:40 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\odbc32gt.dll + 2008-04-13 15:34:18 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\odbcad32.exe + 2008-04-13 15:33:40 24,576 ------w C:\WINDOWS\ServicePackFiles\i386\odbcbcp.dll + 2008-04-13 15:33:40 135,168 ------w C:\WINDOWS\ServicePackFiles\i386\odbcconf.dll + 2008-04-13 15:34:18 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\odbcconf.exe + 2008-04-13 15:33:40 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\odbccp32.dll + 2008-04-13 15:33:40 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\odbccr32.dll + 2008-04-13 15:33:40 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\odbccu32.dll + 2007-03-28 01:56:44 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\odbcint.dll + 2008-04-13 15:32:16 61,471 ------w C:\WINDOWS\ServicePackFiles\i386\odbcji32.dll + 2008-04-13 15:33:40 278,559 ------w C:\WINDOWS\ServicePackFiles\i386\odbcjt32.dll + 2008-04-13 06:26:06 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\odbcp32r.dll + 2008-04-13 15:33:40 147,456 ------w C:\WINDOWS\ServicePackFiles\i386\odbctrac.dll + 2008-04-13 15:33:40 20,511 ------w C:\WINDOWS\ServicePackFiles\i386\oddbse32.dll + 2008-04-13 15:33:40 20,510 ------w C:\WINDOWS\ServicePackFiles\i386\odexl32.dll + 2008-04-13 15:33:40 20,510 ------w C:\WINDOWS\ServicePackFiles\i386\odfox32.dll + 2008-04-13 15:33:40 20,510 ------w C:\WINDOWS\ServicePackFiles\i386\odpdx32.dll + 2008-04-13 15:33:40 20,511 ------w C:\WINDOWS\ServicePackFiles\i386\odtext32.dll + 2008-04-13 15:33:40 104,448 ------w C:\WINDOWS\ServicePackFiles\i386\oeimport.dll + 2008-04-13 15:34:18 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\oemig50.exe + 2008-04-13 15:33:40 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\oemiglib.dll + 2008-04-13 15:33:40 192,000 ------w C:\WINDOWS\ServicePackFiles\i386\offfilt.dll + 2008-04-13 07:46:20 61,696 ------w C:\WINDOWS\ServicePackFiles\i386\ohci1394.sys + 2008-04-13 15:33:40 1,287,168 ------w C:\WINDOWS\ServicePackFiles\i386\ole32.dll + 2008-04-13 15:33:40 551,936 ------w C:\WINDOWS\ServicePackFiles\i386\oleaut32.dll + 2008-04-13 15:33:40 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\olecli32.dll + 2008-04-13 15:33:40 37,376 ------w C:\WINDOWS\ServicePackFiles\i386\olecnv32.dll + 2008-04-13 15:33:40 487,424 ------w C:\WINDOWS\ServicePackFiles\i386\oledb32.dll + 2008-04-13 15:33:40 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\oledb32r.dll + 2008-04-13 15:33:40 124,928 ------w C:\WINDOWS\ServicePackFiles\i386\oledlg.dll + 2008-04-13 15:33:40 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\oleprn.dll + 2008-04-13 15:33:40 84,992 ------w C:\WINDOWS\ServicePackFiles\i386\olepro32.dll + 2008-04-13 15:33:40 144,896 ------w C:\WINDOWS\ServicePackFiles\i386\onex.dll + 2008-04-13 15:34:18 51,712 ------w C:\WINDOWS\ServicePackFiles\i386\oobebaln.exe + 2008-04-13 15:33:40 713,728 ------w C:\WINDOWS\ServicePackFiles\i386\opengl32.dll + 2008-04-13 15:34:18 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\opnfiles.exe + 2008-04-13 07:32:34 166,912 ------w C:\WINDOWS\ServicePackFiles\i386\oschoice.exe + 2008-04-13 15:34:18 216,576 ------w C:\WINDOWS\ServicePackFiles\i386\osk.exe + 2008-04-13 07:31:54 232,448 ------w C:\WINDOWS\ServicePackFiles\i386\osloader.exe + 2008-04-13 15:33:40 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\osuninst.dll + 2008-04-13 15:33:40 153,600 ------w C:\WINDOWS\ServicePackFiles\i386\p2p.dll + 2008-04-13 15:33:40 105,472 ------w C:\WINDOWS\ServicePackFiles\i386\p2pgasvc.dll + 2008-04-13 15:33:40 313,856 ------w C:\WINDOWS\ServicePackFiles\i386\p2pgraph.dll + 2008-04-13 15:33:40 115,712 ------w C:\WINDOWS\ServicePackFiles\i386\p2pnetsh.dll + 2008-04-13 15:33:40 554,496 ------w C:\WINDOWS\ServicePackFiles\i386\p2psvc.dll + 2008-04-13 15:09:38 46,848 ------w C:\WINDOWS\ServicePackFiles\i386\p3.sys + 2008-04-13 15:34:18 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\packager.exe + 2008-04-13 15:09:42 80,384 ------w C:\WINDOWS\ServicePackFiles\i386\parport.sys + 2008-04-13 07:40:50 19,712 ------w C:\WINDOWS\ServicePackFiles\i386\partmgr.sys + 2008-04-13 15:33:40 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\pautoenr.dll + 2008-04-13 05:35:34 29,502 ------w C:\WINDOWS\ServicePackFiles\i386\pca200e.sys + 2008-04-13 15:33:40 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\pchshell.dll + 2008-04-13 15:33:40 38,400 ------w C:\WINDOWS\ServicePackFiles\i386\pchsvc.dll + 2008-04-13 15:09:48 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\pci.sys + 2008-04-13 07:40:30 24,960 ------w C:\WINDOWS\ServicePackFiles\i386\pciidex.sys + 2007-05-14 21:08:12 288,768 ------w C:\WINDOWS\ServicePackFiles\i386\pcl4res.dll + 2007-05-14 21:08:14 1,058,816 ------w C:\WINDOWS\ServicePackFiles\i386\pcl5eres.dll + 2007-05-14 21:08:16 1,057,280 ------w C:\WINDOWS\ServicePackFiles\i386\pcl5ures.dll + 2007-05-14 21:08:16 207,872 ------w C:\WINDOWS\ServicePackFiles\i386\pclxl.dll + 2008-04-13 15:09:54 120,576 ------w C:\WINDOWS\ServicePackFiles\i386\pcmcia.sys + 2008-04-13 05:12:44 169,984 ------w C:\WINDOWS\ServicePackFiles\i386\pcx500.sys + 2008-04-13 15:33:40 286,720 ------w C:\WINDOWS\ServicePackFiles\i386\pdh.dll + 2008-04-13 05:11:08 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\perfcounter.dll + 2008-04-13 15:33:40 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\perfctrs.dll + 2008-04-13 15:33:40 27,136 ------w C:\WINDOWS\ServicePackFiles\i386\perfdisk.dll + 2008-04-13 15:34:18 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\perfmon.exe + 2008-04-13 15:33:40 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\perfnet.dll + 2008-04-13 15:33:40 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\perfos.dll + 2008-04-13 15:33:40 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\perfproc.dll + 2008-04-13 07:44:30 27,904 ------w C:\WINDOWS\ServicePackFiles\i386\perm2.sys + 2008-04-13 15:32:18 211,584 ------w C:\WINDOWS\ServicePackFiles\i386\perm2dll.dll + 2008-04-13 07:44:32 28,032 ------w C:\WINDOWS\ServicePackFiles\i386\perm3.sys + 2008-04-13 15:32:18 259,328 ------w C:\WINDOWS\ServicePackFiles\i386\perm3dd.dll + 2008-04-13 15:33:40 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\photowiz.dll + 2008-04-13 15:33:40 35,328 ------w C:\WINDOWS\ServicePackFiles\i386\pid.dll + 2008-04-13 15:32:52 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\pidgen.dll + 2008-04-13 15:34:20 284,160 ------w C:\WINDOWS\ServicePackFiles\i386\pinball.exe + 2008-04-13 15:34:20 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\ping.exe + 2008-04-13 15:33:40 15,360 ------w C:\WINDOWS\ServicePackFiles\i386\pjlmon.dll + 2008-04-13 15:33:40 44,544 ------w C:\WINDOWS\ServicePackFiles\i386\plotter.dll + 2008-04-13 15:33:40 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\plotui.dll + 2008-04-13 15:33:40 412,160 ------w C:\WINDOWS\ServicePackFiles\i386\pmh.dll + 2008-04-13 15:33:40 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\pngfilt.dll + 2008-04-13 15:33:40 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\pnrpnsp.dll + 2008-04-13 15:33:40 92,672 ------w C:\WINDOWS\ServicePackFiles\i386\policman.dll + 2008-04-13 15:33:40 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\polstore.dll + 2008-04-13 08:19:42 146,048 ------w C:\WINDOWS\ServicePackFiles\i386\portcls.sys + 2008-04-13 15:34:20 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\powercfg.exe + 2008-04-13 07:40:58 8,832 ------w C:\WINDOWS\ServicePackFiles\i386\powerfil.sys + 2008-04-13 15:33:40 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\powrprof.dll + 2008-04-13 07:41:02 17,664 ------w C:\WINDOWS\ServicePackFiles\i386\ppa3.sys + 2008-04-13 15:33:40 578,560 ------w C:\WINDOWS\ServicePackFiles\i386\printui.dll + 2008-04-13 14:55:32 40,064 ------w C:\WINDOWS\ServicePackFiles\i386\processr.sys + 2008-04-13 15:33:40 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\profmap.dll + 2008-04-13 15:34:20 109,568 ------w C:\WINDOWS\ServicePackFiles\i386\progman.exe + 2008-04-13 15:34:20 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\proquota.exe + 2008-04-13 15:33:40 237,056 ------w C:\WINDOWS\ServicePackFiles\i386\provthrd.dll + 2008-04-13 15:34:20 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\proxycfg.exe + 2008-04-13 15:33:40 728,576 ------w C:\WINDOWS\ServicePackFiles\i386\ps5ui.dll + 2008-04-13 15:33:40 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\psapi.dll + 2008-04-13 15:33:40 98,816 ------w C:\WINDOWS\ServicePackFiles\i386\psbase.dll + 2008-04-13 07:56:40 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\psched.sys + 2008-04-13 15:33:40 543,232 ------w C:\WINDOWS\ServicePackFiles\i386\pscript5.dll + 2008-04-13 15:33:40 363,520 ------w C:\WINDOWS\ServicePackFiles\i386\psisdecd.dll + 2008-04-13 15:33:40 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\pstorec.dll + 2008-04-13 15:33:40 34,304 ------w C:\WINDOWS\ServicePackFiles\i386\pstorsvc.dll + 2008-04-13 15:33:40 159,232 ------w C:\WINDOWS\ServicePackFiles\i386\ptpusd.dll + 2008-04-13 15:33:40 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\pwsdata.dll + 2008-04-13 15:33:40 151,040 ------w C:\WINDOWS\ServicePackFiles\i386\qagent.dll + 2008-04-13 15:33:40 293,376 ------w C:\WINDOWS\ServicePackFiles\i386\qagentrt.dll + 2008-04-13 15:33:40 237,568 ------w C:\WINDOWS\ServicePackFiles\i386\qasf.dll + 2008-04-13 15:33:40 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\qcap.dll + 2008-04-13 15:33:40 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\qcliprov.dll + 2008-04-13 15:33:40 279,040 ------w C:\WINDOWS\ServicePackFiles\i386\qdv.dll + 2008-04-13 15:33:40 387,072 ------w C:\WINDOWS\ServicePackFiles\i386\qdvd.dll + 2008-04-13 15:33:40 563,200 ------w C:\WINDOWS\ServicePackFiles\i386\qedit.dll + 2008-04-13 06:21:34 733,696 ------w C:\WINDOWS\ServicePackFiles\i386\qedwipes.dll + 2008-04-13 07:40:54 6,016 ------w C:\WINDOWS\ServicePackFiles\i386\qic157.sys + 2008-04-13 15:33:40 409,088 ------w C:\WINDOWS\ServicePackFiles\i386\qmgr.dll + 2008-04-13 15:33:40 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\qmgrprxy.dll + 2008-04-13 15:34:20 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\qprocess.exe + 2008-04-13 15:33:40 1,294,336 ------w C:\WINDOWS\ServicePackFiles\i386\quartz.dll + 2008-04-13 15:33:40 1,440,768 ------w C:\WINDOWS\ServicePackFiles\i386\query.dll + 2008-04-13 15:33:40 76,800 ------w C:\WINDOWS\ServicePackFiles\i386\qutil.dll + 2008-04-13 15:33:40 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\racpldlg.dll + 2008-04-13 07:41:24 20,736 ------w C:\WINDOWS\ServicePackFiles\i386\ramdisk.sys + 2008-04-13 15:33:40 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\rasadhlp.dll + 2008-04-13 15:33:40 237,056 ------w C:\WINDOWS\ServicePackFiles\i386\rasapi32.dll + 2008-04-13 15:33:40 88,576 ------w C:\WINDOWS\ServicePackFiles\i386\rasauto.dll + 2008-04-13 15:33:40 79,872 ------w C:\WINDOWS\ServicePackFiles\i386\raschap.dll + 2008-04-13 15:33:40 685,568 ------w C:\WINDOWS\ServicePackFiles\i386\rasdlg.dll + 2008-04-13 08:19:44 51,328 ------w C:\WINDOWS\ServicePackFiles\i386\rasl2tp.sys + 2008-04-13 15:33:40 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\rasman.dll + 2008-04-13 15:33:40 186,368 ------w C:\WINDOWS\ServicePackFiles\i386\rasmans.dll + 2008-04-13 15:34:20 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\rasphone.exe + 2008-04-13 15:33:40 210,944 ------w C:\WINDOWS\ServicePackFiles\i386\rasppp.dll + 2008-04-13 07:57:34 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\raspppoe.sys + 2008-04-13 08:19:50 48,384 ------w C:\WINDOWS\ServicePackFiles\i386\raspptp.sys + 2008-04-13 15:33:40 61,952 ------w C:\WINDOWS\ServicePackFiles\i386\rasqec.dll + 2008-04-13 15:33:40 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\rassapi.dll + 2008-04-13 15:33:40 58,368 ------w C:\WINDOWS\ServicePackFiles\i386\rastapi.dll + 2008-04-13 15:33:40 151,040 ------w C:\WINDOWS\ServicePackFiles\i386\rastls.dll + 2008-04-13 15:33:40 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\rcbdyctl.dll + 2008-04-13 15:34:20 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\rcimlby.exe + 2008-04-13 15:34:20 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\rcp.exe + 2008-04-13 08:28:40 175,744 ------w C:\WINDOWS\ServicePackFiles\i386\rdbss.sys + 2008-04-13 15:33:40 147,968 ------w C:\WINDOWS\ServicePackFiles\i386\rdchost.dll + 2008-04-13 15:34:20 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\rdpclip.exe + 2008-04-13 15:34:54 92,424 ------w C:\WINDOWS\ServicePackFiles\i386\rdpdd.dll + 2008-04-13 07:32:52 196,224 ------w C:\WINDOWS\ServicePackFiles\i386\rdpdr.sys + 2008-04-13 15:33:40 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\rdpsnd.dll + 2008-04-13 15:34:56 139,656 ------w C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys + 2008-04-13 15:34:56 87,176 ------w C:\WINDOWS\ServicePackFiles\i386\rdpwsx.dll + 2008-04-13 15:34:20 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\rdsaddin.exe + 2008-04-13 15:34:20 67,072 ------w C:\WINDOWS\ServicePackFiles\i386\rdshost.exe + 2008-04-13 07:23:44 13,776 ------w C:\WINDOWS\ServicePackFiles\i386\recagent.sys + 2008-04-13 14:57:36 58,752 ------w C:\WINDOWS\ServicePackFiles\i386\redbook.sys + 2008-04-13 05:52:34 3,352 ------w C:\WINDOWS\ServicePackFiles\i386\redir.exe + 2008-04-13 15:34:20 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\reg.exe + 2008-04-13 15:33:40 49,664 ------w C:\WINDOWS\ServicePackFiles\i386\regapi.dll + 2007-06-27 01:57:34 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\regasm.exe + 2007-06-27 01:57:38 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\regcode.dll + 2008-04-13 15:34:20 153,088 ------w C:\WINDOWS\ServicePackFiles\i386\regedit.exe + 2008-04-13 15:33:40 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\regsvc.dll + 2007-06-27 01:57:42 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\regsvcs.exe + 2008-04-13 15:34:20 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\regsvr32.exe + 2008-04-13 15:33:40 405,504 ------w C:\WINDOWS\ServicePackFiles\i386\regwizc.dll + 2008-04-13 15:33:40 61,952 ------w C:\WINDOWS\ServicePackFiles\i386\remotepg.dll + 2008-04-13 15:33:40 178,176 ------w C:\WINDOWS\ServicePackFiles\i386\repdrvfs.dll + 2008-04-13 15:33:40 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\resutils.dll + 2008-04-13 15:34:20 14,848 ------w C:\WINDOWS\ServicePackFiles\i386\rexec.exe + 2008-04-13 07:46:34 59,136 ------w C:\WINDOWS\ServicePackFiles\i386\rfcomm.sys + 2008-04-13 15:33:40 290,304 ------w C:\WINDOWS\ServicePackFiles\i386\rhttpaa.dll + 2008-04-13 15:33:40 124,416 ------w C:\WINDOWS\ServicePackFiles\i386\riafres.dll + 2008-04-13 15:33:40 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\riafui1.dll + 2008-04-13 15:33:40 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\riafui2.dll + 2008-04-13 15:33:40 433,664 ------w C:\WINDOWS\ServicePackFiles\i386\riched20.dll + 2008-04-13 07:55:10 202,624 ------w C:\WINDOWS\ServicePackFiles\i386\rmcast.sys + 2008-04-13 07:56:50 30,592 ------w C:\WINDOWS\ServicePackFiles\i386\rndismp.sys + 2008-04-13 07:56:50 30,592 ------w C:\WINDOWS\ServicePackFiles\i386\rndismpx.sys + 2008-04-13 14:58:30 79,360 ------w C:\WINDOWS\ServicePackFiles\i386\rocket.sys + 2008-04-13 15:33:40 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\rpcref.dll + 2008-04-13 15:33:40 584,704 ------w C:\WINDOWS\ServicePackFiles\i386\rpcrt4.dll + 2008-04-13 15:33:40 399,360 ------w C:\WINDOWS\ServicePackFiles\i386\rpcss.dll + 2008-04-13 15:33:40 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\rrcm.dll + 2008-04-13 06:37:58 208,384 ------w C:\WINDOWS\ServicePackFiles\i386\rsaenh.dll + 2008-04-13 15:34:20 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\rsh.exe + 2008-04-13 15:33:40 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\rshx32.dll + 2008-04-13 15:33:40 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\rsmps.dll + 2008-04-13 15:34:20 107,520 ------w C:\WINDOWS\ServicePackFiles\i386\rsnotify.exe + 2008-04-13 15:34:20 384,512 ------w C:\WINDOWS\ServicePackFiles\i386\rstrui.exe + 2008-04-13 15:33:40 92,672 ------w C:\WINDOWS\ServicePackFiles\i386\rsvpsp.dll + 2008-04-13 15:34:22 78,336 ------w C:\WINDOWS\ServicePackFiles\i386\rtcshare.exe + 2008-04-13 15:33:40 31,744 ------w C:\WINDOWS\ServicePackFiles\i386\rtipxmib.dll + 2008-04-13 05:35:40 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\rtl8139.sys + 2008-04-13 15:33:40 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\rtutils.dll + 2008-04-13 15:34:22 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\rundll32.exe + 2008-04-13 15:34:22 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\runonce.exe + 2008-04-13 15:33:40 28,160 ------w C:\WINDOWS\ServicePackFiles\i386\rw001ext.dll + 2008-04-13 15:33:40 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\rw330ext.dll + 2008-04-13 15:33:40 28,160 ------w C:\WINDOWS\ServicePackFiles\i386\rw430ext.dll + 2008-04-13 15:33:40 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\rw450ext.dll + 2008-04-13 15:33:40 9,728 ------w C:\WINDOWS\ServicePackFiles\i386\rwnh.dll + 2008-04-13 15:33:40 397,056 ------w C:\WINDOWS\ServicePackFiles\i386\s3gnb.dll + 2008-04-13 05:34:34 166,912 ------w C:\WINDOWS\ServicePackFiles\i386\s3gnbm.sys + 2008-04-13 15:33:40 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\safrcdlg.dll + 2008-04-13 15:33:40 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\safrdm.dll + 2008-04-13 15:33:40 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\safrslv.dll + 2008-04-13 15:33:40 64,000 ------w C:\WINDOWS\ServicePackFiles\i386\samlib.dll + 2008-04-13 15:33:40 431,104 ------w C:\WINDOWS\ServicePackFiles\i386\samsrv.dll + 2008-04-13 15:33:40 741,376 ------w C:\WINDOWS\ServicePackFiles\i386\sapi.dll + 2008-04-13 15:34:22 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\savedump.exe + 2008-04-13 15:33:40 270,848 ------w C:\WINDOWS\ServicePackFiles\i386\sbe.dll + 2008-04-13 15:33:40 159,232 ------w C:\WINDOWS\ServicePackFiles\i386\sbeio.dll + 2008-04-13 07:40:50 43,904 ------w C:\WINDOWS\ServicePackFiles\i386\sbp2port.sys + 2008-04-13 15:33:42 71,168 ------w C:\WINDOWS\ServicePackFiles\i386\scarddlg.dll + 2008-04-13 15:34:22 100,352 ------w C:\WINDOWS\ServicePackFiles\i386\scardsvr.exe + 2008-04-13 06:38:00 169,984 ------w C:\WINDOWS\ServicePackFiles\i386\sccbase.dll + 2008-04-13 15:33:42 171,520 ------w C:\WINDOWS\ServicePackFiles\i386\sccsccp.dll + 2008-04-13 15:33:42 187,392 ------w C:\WINDOWS\ServicePackFiles\i386\scecli.dll + 2008-04-13 15:33:42 329,728 ------w C:\WINDOWS\ServicePackFiles\i386\scesrv.dll + 2008-04-13 15:33:42 144,384 ------w C:\WINDOWS\ServicePackFiles\i386\schannel.dll + 2008-04-13 15:33:42 194,560 ------w C:\WINDOWS\ServicePackFiles\i386\schedsvc.dll + 2008-04-13 15:33:42 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\sclgntfy.dll + 2008-04-13 15:34:22 36,352 ------w C:\WINDOWS\ServicePackFiles\i386\scrcons.exe + 2008-04-13 15:33:42 217,600 ------w C:\WINDOWS\ServicePackFiles\i386\script.dll + 2008-04-13 15:33:42 201,216 ------w C:\WINDOWS\ServicePackFiles\i386\scripta.dll + 2008-04-13 15:34:34 9,216 ------w C:\WINDOWS\ServicePackFiles\i386\scrnsave.scr + 2008-04-13 15:33:42 180,224 ------w C:\WINDOWS\ServicePackFiles\i386\scrobj.dll + 2008-04-13 15:33:42 172,032 ------w C:\WINDOWS\ServicePackFiles\i386\scrrun.dll + 2008-04-13 07:40:32 96,384 ------w C:\WINDOWS\ServicePackFiles\i386\scsiport.sys + 2008-04-13 07:45:34 11,520 ------w C:\WINDOWS\ServicePackFiles\i386\scsiscan.sys + 2008-04-13 15:34:22 130,560 ------w C:\WINDOWS\ServicePackFiles\i386\sctasks.exe + 2008-04-13 15:34:22 78,848 ------w C:\WINDOWS\ServicePackFiles\i386\sdbinst.exe + 2008-04-13 07:36:46 79,232 ------w C:\WINDOWS\ServicePackFiles\i386\sdbus.sys + 2008-04-13 15:33:42 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\sdhcinst.dll + 2008-04-13 05:39:16 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\secdrv.sys + 2008-04-13 15:34:22 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\secedit.exe + 2008-04-13 15:33:42 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\seclogon.dll + 2006-12-30 15:27:08 4,569 ------w C:\WINDOWS\ServicePackFiles\i386\secupd.dat + 2008-04-13 15:33:42 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\secur32.dll + 2008-04-13 15:33:42 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\security.dll + 2008-04-13 15:33:42 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\sendcmsg.dll + 2008-04-13 15:33:42 55,296 ------w C:\WINDOWS\ServicePackFiles\i386\sendmail.dll + 2008-04-13 15:33:42 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\sens.dll + 2008-04-13 15:33:42 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\sensapi.dll + 2008-04-13 15:33:42 221,696 ------w C:\WINDOWS\ServicePackFiles\i386\seo.dll + 2008-04-13 07:40:14 15,744 ------w C:\WINDOWS\ServicePackFiles\i386\serenum.sys + 2008-04-13 15:00:10 66,048 ------w C:\WINDOWS\ServicePackFiles\i386\serial.sys + 2008-04-13 15:33:42 56,320 ------w C:\WINDOWS\ServicePackFiles\i386\servdeps.dll + 2008-04-13 15:34:22 109,056 ------w C:\WINDOWS\ServicePackFiles\i386\services.exe + 2008-04-13 15:34:22 142,848 ------w C:\WINDOWS\ServicePackFiles\i386\sessmgr.exe + 2008-04-13 15:34:22 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\sethc.exe + 2007-12-17 00:59:56 66,592 ------w C:\WINDOWS\ServicePackFiles\i386\setregni.exe + 2008-04-13 15:34:22 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\setup.exe + 2008-04-13 15:34:22 73,728 ------w C:\WINDOWS\ServicePackFiles\i386\setup50.exe + 2008-04-13 15:33:42 1,005,056 ------w C:\WINDOWS\ServicePackFiles\i386\setupapi.dll + 2008-04-13 15:34:22 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\setupn.exe + 2008-04-13 15:33:42 101,888 ------w C:\WINDOWS\ServicePackFiles\i386\setupqry.dll + 2008-04-13 15:33:42 5,120 ------w C:\WINDOWS\ServicePackFiles\i386\sfc.dll + 2008-04-13 15:33:42 142,336 ------w C:\WINDOWS\ServicePackFiles\i386\sfc_os.dll + 2008-04-13 15:33:42 1,571,840 ------w C:\WINDOWS\ServicePackFiles\i386\sfcfiles.dll + 2008-04-13 07:40:48 11,904 ------w C:\WINDOWS\ServicePackFiles\i386\sffdisk.sys + 2008-04-13 07:40:50 10,240 ------w C:\WINDOWS\ServicePackFiles\i386\sffp_mmc.sys + 2008-04-13 07:40:48 11,008 ------w C:\WINDOWS\ServicePackFiles\i386\sffp_sd.sys + 2008-04-13 07:40:50 11,392 ------w C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys + 2008-04-13 15:01:00 572,416 ------w C:\WINDOWS\ServicePackFiles\i386\shdoclc.dll + 2008-04-13 15:33:42 1,499,136 ------w C:\WINDOWS\ServicePackFiles\i386\shdocvw.dll + 2008-04-13 15:33:42 8,517,632 ------w C:\WINDOWS\ServicePackFiles\i386\shell32.dll + 2008-04-13 15:33:42 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\shfolder.dll + 2008-04-13 15:33:42 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\shgina.dll + 2008-04-13 15:33:42 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\shimeng.dll + 2008-04-13 15:33:42 440,320 ------w C:\WINDOWS\ServicePackFiles\i386\shimgvw.dll + 2008-04-13 15:33:42 474,624 ------w C:\WINDOWS\ServicePackFiles\i386\shlwapi.dll + 2008-04-13 15:34:22 45,056 ------w C:\WINDOWS\ServicePackFiles\i386\shmgrate.exe + 2008-04-13 15:34:22 78,848 ------w C:\WINDOWS\ServicePackFiles\i386\shrpubw.exe + 2008-04-13 15:33:42 28,160 ------w C:\WINDOWS\ServicePackFiles\i386\shscrap.dll + 2008-04-13 15:33:42 135,680 ------w C:\WINDOWS\ServicePackFiles\i386\shsvcs.dll + 2008-04-13 15:33:42 20,536 ------w C:\WINDOWS\ServicePackFiles\i386\shtml.dll + 2008-04-13 15:34:22 16,437 ------w C:\WINDOWS\ServicePackFiles\i386\shtml.exe + 2008-04-13 15:34:22 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\shutdown.exe + 2008-04-13 15:33:42 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\sigtab.dll + 2008-04-13 15:34:22 71,168 ------w C:\WINDOWS\ServicePackFiles\i386\sigverif.exe + 2008-04-13 15:33:42 3,901 ------w C:\WINDOWS\ServicePackFiles\i386\siint5.dll + 2008-04-13 07:36:40 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\sisagp.sys + 2008-04-13 05:35:40 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\sisnic.sys + 2008-04-13 15:34:22 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\skeys.exe + 2008-04-13 05:35:40 63,547 ------w C:\WINDOWS\ServicePackFiles\i386\sla30nd5.sys + 2008-04-13 15:33:42 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\slayerxp.dll + 2008-04-13 06:38:00 306,176 ------w C:\WINDOWS\ServicePackFiles\i386\slbcsp.dll + 2008-04-13 15:33:42 98,304 ------w C:\WINDOWS\ServicePackFiles\i386\slbiop.dll + 2008-04-13 15:33:42 73,832 ------w C:\WINDOWS\ServicePackFiles\i386\slcoinst.dll + 2008-04-13 15:33:42 286,792 ------w C:\WINDOWS\ServicePackFiles\i386\slextspk.dll + 2008-04-13 15:33:42 188,508 ------w C:\WINDOWS\ServicePackFiles\i386\slgen.dll + 2008-04-13 07:46:24 11,136 ------w C:\WINDOWS\ServicePackFiles\i386\slip.sys + 2008-04-13 07:23:44 129,535 ------w C:\WINDOWS\ServicePackFiles\i386\slnt7554.sys + 2008-04-13 07:23:46 404,990 ------w C:\WINDOWS\ServicePackFiles\i386\slntamr.sys + 2008-04-13 07:23:48 95,424 ------w C:\WINDOWS\ServicePackFiles\i386\slnthal.sys + 2008-04-13 15:34:24 32,866 ------w C:\WINDOWS\ServicePackFiles\i386\slrundll.exe + 2008-04-13 15:34:24 73,796 ------w C:\WINDOWS\ServicePackFiles\i386\slserv.exe + 2008-04-13 07:23:48 13,240 ------w C:\WINDOWS\ServicePackFiles\i386\slwdmsup.sys + 2008-04-13 07:36:36 5,888 ------w C:\WINDOWS\ServicePackFiles\i386\smbali.sys + 2008-04-13 07:36:34 16,000 ------w C:\WINDOWS\ServicePackFiles\i386\smbbatt.sys + 2008-04-13 07:36:34 6,912 ------w C:\WINDOWS\ServicePackFiles\i386\smbclass.sys + 2008-04-13 15:34:24 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\smbinst.exe + 2008-04-13 15:34:24 236,544 ------w C:\WINDOWS\ServicePackFiles\i386\smi2smir.exe + 2008-04-13 15:33:42 370,176 ------w C:\WINDOWS\ServicePackFiles\i386\smlogcfg.dll + 2008-04-13 15:34:24 93,184 ------w C:\WINDOWS\ServicePackFiles\i386\smlogsvc.exe + 2008-04-13 15:34:24 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\smss.exe + 2008-04-13 15:33:42 189,440 ------w C:\WINDOWS\ServicePackFiles\i386\smtpadm.dll + 2008-04-13 15:33:42 10,752 ------w C:\WINDOWS\ServicePackFiles\i386\smtpapi.dll + 2008-04-13 15:33:42 2,134,528 ------w C:\WINDOWS\ServicePackFiles\i386\smtpsnap.dll + 2008-04-13 15:33:42 466,432 ------w C:\WINDOWS\ServicePackFiles\i386\smtpsvc.dll + 2008-04-13 15:34:24 133,120 ------w C:\WINDOWS\ServicePackFiles\i386\sndrec32.exe + 2008-04-13 15:33:42 34,816 ------w C:\WINDOWS\ServicePackFiles\i386\sniffpol.dll + 2008-04-13 15:34:24 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\snmp.exe + 2008-04-13 15:33:42 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\snmpapi.dll + 2008-04-13 15:33:42 259,072 ------w C:\WINDOWS\ServicePackFiles\i386\snmpcl.dll + 2008-04-13 15:33:42 358,400 ------w C:\WINDOWS\ServicePackFiles\i386\snmpincl.dll + 2008-04-13 15:33:42 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\snmpmib.dll + 2008-04-13 15:33:42 188,416 ------w C:\WINDOWS\ServicePackFiles\i386\snmpsmir.dll + 2008-04-13 15:33:42 184,320 ------w C:\WINDOWS\ServicePackFiles\i386\snmpsnap.dll + 2008-04-13 15:33:42 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\snmpthrd.dll + 2008-04-13 15:34:24 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\snmptrap.exe + 2008-04-13 15:33:42 130,048 ------w C:\WINDOWS\ServicePackFiles\i386\softkbd.dll + 2008-04-13 07:40:54 7,552 ------w C:\WINDOWS\ServicePackFiles\i386\sonyait.sys + 2008-04-13 07:46:08 25,344 ------w C:\WINDOWS\ServicePackFiles\i386\sonydcam.sys + 2008-04-13 15:34:24 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\sort.exe + 2008-04-13 15:34:24 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\spdwnwxp.exe + 2008-04-13 05:43:20 62,976 ------w C:\WINDOWS\ServicePackFiles\i386\spgrmr.dll + 2008-04-13 15:34:24 539,136 ------w C:\WINDOWS\ServicePackFiles\i386\spider.exe + 2008-04-13 07:43:32 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\spiisupd.exe + 2008-04-13 07:45:08 6,272 ------w C:\WINDOWS\ServicePackFiles\i386\splitter.sys + 2008-04-13 15:34:24 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\spnpinst.exe + 2008-04-13 15:33:42 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\spoolss.dll + 2008-04-13 15:34:24 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe + 2008-04-13 07:35:22 197,632 ------w C:\WINDOWS\ServicePackFiles\i386\sprs040c.dll + 2008-04-13 07:36:48 2,986,496 ------w C:\WINDOWS\ServicePackFiles\i386\sprt040c.dll + 2008-04-13 07:39:18 778,752 ------w C:\WINDOWS\ServicePackFiles\i386\spru040c.dll + 2008-04-13 15:33:48 272,384 ------w C:\WINDOWS\ServicePackFiles\i386\sptip.dll + 2008-04-13 15:34:24 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\spupdwxp.exe + 2008-04-13 15:33:48 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\sqldb20.dll + 2008-04-13 15:33:48 528,384 ------w C:\WINDOWS\ServicePackFiles\i386\sqloledb.dll + 2008-04-13 15:33:48 462,848 ------w C:\WINDOWS\ServicePackFiles\i386\sqlqp20.dll + 2008-04-13 15:33:48 110,592 ------w C:\WINDOWS\ServicePackFiles\i386\sqlse20.dll + 2008-04-13 15:33:48 442,368 ------w C:\WINDOWS\ServicePackFiles\i386\sqlsrv32.dll + 2008-04-13 15:33:48 180,800 ------w C:\WINDOWS\ServicePackFiles\i386\sqlunirl.dll + 2008-04-13 15:33:48 217,088 ------w C:\WINDOWS\ServicePackFiles\i386\sqlxmlx.dll + 2008-04-13 15:10:04 73,600 ------w C:\WINDOWS\ServicePackFiles\i386\sr.sys + 2008-04-13 15:33:48 58,434 ------w C:\WINDOWS\ServicePackFiles\i386\srchctls.dll + 2008-04-13 15:33:48 727,102 ------w C:\WINDOWS\ServicePackFiles\i386\srchui.dll + 2008-04-13 15:33:48 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\srclient.dll + 2008-04-13 15:33:48 241,664 ------w C:\WINDOWS\ServicePackFiles\i386\srrstr.dll + 2008-04-13 15:33:48 171,520 ------w C:\WINDOWS\ServicePackFiles\i386\srsvc.dll + 2008-04-13 08:15:12 334,848 ------w C:\WINDOWS\ServicePackFiles\i386\srv.sys + 2008-04-13 15:33:48 96,768 ------w C:\WINDOWS\ServicePackFiles\i386\srvsvc.dll + 2008-04-13 15:34:34 708,608 ------w C:\WINDOWS\ServicePackFiles\i386\ss3dfo.scr + 2008-04-13 15:34:34 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\ssbezier.scr + 2008-04-13 15:33:48 34,816 ------w C:\WINDOWS\ServicePackFiles\i386\ssdpapi.dll + 2008-04-13 15:33:48 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\ssdpsrv.dll + 2008-04-13 15:34:34 393,216 ------w C:\WINDOWS\ServicePackFiles\i386\ssflwbox.scr + 2008-04-13 15:33:48 45,568 ------w C:\WINDOWS\ServicePackFiles\i386\ssinc51.dll + 2008-04-13 15:34:34 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\ssmarque.scr + 2008-04-13 15:34:34 47,104 ------w C:\WINDOWS\ServicePackFiles\i386\ssmypics.scr + 2008-04-13 15:34:34 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\ssmyst.scr + 2008-04-13 15:33:48 46,592 ------w C:\WINDOWS\ServicePackFiles\i386\sspifilt.dll + 2008-04-13 15:34:34 610,304 ------w C:\WINDOWS\ServicePackFiles\i386\sspipes.scr + 2008-04-13 15:34:34 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\ssstars.scr + 2008-04-13 15:34:34 684,032 ------w C:\WINDOWS\ServicePackFiles\i386\sstext3d.scr + 2008-04-13 15:33:48 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\sstub.dll + 2008-04-13 15:33:48 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\staxmem.dll + 2008-04-13 15:33:48 59,392 ------w C:\WINDOWS\ServicePackFiles\i386\stclient.dll + 2008-04-13 15:33:48 86,528 ------w C:\WINDOWS\ServicePackFiles\i386\stdprov.dll + 2008-04-13 15:33:48 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\sti.dll + 2008-04-13 15:33:48 138,240 ------w C:\WINDOWS\ServicePackFiles\i386\sti_ci.dll + 2008-04-13 15:34:24 14,848 ------w C:\WINDOWS\ServicePackFiles\i386\stimon.exe + 2008-04-13 15:33:48 122,368 ------w C:\WINDOWS\ServicePackFiles\i386\stobject.dll + 2008-04-13 15:33:48 76,800 ------w C:\WINDOWS\ServicePackFiles\i386\storprop.dll + 2008-04-13 07:45:16 49,408 ------w C:\WINDOWS\ServicePackFiles\i386\stream.sys + 2008-04-13 07:46:22 15,232 ------w C:\WINDOWS\ServicePackFiles\i386\streamip.sys + 2008-04-13 15:33:48 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\strmfilt.dll + 2008-04-13 15:34:24 16,449 ------w C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvadm.exe + 2008-04-13 15:34:24 65,601 ------w C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvwin.exe + 2008-04-13 15:33:48 46,592 ------w C:\WINDOWS\ServicePackFiles\i386\svcext51.dll + 2008-04-13 15:34:24 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\svchost.exe + 2008-04-13 07:39:54 4,352 ------w C:\WINDOWS\ServicePackFiles\i386\swenum.sys + 2008-04-13 07:45:10 56,576 ------w C:\WINDOWS\ServicePackFiles\i386\swmidi.sys + 2008-04-13 15:33:48 716,800 ------w C:\WINDOWS\ServicePackFiles\i386\sxs.dll + 2007-12-17 00:59:58 1,179,648 ------w C:\WINDOWS\ServicePackFiles\i386\sy52106.dll + 2008-04-13 15:33:48 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\synceng.dll + 2008-04-13 15:33:48 197,120 ------w C:\WINDOWS\ServicePackFiles\i386\syncui.dll + 2008-04-13 08:15:56 60,800 ------w C:\WINDOWS\ServicePackFiles\i386\sysaudio.sys + 2008-04-13 15:34:24 74,240 ------w C:\WINDOWS\ServicePackFiles\i386\sysinfo.exe + 2008-04-13 15:33:48 193,536 ------w C:\WINDOWS\ServicePackFiles\i386\sysmod.dll + 2008-04-13 15:33:48 173,568 ------w C:\WINDOWS\ServicePackFiles\i386\sysmoda.dll + 2008-04-13 15:34:26 107,520 ------w C:\WINDOWS\ServicePackFiles\i386\sysocmgr.exe + 2008-04-13 15:33:48 1,013,248 ------w C:\WINDOWS\ServicePackFiles\i386\syssetup.dll + 2007-06-27 01:57:56 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\system.configuration.install.dll + 2007-06-27 01:58:02 1,179,648 ------w C:\WINDOWS\ServicePackFiles\i386\system.data.dll + 2007-06-27 01:58:12 1,695,744 ------w C:\WINDOWS\ServicePackFiles\i386\system.design.dll + 2007-06-27 01:58:20 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\system.directoryservices.dll + 2007-06-27 01:58:22 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\system.drawing.design.dll + 2007-06-27 01:58:28 462,848 ------w C:\WINDOWS\ServicePackFiles\i386\system.drawing.dll + 2007-06-27 01:58:32 212,992 ------w C:\WINDOWS\ServicePackFiles\i386\system.enterpriseservices.dll + 2008-04-13 05:11:24 48,640 ------w C:\WINDOWS\ServicePackFiles\i386\system.enterpriseservices.thunk.dll + 2007-06-27 01:58:40 352,256 ------w C:\WINDOWS\ServicePackFiles\i386\system.management.dll + 2007-06-27 01:58:44 241,664 ------w C:\WINDOWS\ServicePackFiles\i386\system.messaging.dll + 2007-06-27 01:58:56 311,296 ------w C:\WINDOWS\ServicePackFiles\i386\system.runtime.remoting.dll + 2007-06-27 01:59:04 131,072 ------w C:\WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll + 2007-06-27 01:59:06 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\system.security.dll + 2007-06-27 01:59:12 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\system.serviceprocess.dll + 2007-12-17 01:00:02 1,200,128 ------w C:\WINDOWS\ServicePackFiles\i386\system.web.dll + 2007-06-27 01:59:22 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\system.web.regularexpressions.dll + 2007-06-27 01:59:26 507,904 ------w C:\WINDOWS\ServicePackFiles\i386\system.web.services.dll + 2007-06-27 01:59:36 2,002,944 ------w C:\WINDOWS\ServicePackFiles\i386\system.windows.forms.dll + 2007-06-27 01:59:50 1,302,528 ------w C:\WINDOWS\ServicePackFiles\i386\system.xml.dll + 2008-04-13 15:33:48 117,760 ------w C:\WINDOWS\ServicePackFiles\i386\t2embed.dll + 2008-04-13 15:33:48 34,304 ------w C:\WINDOWS\ServicePackFiles\i386\tabletoc.dll + 2008-04-13 07:40:52 14,976 ------w C:\WINDOWS\ServicePackFiles\i386\tape.sys + 2008-04-13 15:33:48 860,160 ------w C:\WINDOWS\ServicePackFiles\i386\tapi3.dll + 2008-04-13 15:33:48 181,760 ------w C:\WINDOWS\ServicePackFiles\i386\tapi32.dll + 2008-04-13 15:33:48 249,856 ------w C:\WINDOWS\ServicePackFiles\i386\tapisrv.dll + 2008-04-13 15:34:26 78,336 ------w C:\WINDOWS\ServicePackFiles\i386\taskkill.exe + 2008-04-13 15:34:26 79,872 ------w C:\WINDOWS\ServicePackFiles\i386\tasklist.exe + 2008-04-13 15:34:26 143,360 ------w C:\WINDOWS\ServicePackFiles\i386\taskmgr.exe + 2008-04-13 08:20:18 361,344 ------w C:\WINDOWS\ServicePackFiles\i386\tcpip.sys + 2008-04-13 08:00:04 225,664 ------w C:\WINDOWS\ServicePackFiles\i386\tcpip6.sys + 2008-04-13 15:33:48 14,848 ------w C:\WINDOWS\ServicePackFiles\i386\tcpmib.dll + 2008-04-13 15:33:48 46,592 ------w C:\WINDOWS\ServicePackFiles\i386\tcpmon.dll + 2008-04-13 15:33:48 47,104 ------w C:\WINDOWS\ServicePackFiles\i386\tcpmonui.dll + 2008-04-13 15:34:26 32,827 ------w C:\WINDOWS\ServicePackFiles\i386\tcptest.exe + 2007-03-28 01:53:14 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\tcptsat.dll + 2008-04-13 08:00:06 19,072 ------w C:\WINDOWS\ServicePackFiles\i386\tdi.sys + 2008-04-13 15:34:54 12,040 ------w C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys + 2008-04-13 15:34:54 21,896 ------w C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys + 2008-04-13 15:34:26 78,336 ------w C:\WINDOWS\ServicePackFiles\i386\telnet.exe + 2008-04-13 15:34:54 40,840 ------w C:\WINDOWS\ServicePackFiles\i386\termdd.sys + 2008-04-13 15:33:48 358,912 ------w C:\WINDOWS\ServicePackFiles\i386\termmgr.dll + 2008-04-13 15:33:48 297,984 ------w C:\WINDOWS\ServicePackFiles\i386\termsrv.dll + 2008-04-13 07:40:52 149,376 ------w C:\WINDOWS\ServicePackFiles\i386\tffsport.sys + 2008-04-13 15:33:48 391,168 ------w C:\WINDOWS\ServicePackFiles\i386\themeui.dll + 2008-04-13 15:34:26 63,488 ------w C:\WINDOWS\ServicePackFiles\i386\tlntadmn.exe + 2008-04-13 15:34:26 80,384 ------w C:\WINDOWS\ServicePackFiles\i386\tlntsess.exe + 2008-04-13 15:34:26 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\tlntsvr.exe + 2008-04-13 15:33:48 7,168 ------w C:\WINDOWS\ServicePackFiles\i386\tlntsvrp.dll + 2007-12-17 01:00:06 66,592 ------w C:\WINDOWS\ServicePackFiles\i386\togac.exe + 2008-04-13 15:33:48 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\tools.dll + 2008-04-13 15:34:26 347,136 ------w C:\WINDOWS\ServicePackFiles\i386\tourstrt.exe + 2008-04-13 15:34:26 82,944 ------w C:\WINDOWS\ServicePackFiles\i386\tp4mon.exe + 2008-04-13 15:34:26 260,096 ------w C:\WINDOWS\ServicePackFiles\i386\tracerpt.exe + 2008-04-13 15:34:26 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\tracert.exe + 2008-04-13 15:34:32 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\tree.com + 2008-04-13 15:33:48 153,088 ------w C:\WINDOWS\ServicePackFiles\i386\triedit.dll + 2008-04-13 15:33:48 90,112 ------w C:\WINDOWS\ServicePackFiles\i386\trkwks.dll + 2008-01-18 04:13:10 2,247 ------w C:\WINDOWS\ServicePackFiles\i386\tscdsbl.bat + 2008-04-13 15:33:48 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\tscfgwmi.dll + 2007-12-11 23:33:52 18,917 ------w C:\WINDOWS\ServicePackFiles\i386\tscinst.vbs + 2007-10-29 23:06:48 13,801 ------w C:\WINDOWS\ServicePackFiles\i386\tscuinst.vbs + 2008-04-13 15:33:08 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\tscupdc.dll + 2008-04-13 15:34:54 12,168 ------w C:\WINDOWS\ServicePackFiles\i386\tsddd.dll + 2008-04-13 15:33:48 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\tsgqec.dll + 2008-04-13 15:33:48 279,040 ------w C:\WINDOWS\ServicePackFiles\i386\tshoot.dll + 2008-04-13 15:33:48 132,096 ------w C:\WINDOWS\ServicePackFiles\i386\tsoc.dll + 2008-04-13 15:33:48 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\tspkg.dll + 2008-04-13 15:33:48 8,704 ------w C:\WINDOWS\ServicePackFiles\i386\tty.dll + 2008-04-13 14:54:12 39,936 ------w C:\WINDOWS\ServicePackFiles\i386\ttyres.dll + 2008-04-13 15:33:48 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\ttyui.dll + 2008-04-13 07:56:02 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\tunmp.sys + 2008-04-13 15:33:48 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\twain_32.dll + 2008-04-13 15:33:48 57,856 ------w C:\WINDOWS\ServicePackFiles\i386\twext.dll + 2008-04-13 15:33:48 101,376 ------w C:\WINDOWS\ServicePackFiles\i386\txflog.dll + 2008-04-13 15:34:26 60,416 ------w C:\WINDOWS\ServicePackFiles\i386\tzchange.exe + 2008-04-13 07:36:42 44,672 ------w C:\WINDOWS\ServicePackFiles\i386\uagp35.sys + 2008-04-13 07:32:38 66,048 ------w C:\WINDOWS\ServicePackFiles\i386\udfs.sys + 2008-04-13 15:33:48 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\udhisapi.dll + 2008-04-13 15:33:48 104,448 ------w C:\WINDOWS\ServicePackFiles\i386\uihelper.dll + 2008-04-13 15:33:48 311,808 ------w C:\WINDOWS\ServicePackFiles\i386\ulib.dll + 2008-04-13 15:33:48 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\umandlg.dll + 2008-04-13 15:33:48 124,928 ------w C:\WINDOWS\ServicePackFiles\i386\umpnpmgr.dll + 2008-04-13 15:33:48 373,248 ------w C:\WINDOWS\ServicePackFiles\i386\unidrv.dll + 2008-04-13 15:33:48 744,448 ------w C:\WINDOWS\ServicePackFiles\i386\unidrvui.dll + 2008-04-13 15:33:48 78,848 ------w C:\WINDOWS\ServicePackFiles\i386\unimdmat.dll + 2008-04-13 15:33:48 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\uniplat.dll + 2007-05-14 21:08:54 761,344 ------w C:\WINDOWS\ServicePackFiles\i386\unires.dll + 2008-04-13 15:33:48 316,416 ------w C:\WINDOWS\ServicePackFiles\i386\untfs.dll + 2008-04-13 07:39:48 384,768 ------w C:\WINDOWS\ServicePackFiles\i386\update.sys + 2008-04-13 15:34:28 151,040 ------w C:\WINDOWS\ServicePackFiles\i386\uploadm.exe + 2008-04-13 15:33:48 133,632 ------w C:\WINDOWS\ServicePackFiles\i386\upnp.dll + 2008-04-13 15:34:28 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\upnpcont.exe + 2008-04-13 15:33:50 186,368 ------w C:\WINDOWS\ServicePackFiles\i386\upnphost.dll + 2008-04-13 15:33:50 240,128 ------w C:\WINDOWS\ServicePackFiles\i386\upnpui.dll + 2008-04-13 15:34:28 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\ups.exe + 2008-04-13 15:33:50 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\url.dll + 2008-04-13 15:33:50 621,568 ------w C:\WINDOWS\ServicePackFiles\i386\urlmon.dll + 2008-04-13 14:55:02 32,384 ------w C:\WINDOWS\ServicePackFiles\i386\usb101et.sys + 2008-04-13 07:56:50 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\usb8023.sys + 2008-04-13 07:56:50 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\usb8023x.sys + 2008-04-13 07:45:14 60,032 ------w C:\WINDOWS\ServicePackFiles\i386\usbaudio.sys + 2008-04-13 07:45:42 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\usbcamd.sys + 2008-04-13 07:45:42 25,728 ------w C:\WINDOWS\ServicePackFiles\i386\usbcamd2.sys + 2008-04-13 07:45:40 32,128 ------w C:\WINDOWS\ServicePackFiles\i386\usbccgp.sys + 2008-04-13 07:45:36 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\usbehci.sys + 2008-04-13 07:45:38 59,520 ------w C:\WINDOWS\ServicePackFiles\i386\usbhub.sys + 2008-04-13 07:45:44 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\usbintel.sys + 2008-04-13 15:33:50 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\usbmon.dll + 2008-04-13 07:45:36 17,152 ------w C:\WINDOWS\ServicePackFiles\i386\usbohci.sys + 2008-04-13 07:45:38 143,872 ------w C:\WINDOWS\ServicePackFiles\i386\usbport.sys + 2008-04-13 07:47:38 25,856 ------w C:\WINDOWS\ServicePackFiles\i386\usbprint.sys + 2008-04-13 07:45:36 15,104 ------w C:\WINDOWS\ServicePackFiles\i386\usbscan.sys + 2008-04-13 07:45:38 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\usbser.sys + 2008-04-13 07:45:40 26,368 ------w C:\WINDOWS\ServicePackFiles\i386\usbstor.sys + 2008-04-13 07:45:36 20,608 ------w C:\WINDOWS\ServicePackFiles\i386\usbuhci.sys + 2008-04-13 15:33:50 77,312 ------w C:\WINDOWS\ServicePackFiles\i386\usbui.dll + 2008-04-13 07:46:22 121,984 ------w C:\WINDOWS\ServicePackFiles\i386\usbvideo.sys + 2008-04-13 15:33:50 579,584 ------w C:\WINDOWS\ServicePackFiles\i386\user32.dll + 2008-04-13 15:33:50 734,720 ------w C:\WINDOWS\ServicePackFiles\i386\userenv.dll + 2008-04-13 15:34:28 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\userinit.exe + 2008-04-13 15:33:50 406,016 ------w C:\WINDOWS\ServicePackFiles\i386\usp10.dll + 2008-04-13 15:34:28 50,176 ------w C:\WINDOWS\ServicePackFiles\i386\utilman.exe + 2008-04-13 15:33:50 219,648 ------w C:\WINDOWS\ServicePackFiles\i386\uxtheme.dll + 2008-04-13 15:33:50 30,749 ------w C:\WINDOWS\ServicePackFiles\i386\vbajet32.dll + 2007-06-27 02:00:00 716,800 ------w C:\WINDOWS\ServicePackFiles\i386\vbc.exe + 2008-04-13 05:11:46 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.chs.dll + 2008-04-13 05:11:46 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.cht.dll + 2008-04-13 05:11:46 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.dll + 2008-04-13 05:11:46 147,456 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.es.dll + 2008-04-13 05:11:46 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.fr.dll + 2008-04-13 05:11:46 151,552 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.ger.dll + 2008-04-13 05:11:46 147,456 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.it.dll + 2008-04-13 05:11:46 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.ja.dll + 2008-04-13 05:11:46 126,976 ------w C:\WINDOWS\ServicePackFiles\i386\vbc7ui.kor.dll + 2008-04-13 15:33:50 434,176 ------w C:\WINDOWS\ServicePackFiles\i386\vbscript.dll + 2008-04-13 15:33:50 11,325 ------w C:\WINDOWS\ServicePackFiles\i386\vchnt5.dll + 2008-04-13 15:33:50 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\vdmdbg.dll + 2008-04-13 15:33:50 51,712 ------w C:\WINDOWS\ServicePackFiles\i386\vdmredir.dll + 2008-04-13 15:34:28 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\verclsid.exe + 2008-04-13 15:33:50 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\verifier.dll + 2008-04-13 15:33:50 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\version.dll + 2008-04-13 15:33:50 54,784 ------w C:\WINDOWS\ServicePackFiles\i386\vfwwdm32.dll + 2008-04-13 07:44:42 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\vga.sys + 2008-04-13 15:33:50 851,968 ------w C:\WINDOWS\ServicePackFiles\i386\vgx.dll + 2008-04-13 07:36:42 42,240 ------w C:\WINDOWS\ServicePackFiles\i386\viaagp.sys + 2008-04-13 07:40:32 5,376 ------w C:\WINDOWS\ServicePackFiles\i386\viaide.sys + 2008-04-13 07:44:42 81,664 ------w C:\WINDOWS\ServicePackFiles\i386\videoprt.sys + 2008-04-13 15:33:50 131,584 ------w C:\WINDOWS\ServicePackFiles\i386\viewprov.dll + 2008-04-13 14:56:06 53,376 ------w C:\WINDOWS\ServicePackFiles\i386\volsnap.sys + 2008-04-13 05:11:48 999,424 ------w C:\WINDOWS\ServicePackFiles\i386\vsavb7rt.dll + 2008-04-13 15:33:50 430,592 ------w C:\WINDOWS\ServicePackFiles\i386\vssapi.dll + 2008-04-13 15:34:28 295,424 ------w C:\WINDOWS\ServicePackFiles\i386\vssvc.exe + 2008-04-13 15:33:50 178,176 ------w C:\WINDOWS\ServicePackFiles\i386\w32time.dll + 2008-04-13 15:33:50 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\w3ssl.dll + 2008-04-13 15:33:50 367,104 ------w C:\WINDOWS\ServicePackFiles\i386\w3svc.dll + 2008-04-13 15:33:50 498,176 ------w C:\WINDOWS\ServicePackFiles\i386\w95upgnt.dll + 2008-04-13 15:34:28 46,080 ------w C:\WINDOWS\ServicePackFiles\i386\wab.exe + 2008-04-13 15:33:50 510,976 ------w C:\WINDOWS\ServicePackFiles\i386\wab32.dll + 2008-04-13 14:56:24 263,168 ------w C:\WINDOWS\ServicePackFiles\i386\wab32res.dll + 2008-04-13 15:33:50 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\wabfind.dll + 2008-04-13 15:33:50 85,504 ------w C:\WINDOWS\ServicePackFiles\i386\wabimp.dll + 2008-04-13 15:34:28 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\wabmig.exe + 2008-04-13 07:43:56 14,208 ------w C:\WINDOWS\ServicePackFiles\i386\wacompen.sys + 2008-04-13 05:34:28 12,415 ------w C:\WINDOWS\ServicePackFiles\i386\wadv01nt.sys + 2008-04-13 05:34:28 12,127 ------w C:\WINDOWS\ServicePackFiles\i386\wadv02nt.sys + 2008-04-13 05:34:28 11,775 ------w C:\WINDOWS\ServicePackFiles\i386\wadv05nt.sys + 2008-04-13 05:34:28 11,807 ------w C:\WINDOWS\ServicePackFiles\i386\wadv07nt.sys + 2008-04-13 05:34:28 11,295 ------w C:\WINDOWS\ServicePackFiles\i386\wadv08nt.sys + 2008-04-13 05:34:28 11,871 ------w C:\WINDOWS\ServicePackFiles\i386\wadv09nt.sys + 2008-04-13 05:34:30 11,935 ------w C:\WINDOWS\ServicePackFiles\i386\wadv11nt.sys + 2008-04-13 15:33:50 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\wam51.dll + 2008-04-13 15:33:50 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\wamreg51.dll + 2008-04-13 07:57:22 34,560 ------w C:\WINDOWS\ServicePackFiles\i386\wanarp.sys + 2008-04-13 07:45:00 17,664 ------w C:\WINDOWS\ServicePackFiles\i386\watchdog.sys + 2008-04-13 05:34:30 29,311 ------w C:\WINDOWS\ServicePackFiles\i386\watv01nt.sys + 2008-04-13 05:34:30 19,551 ------w C:\WINDOWS\ServicePackFiles\i386\watv02nt.sys + 2008-04-13 05:34:30 33,599 ------w C:\WINDOWS\ServicePackFiles\i386\watv04nt.sys + 2008-04-13 05:34:30 22,271 ------w C:\WINDOWS\ServicePackFiles\i386\watv06nt.sys + 2008-04-13 05:34:30 25,471 ------w C:\WINDOWS\ServicePackFiles\i386\watv10nt.sys + 2008-04-13 15:33:50 215,552 ------w C:\WINDOWS\ServicePackFiles\i386\wavemsp.dll + 2008-04-13 15:33:50 201,216 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcntl.dll + 2008-04-13 15:33:50 214,528 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcomn.dll + 2008-04-13 15:33:50 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcons.dll + 2008-04-13 15:33:50 531,456 ------w C:\WINDOWS\ServicePackFiles\i386\wbemcore.dll + 2008-04-13 15:33:50 178,176 ------w C:\WINDOWS\ServicePackFiles\i386\wbemdisp.dll + 2008-04-13 15:33:50 273,920 ------w C:\WINDOWS\ServicePackFiles\i386\wbemess.dll + 2008-04-13 15:33:50 44,544 ------w C:\WINDOWS\ServicePackFiles\i386\wbemperf.dll + 2008-04-13 15:33:50 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\wbemprox.dll + 2008-04-13 15:33:50 43,520 ------w C:\WINDOWS\ServicePackFiles\i386\wbemsvc.dll + 2008-04-13 15:34:28 119,808 ------w C:\WINDOWS\ServicePackFiles\i386\wbemtest.exe + 2008-04-13 15:33:50 197,120 ------w C:\WINDOWS\ServicePackFiles\i386\wbemupgd.dll + 2008-04-13 14:57:14 32,128 ------w C:\WINDOWS\ServicePackFiles\i386\wceusbsh.sys + 2008-04-13 05:34:30 23,615 ------w C:\WINDOWS\ServicePackFiles\i386\wch7xxnt.sys + 2008-04-13 15:33:50 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\wdigest.dll + 2008-04-13 15:34:36 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\wdmaud.drv + 2008-04-13 08:17:20 83,072 ------w C:\WINDOWS\ServicePackFiles\i386\wdmaud.sys + 2008-04-13 15:33:50 281,600 ------w C:\WINDOWS\ServicePackFiles\i386\webcheck.dll + 2008-04-13 15:33:50 68,096 ------w C:\WINDOWS\ServicePackFiles\i386\webclnt.dll + 2008-04-13 15:33:50 136,192 ------w C:\WINDOWS\ServicePackFiles\i386\webvw.dll + 2008-04-13 15:34:28 66,560 ------w C:\WINDOWS\ServicePackFiles\i386\wextract.exe + 2008-04-13 15:34:28 438,784 ------w C:\WINDOWS\ServicePackFiles\i386\wiaacmgr.exe + 2008-04-13 15:33:50 465,920 ------w C:\WINDOWS\ServicePackFiles\i386\wiadefui.dll + 2008-04-13 15:33:50 124,928 ------w C:\WINDOWS\ServicePackFiles\i386\wiadss.dll + 2008-04-13 15:33:50 75,776 ------w C:\WINDOWS\ServicePackFiles\i386\wiascr.dll + 2008-04-13 15:33:50 334,336 ------w C:\WINDOWS\ServicePackFiles\i386\wiaservc.dll + 2008-04-13 15:33:50 594,432 ------w C:\WINDOWS\ServicePackFiles\i386\wiashext.dll + 2008-04-13 15:33:50 111,104 ------w C:\WINDOWS\ServicePackFiles\i386\wiavideo.dll + 2008-04-13 15:33:50 712,704 ------w C:\WINDOWS\ServicePackFiles\i386\wic.dll + 2008-04-13 15:33:50 346,112 ------w C:\WINDOWS\ServicePackFiles\i386\wicext.dll + 2008-04-13 14:58:08 1,845,760 ------w C:\WINDOWS\ServicePackFiles\i386\win32k.sys + 2008-04-13 15:33:50 102,912 ------w C:\WINDOWS\ServicePackFiles\i386\win32spl.dll + 2008-04-13 14:58:14 1,647,616 ------w C:\WINDOWS\ServicePackFiles\i386\winbrand.dll + 2008-04-13 15:34:28 288,256 ------w C:\WINDOWS\ServicePackFiles\i386\winhlp32.exe + 2008-04-13 15:33:50 354,304 ------w C:\WINDOWS\ServicePackFiles\i386\winhttp.dll + 2008-04-13 15:33:50 670,208 ------w C:\WINDOWS\ServicePackFiles\i386\wininet.dll + 2008-04-13 15:33:50 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\winipsec.dll + 2008-04-13 15:34:30 512,000 ------w C:\WINDOWS\ServicePackFiles\i386\winlogon.exe + 2008-04-13 15:33:50 180,736 ------w C:\WINDOWS\ServicePackFiles\i386\winmm.dll + 2008-04-13 05:54:48 5,120 ------w C:\WINDOWS\ServicePackFiles\i386\winnls.dll + 2008-04-13 15:32:54 764,416 ------w C:\WINDOWS\ServicePackFiles\i386\winntbbu.dll + 2008-04-13 15:33:50 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\winrnr.dll + 2008-04-13 15:33:50 100,352 ------w C:\WINDOWS\ServicePackFiles\i386\winscard.dll + 2008-04-13 15:33:50 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\winshfhc.dll + 2008-04-13 15:34:36 146,944 ------w C:\WINDOWS\ServicePackFiles\i386\winspool.drv + 2008-04-13 15:33:50 293,888 ------w C:\WINDOWS\ServicePackFiles\i386\winsrv.dll + 2008-04-13 15:33:50 53,760 ------w C:\WINDOWS\ServicePackFiles\i386\winsta.dll + 2008-04-13 15:33:50 176,640 ------w C:\WINDOWS\ServicePackFiles\i386\wintrust.dll + 2008-04-13 15:34:30 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\winver.exe + 2008-04-13 15:33:50 132,096 ------w C:\WINDOWS\ServicePackFiles\i386\wkssvc.dll + 2008-04-13 15:33:50 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\wlanapi.dll + 2008-04-13 15:33:50 172,544 ------w C:\WINDOWS\ServicePackFiles\i386\wldap32.dll + 2008-04-13 05:35:36 154,624 ------w C:\WINDOWS\ServicePackFiles\i386\wlluc48.sys + 2008-04-13 15:33:50 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\wlnotify.dll + 2008-04-13 15:32:56 5,632 ------w C:\WINDOWS\ServicePackFiles\i386\wmi.dll + 2008-04-13 07:36:40 8,832 ------w C:\WINDOWS\ServicePackFiles\i386\wmiacpi.sys + 2008-04-13 15:34:30 196,608 ------w C:\WINDOWS\ServicePackFiles\i386\wmiadap.exe + 2008-04-13 14:59:40 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\wmiapres.dll + 2008-04-13 15:33:50 88,576 ------w C:\WINDOWS\ServicePackFiles\i386\wmiaprpl.dll + 2008-04-13 15:34:30 126,464 ------w C:\WINDOWS\ServicePackFiles\i386\wmiapsrv.exe + 2008-04-13 15:34:30 369,664 ------w C:\WINDOWS\ServicePackFiles\i386\wmic.exe + 2008-04-13 15:33:50 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\wmicookr.dll + 2008-04-13 15:33:50 140,800 ------w C:\WINDOWS\ServicePackFiles\i386\wmidcprv.dll + 2008-04-13 15:33:50 156,672 ------w C:\WINDOWS\ServicePackFiles\i386\wmipcima.dll + 2008-04-13 15:33:50 132,096 ------w C:\WINDOWS\ServicePackFiles\i386\wmipdskq.dll + 2008-04-13 15:33:50 61,952 ------w C:\WINDOWS\ServicePackFiles\i386\wmipiprt.dll + 2008-04-13 15:33:50 62,464 ------w C:\WINDOWS\ServicePackFiles\i386\wmipjobj.dll + 2008-04-13 15:33:50 144,896 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprov.dll + 2008-04-13 15:33:50 437,248 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprvsd.dll + 2008-04-13 15:34:30 218,112 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe + 2008-04-13 15:33:50 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\wmipsess.dll + 2008-04-13 15:33:50 145,408 ------w C:\WINDOWS\ServicePackFiles\i386\wmisvc.dll + 2008-04-13 15:33:50 99,328 ------w C:\WINDOWS\ServicePackFiles\i386\wmiutils.dll + 2008-04-13 15:33:50 167,936 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2ae.dll + 2008-04-13 15:33:50 4,096 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2eres.dll + 2008-04-13 15:33:50 7,680 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2ext.dll + 2008-04-13 15:33:50 402,432 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2filt.dll + 2008-04-13 15:33:50 502,272 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2fxa.dll + 2008-04-13 15:33:50 325,632 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2fxb.dll + 2008-04-13 15:33:50 4,290,048 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2res.dll + 2008-04-13 15:33:50 6,144 ------w C:\WINDOWS\ServicePackFiles\i386\wmm2res2.dll + 2008-04-13 15:33:50 276,992 ------w C:\WINDOWS\ServicePackFiles\i386\wmphoto.dll + 2008-04-13 15:34:30 218,112 ------w C:\WINDOWS\ServicePackFiles\i386\wordpad.exe + 2008-04-13 15:33:50 265,216 ------w C:\WINDOWS\ServicePackFiles\i386\wow32.dll + 2008-04-13 15:34:30 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\wpabaln.exe + 2008-04-13 15:34:30 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\wpnpinst.exe + 2008-04-13 15:33:50 82,432 ------w C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll + 2008-04-13 15:33:50 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\ws2help.dll + 2008-04-13 15:34:30 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe + 2008-04-13 15:34:30 155,648 ------w C:\WINDOWS\ServicePackFiles\i386\wscript.exe + 2008-04-13 15:33:52 80,896 ------w C:\WINDOWS\ServicePackFiles\i386\wscsvc.dll + 2008-04-13 15:33:52 621,568 ------w C:\WINDOWS\ServicePackFiles\i386\wsecedit.dll + 2008-04-13 15:33:52 108,032 ------w C:\WINDOWS\ServicePackFiles\i386\wshbth.dll + 2008-04-13 15:33:52 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\wshcon.dll + 2008-04-13 15:33:52 90,112 ------w C:\WINDOWS\ServicePackFiles\i386\wshext.dll + 2008-04-13 15:33:52 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\wship6.dll + 2008-04-13 15:33:52 8,192 ------w C:\WINDOWS\ServicePackFiles\i386\wshirda.dll + 2008-04-13 15:33:52 11,264 ------w C:\WINDOWS\ServicePackFiles\i386\wshrm.dll + 2008-04-13 15:33:52 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\wshtcpip.dll + 2008-04-13 05:34:32 12,063 ------w C:\WINDOWS\ServicePackFiles\i386\wsiintxx.sys + 2008-04-13 15:33:52 41,984 ------w C:\WINDOWS\ServicePackFiles\i386\wsnmp32.dll + 2008-04-13 15:33:52 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\wsock32.dll + 2008-04-13 07:46:26 19,200 ------w C:\WINDOWS\ServicePackFiles\i386\wstcodec.sys + 2008-04-13 15:33:52 51,200 ------w C:\WINDOWS\ServicePackFiles\i386\wstdecod.dll + 2008-04-13 15:33:52 18,432 ------w C:\WINDOWS\ServicePackFiles\i386\wtsapi32.dll + 2008-04-13 15:33:52 432,640 ------w C:\WINDOWS\ServicePackFiles\i386\wuapi.dll + 2008-04-13 15:34:30 112,640 ------w C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe + 2008-04-13 15:34:30 168,960 ------w C:\WINDOWS\ServicePackFiles\i386\wuauclt1.exe + 2008-04-13 15:33:52 1,135,616 ------w C:\WINDOWS\ServicePackFiles\i386\wuaueng.dll + 2008-04-13 15:33:52 184,320 ------w C:\WINDOWS\ServicePackFiles\i386\wuaueng1.dll + 2008-04-13 15:33:52 6,656 ------w C:\WINDOWS\ServicePackFiles\i386\wuauserv.dll + 2008-04-13 15:33:52 114,176 ------w C:\WINDOWS\ServicePackFiles\i386\wucltui.dll + 2008-04-13 15:33:52 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\wups.dll + 2008-04-13 15:33:52 120,320 ------w C:\WINDOWS\ServicePackFiles\i386\wuweb.dll + 2008-04-13 05:34:34 19,455 ------w C:\WINDOWS\ServicePackFiles\i386\wvchntxx.sys + 2008-04-13 15:33:52 384,000 ------w C:\WINDOWS\ServicePackFiles\i386\wzcdlg.dll + 2008-04-13 15:33:52 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\wzcsapi.dll + 2008-04-13 15:33:54 483,840 ------w C:\WINDOWS\ServicePackFiles\i386\wzcsvc.dll + 2008-04-13 15:33:54 91,648 ------w C:\WINDOWS\ServicePackFiles\i386\xactsrv.dll + 2008-04-13 15:34:30 30,720 ------w C:\WINDOWS\ServicePackFiles\i386\xcopy.exe + 2006-12-30 14:38:42 177,784 ------w C:\WINDOWS\ServicePackFiles\i386\xenroll.dll + 2008-04-13 15:33:54 121,856 ------w C:\WINDOWS\ServicePackFiles\i386\xmllite.dll + 2008-04-13 15:33:54 129,024 ------w C:\WINDOWS\ServicePackFiles\i386\xmlprov.dll + 2008-04-13 15:33:54 50,176 ------w C:\WINDOWS\ServicePackFiles\i386\xmlprovi.dll + 2008-04-13 15:33:54 11,776 ------w C:\WINDOWS\ServicePackFiles\i386\xolehlp.dll + 2008-04-13 07:53:34 558,080 ------w C:\WINDOWS\ServicePackFiles\i386\xpnetdg.exe + 2008-04-13 15:33:54 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\xrxscnui.dll + 2008-04-13 15:33:54 116,736 ------w C:\WINDOWS\ServicePackFiles\i386\xrxwiadr.dll + 2008-04-13 15:33:54 340,992 ------w C:\WINDOWS\ServicePackFiles\i386\zipfldr.dll + 2008-04-13 15:33:24 33,792 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\custsat.dll + 2008-04-13 15:33:32 82,944 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msgsc.dll + 2008-04-13 06:30:30 180,224 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msgslang.dll + 2008-04-13 15:34:14 1,695,232 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msmsgs.exe + 2008-04-13 15:34:24 32,866 ------w C:\WINDOWS\slrundll.exe - 2001-08-28 13:00:00 3,346,432 ----a-w C:\WINDOWS\srchasst\msgr3en.dll + 2008-04-13 15:33:32 3,166,208 ----a-w C:\WINDOWS\srchasst\msgr3en.dll - 2004-06-11 16:43:34 58,434 ----a-w C:\WINDOWS\srchasst\srchctls.dll + 2008-04-13 15:33:48 58,434 ----a-w C:\WINDOWS\srchasst\srchctls.dll - 2004-06-11 16:43:36 726,590 ----a-w C:\WINDOWS\srchasst\srchui.dll + 2008-04-13 15:33:48 727,102 ----a-w C:\WINDOWS\srchasst\srchui.dll - 2004-06-11 16:43:48 145,408 ----a-w C:\WINDOWS\system\WINSPOOL.DRV + 2008-04-13 15:34:36 146,944 ----a-w C:\WINDOWS\system\winspool.drv - 2004-06-11 16:43:18 100,864 ----a-w C:\WINDOWS\system32\6to4svc.dll + 2008-04-13 15:33:20 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll + 2008-04-13 15:33:20 136,192 ------w C:\WINDOWS\system32\aaclient.dll - 2004-06-11 16:43:40 189,952 ----a-w C:\WINDOWS\system32\accwiz.exe + 2008-04-13 15:33:54 190,464 ----a-w C:\WINDOWS\system32\accwiz.exe - 2004-06-11 16:43:18 119,296 ----a-w C:\WINDOWS\system32\aclui.dll + 2008-04-13 15:33:20 120,320 ----a-w C:\WINDOWS\system32\aclui.dll - 2004-06-11 16:43:18 194,048 ----a-w C:\WINDOWS\system32\activeds.dll + 2008-04-13 15:33:20 193,536 ----a-w C:\WINDOWS\system32\activeds.dll - 2004-06-11 16:43:40 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe + 2008-04-13 15:33:54 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe - 2004-06-11 16:43:18 101,376 ----a-w C:\WINDOWS\system32\actxprxy.dll + 2008-04-13 15:33:20 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll - 2004-06-11 16:43:18 61,440 ----a-w C:\WINDOWS\system32\admparse.dll + 2007-08-13 14:39:20 71,680 ----a-w C:\WINDOWS\system32\admparse.dll - 2004-06-11 16:43:18 178,176 ----a-w C:\WINDOWS\system32\adsldp.dll + 2008-04-13 15:33:20 175,616 ----a-w C:\WINDOWS\system32\adsldp.dll - 2004-06-11 16:43:18 146,944 ----a-w C:\WINDOWS\system32\adsldpc.dll + 2008-04-13 15:33:20 143,360 ----a-w C:\WINDOWS\system32\adsldpc.dll - 2004-06-11 16:43:18 68,096 ----a-w C:\WINDOWS\system32\adsmsext.dll + 2008-04-13 15:33:20 68,096 ----a-w C:\WINDOWS\system32\adsmsext.dll - 2004-06-11 16:43:18 266,240 ----a-w C:\WINDOWS\system32\adsnt.dll + 2008-04-13 15:33:20 263,680 ----a-w C:\WINDOWS\system32\adsnt.dll - 2001-08-28 13:00:00 109,568 ----a-w C:\WINDOWS\system32\adsnw.dll + 2008-04-13 15:33:20 123,392 ----a-w C:\WINDOWS\system32\adsnw.dll - 2004-06-11 16:43:18 687,616 ----a-w C:\WINDOWS\system32\advapi32.dll + 2008-04-13 15:33:20 685,568 ----a-w C:\WINDOWS\system32\advapi32.dll - 2004-06-11 16:43:18 101,888 ----a-w C:\WINDOWS\system32\advpack.dll + 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll - 2004-06-11 16:43:40 98,304 ----a-w C:\WINDOWS\system32\ahui.exe + 2008-04-13 15:33:54 98,304 ----a-w C:\WINDOWS\system32\ahui.exe - 2004-06-11 16:43:40 44,032 ----a-w C:\WINDOWS\system32\alg.exe + 2008-04-13 15:33:54 44,544 ----a-w C:\WINDOWS\system32\alg.exe - 2004-06-11 16:43:18 17,408 ----a-w C:\WINDOWS\system32\alrsvc.dll + 2008-04-13 15:33:20 17,408 ----a-w C:\WINDOWS\system32\alrsvc.dll - 2004-06-11 16:43:18 70,656 ----a-w C:\WINDOWS\system32\amstream.dll + 2008-04-13 15:33:20 70,656 ----a-w C:\WINDOWS\system32\amstream.dll - 2004-06-11 16:43:18 126,976 ----a-w C:\WINDOWS\system32\apphelp.dll + 2008-04-13 15:33:20 125,952 ----a-w C:\WINDOWS\system32\apphelp.dll - 2004-06-11 16:43:18 177,664 ----a-w C:\WINDOWS\system32\appmgmts.dll + 2008-04-13 15:33:20 176,640 ----a-w C:\WINDOWS\system32\appmgmts.dll - 2004-06-11 16:43:18 302,592 ----a-w C:\WINDOWS\system32\appmgr.dll + 2008-04-13 15:33:20 302,592 ----a-w C:\WINDOWS\system32\appmgr.dll - 2004-06-11 16:30:56 8,704 ----a-w C:\WINDOWS\system32\asferror.dll + 2008-04-13 14:55:02 8,704 ----a-w C:\WINDOWS\system32\asferror.dll - 2004-06-11 16:43:40 30,720 ----a-w C:\WINDOWS\system32\asr_fmt.exe + 2008-04-13 15:33:54 30,720 ----a-w C:\WINDOWS\system32\asr_fmt.exe - 2004-06-11 16:43:40 32,768 ----a-w C:\WINDOWS\system32\asr_pfu.exe + 2008-04-13 15:33:54 32,768 ----a-w C:\WINDOWS\system32\asr_pfu.exe - 2004-06-11 16:43:18 65,024 ------w C:\WINDOWS\system32\asycfilt.dll + 2008-04-13 15:33:20 65,024 ------w C:\WINDOWS\system32\asycfilt.dll - 2004-06-11 16:43:40 25,088 ----a-w C:\WINDOWS\system32\at.exe + 2008-04-13 15:33:54 25,088 ----a-w C:\WINDOWS\system32\at.exe + 2008-04-13 15:33:20 229,376 ------w C:\WINDOWS\system32\ati2cqag.dll + 2008-04-13 15:33:20 377,984 ------w C:\WINDOWS\system32\ati2dvaa.dll + 2008-04-13 15:33:20 201,728 ------w C:\WINDOWS\system32\ati2dvag.dll + 2008-04-13 15:33:20 870,784 ------w C:\WINDOWS\system32\ati3d1ag.dll + 2008-04-13 15:33:20 1,888,992 ------w C:\WINDOWS\system32\ati3duag.dll + 2008-04-13 15:33:20 32,768 ------w C:\WINDOWS\system32\ativtmxx.dll + 2008-04-13 15:33:20 516,768 ------w C:\WINDOWS\system32\ativvaxx.dll - 2004-06-11 16:43:18 105,984 ------w C:\WINDOWS\system32\atl.dll + 2008-04-13 15:33:20 58,880 ----a-w C:\WINDOWS\system32\atl.dll - 2004-06-11 16:43:40 11,264 ----a-w C:\WINDOWS\system32\atmadm.exe + 2008-04-13 15:33:54 11,264 ----a-w C:\WINDOWS\system32\atmadm.exe - 2004-06-11 16:42:22 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll + 2008-04-13 15:31:02 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll - 2004-06-11 16:43:18 30,208 ----a-w C:\WINDOWS\system32\atmlib.dll + 2008-04-13 15:33:20 30,208 ----a-w C:\WINDOWS\system32\atmlib.dll - 2001-08-28 13:00:00 11,264 ----a-w C:\WINDOWS\system32\attrib.exe + 2008-04-13 15:33:54 12,288 ----a-w C:\WINDOWS\system32\attrib.exe - 2004-06-11 16:43:18 42,496 ----a-w C:\WINDOWS\system32\audiosrv.dll + 2008-04-13 15:33:20 42,496 ----a-w C:\WINDOWS\system32\audiosrv.dll - 2004-06-11 16:43:40 14,336 ----a-w C:\WINDOWS\system32\auditusr.exe + 2008-04-13 15:33:54 14,336 ----a-w C:\WINDOWS\system32\auditusr.exe - 2004-06-11 16:43:18 57,344 ----a-w C:\WINDOWS\system32\authz.dll + 2008-04-13 15:33:20 62,464 ----a-w C:\WINDOWS\system32\authz.dll - 2004-06-11 16:43:40 625,152 ----a-w C:\WINDOWS\system32\autochk.exe + 2008-04-13 15:33:54 625,152 ----a-w C:\WINDOWS\system32\autochk.exe - 2004-06-11 16:43:40 638,976 ----a-w C:\WINDOWS\system32\autoconv.exe + 2008-04-13 15:33:54 638,976 ----a-w C:\WINDOWS\system32\autoconv.exe - 2004-06-11 16:43:40 616,960 ----a-w C:\WINDOWS\system32\autofmt.exe + 2008-04-13 15:33:56 616,960 ----a-w C:\WINDOWS\system32\autofmt.exe - 2004-06-11 16:43:40 11,264 ----a-w C:\WINDOWS\system32\autolfn.exe + 2008-04-13 15:33:56 11,264 ----a-w C:\WINDOWS\system32\autolfn.exe - 2004-06-11 16:43:18 84,992 ----a-w C:\WINDOWS\system32\avifil32.dll + 2008-04-13 15:33:20 85,504 ----a-w C:\WINDOWS\system32\avifil32.dll + 2008-04-13 15:33:20 233,472 ------w C:\WINDOWS\system32\azroles.dll - 2004-06-11 16:43:18 52,736 ----a-w C:\WINDOWS\system32\basesrv.dll + 2008-04-13 15:33:20 52,736 ----a-w C:\WINDOWS\system32\basesrv.dll - 2004-06-11 16:43:18 28,672 ----a-w C:\WINDOWS\system32\batmeter.dll + 2008-04-13 15:33:20 29,184 ----a-w C:\WINDOWS\system32\batmeter.dll - 2004-06-11 16:43:18 8,704 ----a-w C:\WINDOWS\system32\batt.dll + 2008-04-13 15:33:20 8,704 ----a-w C:\WINDOWS\system32\batt.dll - 2004-06-11 16:43:18 17,408 ----a-w C:\WINDOWS\system32\bidispl.dll + 2008-04-13 15:33:20 17,408 ----a-w C:\WINDOWS\system32\bidispl.dll + 2008-04-13 15:33:40 409,088 ------w C:\WINDOWS\system32\bits\qmgr.dll - 2004-06-11 16:43:18 8,192 ----a-w C:\WINDOWS\system32\bitsprx2.dll + 2008-04-13 15:33:20 8,192 ----a-w C:\WINDOWS\system32\bitsprx2.dll - 2004-06-11 16:43:18 7,168 ----a-w C:\WINDOWS\system32\bitsprx3.dll + 2008-04-13 15:33:20 7,168 ----a-w C:\WINDOWS\system32\bitsprx3.dll + 2008-04-13 15:33:20 7,168 ------w C:\WINDOWS\system32\bitsprx4.dll - 2004-06-11 16:43:18 295,424 ----a-w C:\WINDOWS\system32\blackbox.dll + 2008-04-13 15:33:20 286,720 ----a-w C:\WINDOWS\system32\blackbox.dll - 2004-06-11 16:43:40 71,680 ----a-w C:\WINDOWS\system32\blastcln.exe + 2008-04-13 15:33:56 71,680 ----a-w C:\WINDOWS\system32\blastcln.exe - 2001-08-28 13:00:00 152,064 ----a-w C:\WINDOWS\system32\bootcfg.exe + 2008-04-13 15:33:56 158,208 ----a-w C:\WINDOWS\system32\bootcfg.exe - 2004-06-11 16:32:40 70,144 ----a-w C:\WINDOWS\system32\browselc.dll + 2008-04-13 14:57:50 70,144 ----a-w C:\WINDOWS\system32\browselc.dll - 2004-06-11 16:43:18 75,776 ----a-w C:\WINDOWS\system32\browser.dll + 2008-04-13 15:33:22 77,824 ----a-w C:\WINDOWS\system32\browser.dll - 2004-06-11 16:43:18 869,888 ----a-w C:\WINDOWS\system32\browseui.dll + 2008-04-13 15:33:22 1,025,024 ----a-w C:\WINDOWS\system32\browseui.dll - 2004-06-11 16:43:18 78,336 ----a-w C:\WINDOWS\system32\browsewm.dll + 2008-04-13 15:33:22 78,336 ----a-w C:\WINDOWS\system32\browsewm.dll - 2004-06-11 16:43:18 20,992 ----a-w C:\WINDOWS\system32\bthci.dll + 2008-04-13 15:33:22 20,992 ----a-w C:\WINDOWS\system32\bthci.dll - 2004-06-11 16:43:18 30,208 ----a-w C:\WINDOWS\system32\bthserv.dll + 2008-04-13 15:33:22 30,208 ----a-w C:\WINDOWS\system32\bthserv.dll - 2004-06-11 16:43:18 50,688 ----a-w C:\WINDOWS\system32\btpanui.dll + 2008-04-13 15:33:22 50,688 ----a-w C:\WINDOWS\system32\btpanui.dll - 2004-06-11 16:43:18 65,536 ----a-w C:\WINDOWS\system32\cabinet.dll + 2008-04-13 15:33:22 60,416 ----a-w C:\WINDOWS\system32\cabinet.dll - 2004-06-11 16:43:18 85,504 ----a-w C:\WINDOWS\system32\cabview.dll + 2008-04-13 15:33:22 85,504 ----a-w C:\WINDOWS\system32\cabview.dll - 2001-08-28 13:00:00 19,456 ----a-w C:\WINDOWS\system32\cacls.exe + 2008-04-13 15:33:56 20,992 ----a-w C:\WINDOWS\system32\cacls.exe - 2004-06-11 16:43:18 50,688 ----a-w C:\WINDOWS\system32\camocx.dll + 2008-04-13 15:33:22 50,688 ----a-w C:\WINDOWS\system32\camocx.dll - 2001-08-28 13:00:00 146,432 ----a-w C:\WINDOWS\system32\capesnpn.dll + 2008-04-13 15:33:22 153,600 ----a-w C:\WINDOWS\system32\capesnpn.dll - 2004-06-11 16:43:18 310,784 ----a-w C:\WINDOWS\system32\catsrv.dll + 2008-04-13 15:33:22 226,304 ----a-w C:\WINDOWS\system32\catsrv.dll - 2004-06-11 16:43:18 114,176 ----a-w C:\WINDOWS\system32\catsrvps.dll + 2008-04-13 15:33:22 85,504 ----a-w C:\WINDOWS\system32\catsrvps.dll - 2004-06-11 16:43:20 907,776 ----a-w C:\WINDOWS\system32\catsrvut.dll + 2008-04-13 15:33:22 625,664 ----a-w C:\WINDOWS\system32\catsrvut.dll - 2004-06-11 16:43:20 151,552 ----a-w C:\WINDOWS\system32\cdfview.dll + 2008-04-13 15:33:22 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll - 2005-05-26 00:16:24 75,544 ----a-w C:\WINDOWS\system32\cdm.dll + 2007-07-30 15:19:20 92,504 ----a-w C:\WINDOWS\system32\cdm.dll - 2004-06-11 16:43:20 2,067,968 ----a-w C:\WINDOWS\system32\cdosys.dll + 2008-04-13 15:33:22 2,091,520 ----a-w C:\WINDOWS\system32\cdosys.dll - 2004-06-11 16:43:20 202,752 ----a-w C:\WINDOWS\system32\certcli.dll + 2008-04-13 15:33:22 200,192 ----a-w C:\WINDOWS\system32\certcli.dll - 2004-06-11 16:43:20 467,968 ----a-w C:\WINDOWS\system32\certmgr.dll + 2008-04-13 15:33:22 467,968 ----a-w C:\WINDOWS\system32\certmgr.dll - 2004-06-11 16:43:20 159,232 ----a-w C:\WINDOWS\system32\cewmdm.dll + 2008-04-13 15:33:22 159,232 ----a-w C:\WINDOWS\system32\cewmdm.dll - 2004-06-11 16:43:20 38,912 ----a-w C:\WINDOWS\system32\cfgbkend.dll + 2008-04-13 15:33:22 39,424 ----a-w C:\WINDOWS\system32\cfgbkend.dll - 2004-06-11 16:42:22 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll + 2008-04-13 15:31:04 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll - 2001-08-28 13:00:00 109,568 ----a-w C:\WINDOWS\system32\cic.dll + 2008-04-13 15:33:22 148,480 ----a-w C:\WINDOWS\system32\cic.dll - 2004-06-11 16:43:20 68,608 ----a-w C:\WINDOWS\system32\ciodm.dll + 2008-04-13 15:33:22 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll - 2004-06-11 16:43:40 56,832 ----a-w C:\WINDOWS\system32\cipher.exe + 2008-04-13 15:33:58 57,344 ----a-w C:\WINDOWS\system32\cipher.exe - 2004-06-11 16:43:40 5,632 ----a-w C:\WINDOWS\system32\cisvc.exe + 2008-04-13 15:33:58 5,632 ----a-w C:\WINDOWS\system32\cisvc.exe - 2004-06-11 16:43:20 154,624 ----a-w C:\WINDOWS\system32\clbcatex.dll + 2008-04-13 15:33:22 110,592 ----a-w C:\WINDOWS\system32\clbcatex.dll - 2004-06-11 16:43:20 694,784 ----a-w C:\WINDOWS\system32\clbcatq.dll + 2008-04-13 15:33:22 498,688 ----a-w C:\WINDOWS\system32\clbcatq.dll - 2004-06-11 16:43:40 65,536 ----a-w C:\WINDOWS\system32\cleanmgr.exe + 2008-04-13 15:33:58 65,536 ----a-w C:\WINDOWS\system32\cleanmgr.exe - 2004-06-11 16:43:20 77,824 ----a-w C:\WINDOWS\system32\cliconfg.dll + 2008-04-13 15:33:22 77,824 ----a-w C:\WINDOWS\system32\cliconfg.dll - 2004-06-11 16:43:40 20,480 ----a-w C:\WINDOWS\system32\cliconfg.exe + 2008-04-13 15:33:58 20,480 ----a-w C:\WINDOWS\system32\cliconfg.exe - 2004-06-11 16:43:40 104,448 ----a-w C:\WINDOWS\system32\clipbrd.exe + 2008-04-13 15:33:58 104,448 ----a-w C:\WINDOWS\system32\clipbrd.exe - 2004-06-11 16:43:40 33,280 ----a-w C:\WINDOWS\system32\clipsrv.exe + 2008-04-13 15:33:58 33,280 ----a-w C:\WINDOWS\system32\clipsrv.exe - 2004-06-11 16:43:20 57,856 ----a-w C:\WINDOWS\system32\clusapi.dll + 2008-04-13 15:33:22 58,368 ----a-w C:\WINDOWS\system32\clusapi.dll - 2004-06-11 16:43:20 15,360 ----a-w C:\WINDOWS\system32\cmcfg32.dll + 2008-04-13 15:33:22 15,872 ----a-w C:\WINDOWS\system32\cmcfg32.dll - 2004-06-11 16:43:40 402,432 ----a-w C:\WINDOWS\system32\cmd.exe + 2008-04-13 15:33:58 401,408 ----a-w C:\WINDOWS\system32\cmd.exe - 2004-06-11 16:43:20 352,256 ----a-w C:\WINDOWS\system32\cmdial32.dll + 2008-04-13 15:33:22 353,280 ----a-w C:\WINDOWS\system32\cmdial32.dll - 2004-06-11 16:43:40 46,080 ----a-w C:\WINDOWS\system32\cmdl32.exe + 2008-04-13 15:33:58 25,600 ----a-w C:\WINDOWS\system32\cmdl32.exe - 2004-06-11 16:43:40 39,424 ----a-w C:\WINDOWS\system32\cmmon32.exe + 2008-04-13 15:33:58 39,936 ----a-w C:\WINDOWS\system32\cmmon32.exe - 2004-06-11 16:43:20 190,976 ----a-w C:\WINDOWS\system32\cmprops.dll + 2008-04-13 15:33:22 191,488 ----a-w C:\WINDOWS\system32\cmprops.dll - 2004-06-11 16:43:20 10,752 ----a-w C:\WINDOWS\system32\cmsetACL.dll + 2008-04-13 15:33:22 13,312 ----a-w C:\WINDOWS\system32\cmsetacl.dll - 2004-06-11 16:43:40 64,512 ----a-w C:\WINDOWS\system32\cmstp.exe + 2008-04-13 15:33:58 65,536 ----a-w C:\WINDOWS\system32\cmstp.exe - 2004-06-11 16:43:20 40,448 ----a-w C:\WINDOWS\system32\cmutil.dll + 2008-04-13 15:33:22 40,960 ----a-w C:\WINDOWS\system32\cmutil.dll - 2004-06-11 16:53:30 50,688 ----a-w C:\WINDOWS\system32\cnbjmon.dll + 2008-04-13 15:33:22 50,688 ----a-w C:\WINDOWS\system32\cnbjmon.dll - 2004-06-11 16:43:20 84,992 ----a-w C:\WINDOWS\system32\colbact.dll + 2008-04-13 15:33:22 60,416 ----a-w C:\WINDOWS\system32\colbact.dll - 2004-06-11 16:43:20 244,736 ----a-w C:\WINDOWS\system32\Com\comadmin.dll + 2008-04-13 15:33:22 195,072 ----a-w C:\WINDOWS\system32\Com\comadmin.dll - 2004-06-11 16:43:40 12,288 ----a-w C:\WINDOWS\system32\Com\comrepl.exe + 2008-04-13 15:33:58 9,728 ----a-w C:\WINDOWS\system32\Com\comrepl.exe - 2001-08-28 13:00:00 5,120 ----a-w C:\WINDOWS\system32\Com\comrereg.exe + 2008-04-13 15:33:58 6,144 ----a-w C:\WINDOWS\system32\Com\comrereg.exe - 2001-08-28 13:00:00 25,600 ----a-w C:\WINDOWS\system32\comaddin.dll + 2008-04-13 15:33:22 28,160 ----a-w C:\WINDOWS\system32\comaddin.dll - 2004-06-11 16:43:20 621,056 ----a-w C:\WINDOWS\system32\comctl32.dll + 2008-04-13 15:33:22 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll - 2004-06-11 16:43:20 281,600 ----a-w C:\WINDOWS\system32\comdlg32.dll + 2008-04-13 15:33:22 281,600 ----a-w C:\WINDOWS\system32\comdlg32.dll - 2004-06-11 16:43:20 253,440 ----a-w C:\WINDOWS\system32\compatUI.dll + 2008-04-13 15:33:22 253,440 ----a-w C:\WINDOWS\system32\compatui.dll - 2004-06-11 16:43:20 230,912 ----a-w C:\WINDOWS\system32\compstui.dll + 2008-04-13 15:33:22 230,912 ----a-w C:\WINDOWS\system32\compstui.dll - 2001-08-28 13:00:00 82,432 ----a-w C:\WINDOWS\system32\comrepl.dll + 2008-04-13 15:33:22 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll - 2004-06-11 16:43:20 851,968 ----a-w C:\WINDOWS\system32\comres.dll + 2008-04-13 15:33:22 851,968 ----a-w C:\WINDOWS\system32\comres.dll + 2008-04-13 07:43:34 9,728 ------w C:\WINDOWS\system32\comsdupd.exe - 2001-08-28 13:00:00 147,456 ----a-w C:\WINDOWS\system32\comsnap.dll + 2008-04-13 15:33:22 167,424 ----a-w C:\WINDOWS\system32\comsnap.dll - 2004-06-11 16:43:20 1,654,272 ----a-w C:\WINDOWS\system32\comsvcs.dll + 2008-04-13 15:33:22 1,267,200 ----a-w C:\WINDOWS\system32\comsvcs.dll - 2004-06-11 16:43:20 746,496 ----a-w C:\WINDOWS\system32\comuid.dll + 2008-04-13 15:33:22 539,648 ----a-w C:\WINDOWS\system32\comuid.dll - 2006-08-19 12:46:22 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat + 2008-08-10 00:15:39 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - 2006-08-19 12:46:22 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2008-08-10 00:15:39 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2008-08-10 00:15:30 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008081020080811\index.dat - 2006-08-19 12:46:22 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-08-10 00:15:39 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2001-08-28 13:00:00 346,112 ----a-w C:\WINDOWS\system32\confmsp.dll + 2008-04-13 15:33:22 358,400 ----a-w C:\WINDOWS\system32\confmsp.dll - 2004-06-11 16:43:40 27,648 ----a-w C:\WINDOWS\system32\conime.exe + 2008-04-13 15:34:00 27,648 ----a-w C:\WINDOWS\system32\conime.exe - 2004-06-11 16:43:20 30,208 ----a-w C:\WINDOWS\system32\corpol.dll + 2008-04-13 15:33:22 35,328 ----a-w C:\WINDOWS\system32\corpol.dll + 2008-04-13 15:33:22 12,800 ------w C:\WINDOWS\system32\credssp.dll - 2004-06-11 16:43:20 165,888 ----a-w C:\WINDOWS\system32\credui.dll + 2008-04-13 15:33:22 165,888 ----a-w C:\WINDOWS\system32\credui.dll - 2004-06-11 16:43:20 609,280 ----a-w C:\WINDOWS\system32\crypt32.dll + 2008-04-13 15:33:22 606,208 ----a-w C:\WINDOWS\system32\crypt32.dll - 2004-06-11 16:43:20 75,776 ----a-w C:\WINDOWS\system32\cryptdlg.dll + 2008-04-13 15:33:22 75,776 ----a-w C:\WINDOWS\system32\cryptdlg.dll - 2004-06-11 16:43:20 33,280 ----a-w C:\WINDOWS\system32\cryptdll.dll + 2008-04-13 15:33:22 33,280 ----a-w C:\WINDOWS\system32\cryptdll.dll - 2004-06-11 16:43:20 54,784 ----a-w C:\WINDOWS\system32\cryptext.dll + 2008-04-13 15:33:22 54,784 ----a-w C:\WINDOWS\system32\cryptext.dll - 2004-06-11 16:43:20 62,976 ----a-w C:\WINDOWS\system32\cryptnet.dll + 2008-04-13 15:33:22 64,512 ----a-w C:\WINDOWS\system32\cryptnet.dll - 2004-06-11 16:43:20 59,904 ----a-w C:\WINDOWS\system32\cryptsvc.dll + 2008-04-13 15:33:22 62,464 ----a-w C:\WINDOWS\system32\cryptsvc.dll - 2004-06-11 16:43:20 530,432 ----a-w C:\WINDOWS\system32\cryptui.dll + 2008-04-13 15:33:22 530,432 ----a-w C:\WINDOWS\system32\cryptui.dll - 2004-06-11 16:43:20 102,912 ----a-w C:\WINDOWS\system32\cscdll.dll + 2008-04-13 15:33:22 102,912 ----a-w C:\WINDOWS\system32\cscdll.dll - 2004-06-11 16:43:40 98,304 ----a-w C:\WINDOWS\system32\cscript.exe + 2008-05-07 09:07:23 135,168 ----a-w C:\WINDOWS\system32\cscript.exe - 2004-06-11 16:43:20 339,456 ----a-w C:\WINDOWS\system32\cscui.dll + 2008-04-13 15:33:22 337,920 ----a-w C:\WINDOWS\system32\cscui.dll - 2004-06-11 16:43:20 32,768 ----a-w C:\WINDOWS\system32\csrsrv.dll + 2008-04-13 15:33:24 32,256 ----a-w C:\WINDOWS\system32\csrsrv.dll - 2004-06-11 16:43:40 4,096 ----a-w C:\WINDOWS\system32\csrss.exe + 2008-04-13 15:34:00 6,144 ----a-w C:\WINDOWS\system32\csrss.exe - 2004-06-11 16:43:40 14,336 ----a-w C:\WINDOWS\system32\ctfmon.exe + 2008-04-13 15:34:00 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe - 2004-06-11 16:43:20 1,179,648 ----a-w C:\WINDOWS\system32\d3d8.dll + 2008-04-13 15:33:24 1,179,648 ----a-w C:\WINDOWS\system32\d3d8.dll - 2004-06-11 16:43:20 8,192 ----a-w C:\WINDOWS\system32\d3d8thk.dll + 2008-04-13 15:33:24 8,192 ----a-w C:\WINDOWS\system32\d3d8thk.dll - 2004-06-11 16:43:20 1,689,088 ----a-w C:\WINDOWS\system32\d3d9.dll + 2008-04-13 15:33:24 1,689,088 ----a-w C:\WINDOWS\system32\d3d9.dll - 2004-06-11 16:43:20 825,856 ----a-w C:\WINDOWS\system32\d3dim700.dll + 2008-04-13 15:33:24 824,320 ----a-w C:\WINDOWS\system32\d3dim700.dll - 2004-06-11 16:43:20 1,056,256 ----a-w C:\WINDOWS\system32\danim.dll + 2008-04-13 15:33:24 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll - 2004-06-11 16:43:20 54,784 ----a-w C:\WINDOWS\system32\dataclen.dll + 2008-04-13 15:33:24 55,296 ----a-w C:\WINDOWS\system32\dataclen.dll - 2001-08-28 13:00:00 152,064 ----a-w C:\WINDOWS\system32\datime.dll + 2008-04-13 15:33:24 165,376 ----a-w C:\WINDOWS\system32\datime.dll - 2004-06-11 16:43:20 24,576 ----a-w C:\WINDOWS\system32\davclnt.dll + 2008-04-13 15:33:24 25,600 ----a-w C:\WINDOWS\system32\davclnt.dll - 2004-06-11 16:43:20 640,000 ----a-w C:\WINDOWS\system32\dbghelp.dll + 2008-04-13 15:33:24 640,000 ----a-w C:\WINDOWS\system32\dbghelp.dll - 2004-06-11 16:43:20 24,576 ----a-w C:\WINDOWS\system32\dbmsrpcn.dll + 2008-04-13 15:33:24 24,576 ----a-w C:\WINDOWS\system32\dbmsrpcn.dll - 2004-06-11 16:43:20 110,592 ----a-w C:\WINDOWS\system32\dbnetlib.dll + 2008-04-13 15:33:24 110,592 ----a-w C:\WINDOWS\system32\dbnetlib.dll - 2004-06-11 16:43:20 28,672 ----a-w C:\WINDOWS\system32\dbnmpntw.dll + 2008-04-13 15:33:24 28,672 ----a-w C:\WINDOWS\system32\dbnmpntw.dll - 2004-06-11 16:55:36 1,788 ----a-w C:\WINDOWS\system32\Dcache.bin + 2008-04-13 15:50:22 1,804 ----a-w C:\WINDOWS\system32\dcache.bin - 2004-06-11 16:43:20 8,704 ----a-w C:\WINDOWS\system32\dciman32.dll + 2008-04-13 15:33:24 8,704 ----a-w C:\WINDOWS\system32\dciman32.dll - 2001-08-28 13:00:00 5,120 ----a-w C:\WINDOWS\system32\dcomcnfg.exe + 2008-04-13 15:34:00 6,144 ----a-w C:\WINDOWS\system32\dcomcnfg.exe - 2004-06-11 16:43:40 31,744 ----a-w C:\WINDOWS\system32\ddeshare.exe + 2008-04-13 15:34:00 31,744 ----a-w C:\WINDOWS\system32\ddeshare.exe - 2004-06-11 16:43:20 265,728 ----a-w C:\WINDOWS\system32\ddraw.dll + 2008-04-13 15:33:24 279,552 ----a-w C:\WINDOWS\system32\ddraw.dll - 2004-06-11 16:43:20 26,624 ----a-w C:\WINDOWS\system32\ddrawex.dll + 2008-04-13 15:33:24 27,136 ----a-w C:\WINDOWS\system32\ddrawex.dll - 2004-06-11 16:43:40 25,088 ----a-w C:\WINDOWS\system32\defrag.exe + 2008-04-13 15:34:00 25,088 ----a-w C:\WINDOWS\system32\defrag.exe - 2004-06-11 16:43:20 59,904 ----a-w C:\WINDOWS\system32\devenum.dll + 2008-04-13 15:33:24 59,904 ----a-w C:\WINDOWS\system32\devenum.dll - 2004-06-11 16:43:20 290,816 ----a-w C:\WINDOWS\system32\devmgr.dll + 2008-04-13 15:33:24 290,816 ----a-w C:\WINDOWS\system32\devmgr.dll - 2004-06-11 16:43:40 82,432 ----a-w C:\WINDOWS\system32\dfrgfat.exe + 2008-04-13 15:34:00 82,944 ----a-w C:\WINDOWS\system32\dfrgfat.exe - 2004-06-11 16:43:40 104,960 ----a-w C:\WINDOWS\system32\dfrgntfs.exe + 2008-04-13 15:34:00 105,472 ----a-w C:\WINDOWS\system32\dfrgntfs.exe - 2004-06-11 16:43:20 39,424 ----a-w C:\WINDOWS\system32\dfrgsnap.dll + 2008-04-13 15:33:24 39,936 ----a-w C:\WINDOWS\system32\dfrgsnap.dll - 2004-06-11 16:43:20 123,904 ----a-w C:\WINDOWS\system32\dfrgui.dll + 2008-04-13 15:33:24 124,416 ----a-w C:\WINDOWS\system32\dfrgui.dll - 2004-06-11 16:43:20 28,672 ----a-w C:\WINDOWS\system32\dfsshlex.dll + 2008-04-13 15:33:24 28,672 ----a-w C:\WINDOWS\system32\dfsshlex.dll - 2004-06-11 16:43:20 115,200 ----a-w C:\WINDOWS\system32\dgnet.dll + 2008-04-13 15:33:24 115,200 ----a-w C:\WINDOWS\system32\dgnet.dll - 2004-06-11 16:43:20 111,616 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll + 2008-04-13 15:33:24 127,488 ----a-w C:\WINDOWS\system32\dhcpcsvc.dll - 2001-08-28 13:00:00 401,408 ----a-w C:\WINDOWS\system32\dhcpmon.dll + 2008-04-13 15:33:24 411,136 ----a-w C:\WINDOWS\system32\dhcpmon.dll + 2008-04-13 15:33:24 49,152 ------w C:\WINDOWS\system32\dhcpqec.dll - 2004-06-11 16:43:40 85,504 ----a-w C:\WINDOWS\system32\diantz.exe + 2008-04-13 15:34:02 87,040 ----a-w C:\WINDOWS\system32\diantz.exe - 2004-06-11 16:43:20 68,608 ----a-w C:\WINDOWS\system32\digest.dll + 2008-04-13 15:33:24 68,608 ----a-w C:\WINDOWS\system32\digest.dll + 2008-04-13 15:33:24 19,456 ------w C:\WINDOWS\system32\dimsntfy.dll + 2008-04-13 15:33:24 39,936 ------w C:\WINDOWS\system32\dimsroam.dll - 2004-06-11 16:43:20 165,376 ----a-w C:\WINDOWS\system32\dinput.dll + 2008-04-13 15:33:24 165,376 ----a-w C:\WINDOWS\system32\dinput.dll - 2004-06-11 16:43:20 187,904 ----a-w C:\WINDOWS\system32\dinput8.dll + 2008-04-13 15:33:24 187,904 ----a-w C:\WINDOWS\system32\dinput8.dll - 2001-08-28 13:00:00 1,502,208 ----a-w C:\WINDOWS\system32\diskcopy.dll + 2008-04-13 15:33:24 1,504,768 ----a-w C:\WINDOWS\system32\diskcopy.dll - 2004-06-11 16:43:40 167,936 ----a-w C:\WINDOWS\system32\diskpart.exe + 2008-04-13 15:34:02 167,936 ----a-w C:\WINDOWS\system32\diskpart.exe - 2001-08-28 13:00:00 45,083 ----a-w C:\WINDOWS\system32\dispex.dll + 2008-04-13 15:33:24 32,768 ----a-w C:\WINDOWS\system32\dispex.dll - 2004-06-11 16:43:18 61,440 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll + 2007-08-13 14:39:20 71,680 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll - 2004-06-11 16:43:18 101,888 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll + 2008-04-23 04:16:39 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll - 2004-06-10 16:30:52 138,496 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys + 2008-06-20 11:40:08 138,496 -c----w C:\WINDOWS\system32\dllcache\afd.sys - 2004-06-11 16:30:56 8,704 -c--a-w C:\WINDOWS\system32\dllcache\asferror.dll + 2008-04-13 14:55:02 8,704 -c--a-w C:\WINDOWS\system32\dllcache\asferror.dll - 2004-06-11 16:43:18 295,424 -c--a-w C:\WINDOWS\system32\dllcache\blackbox.dll + 2008-04-13 15:33:20 286,720 -c--a-w C:\WINDOWS\system32\dllcache\blackbox.dll - 2005-05-26 00:16:24 75,544 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll + 2007-07-30 15:19:20 92,504 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll - 2004-06-11 16:43:20 159,232 -c--a-w C:\WINDOWS\system32\dllcache\cewmdm.dll + 2008-04-13 15:33:22 159,232 -c--a-w C:\WINDOWS\system32\dllcache\cewmdm.dll - 2004-06-10 15:46:40 97,792 -c--a-w C:\WINDOWS\system32\dllcache\chtmbx.dll + 2008-04-13 15:31:04 97,792 -c--a-w C:\WINDOWS\system32\dllcache\chtmbx.dll - 2004-06-10 15:46:40 56,320 -c--a-w C:\WINDOWS\system32\dllcache\chtskdic.dll + 2008-04-13 15:31:04 56,320 -c--a-w C:\WINDOWS\system32\dllcache\chtskdic.dll - 2004-06-10 15:46:40 173,568 -c--a-w C:\WINDOWS\system32\dllcache\chtskf.dll + 2008-04-13 15:31:04 173,568 -c--a-w C:\WINDOWS\system32\dllcache\chtskf.dll - 2004-06-10 15:46:40 198,656 -c--a-w C:\WINDOWS\system32\dllcache\cintime.dll + 2008-04-13 15:31:06 198,656 -c--a-w C:\WINDOWS\system32\dllcache\cintime.dll - 2004-06-11 16:43:40 98,304 -c--a-w C:\WINDOWS\system32\dllcache\cscript.exe + 2008-05-07 09:07:23 135,168 -c----w C:\WINDOWS\system32\dllcache\cscript.exe - 2004-06-11 16:43:20 28,672 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll + 2007-08-13 14:54:10 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll - 2004-06-11 16:43:20 149,504 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll + 2008-06-20 17:47:22 147,968 -c----w C:\WINDOWS\system32\dllcache\dnsapi.dll - 2004-06-11 16:43:12 104,960 -c--a-w C:\WINDOWS\system32\dllcache\dpcdll.dll + 2008-04-13 15:32:26 103,424 -c----w C:\WINDOWS\system32\dllcache\dpcdll.dll - 2004-06-11 16:43:54 299,520 -c--a-w C:\WINDOWS\system32\dllcache\drmclien.dll + 2008-04-13 15:34:42 299,520 -c--a-w C:\WINDOWS\system32\dllcache\drmclien.dll - 2004-06-11 16:43:20 87,040 -c--a-w C:\WINDOWS\system32\dllcache\drmstor.dll + 2008-04-13 15:33:24 87,040 -c--a-w C:\WINDOWS\system32\dllcache\drmstor.dll - 2004-06-11 16:43:52 695,808 -c--a-w C:\WINDOWS\system32\dllcache\drmv2clt.dll + 2008-04-13 15:34:40 695,808 -c--a-w C:\WINDOWS\system32\dllcache\drmv2clt.dll - 2004-06-11 16:43:22 499,741 -c--a-w C:\WINDOWS\system32\dllcache\dxmasf.dll + 2008-04-13 15:33:24 500,278 -c--a-w C:\WINDOWS\system32\dllcache\dxmasf.dll - 2004-06-11 16:43:22 358,912 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll + 2008-04-23 04:16:39 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll - 2004-06-11 16:43:22 205,824 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll + 2008-04-23 04:16:39 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll - 2004-06-11 16:43:22 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll + 2008-04-23 04:16:39 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll - 2004-06-11 16:43:24 38,400 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll + 2007-08-13 14:18:02 60,416 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll - 2001-08-28 13:00:00 13,463,552 -c--a-w C:\WINDOWS\system32\dllcache\hwxjpn.dll + 2008-04-13 15:31:32 13,463,552 -c--a-w C:\WINDOWS\system32\dllcache\hwxjpn.dll + 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll - 2004-06-11 16:43:42 33,280 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe + 2008-04-22 07:41:08 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe - 2004-06-11 16:43:24 139,264 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll + 2008-04-23 04:16:39 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll - 2004-06-11 16:43:24 221,696 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll + 2008-04-23 04:16:39 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll - 2001-08-28 13:00:00 245,760 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll + 2008-04-20 05:07:51 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll + 2007-04-17 09:32:38 2,455,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dat + 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll - 2004-06-11 16:43:24 319,488 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll + 2008-04-23 04:16:39 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll - 2004-06-11 16:43:42 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe + 2007-08-13 14:44:02 69,120 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe + 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll - 2004-06-11 16:43:24 247,296 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll + 2007-08-13 14:54:10 191,488 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll - 2004-06-11 16:43:24 26,624 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll + 2008-04-23 04:16:39 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll + 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll - 2004-06-11 16:43:24 62,976 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll + 2007-08-13 14:39:12 55,296 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll + 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe - 2004-06-11 16:43:42 93,184 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe + 2008-04-22 07:41:30 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe - 2004-06-10 16:21:20 106,496 -c--a-w C:\WINDOWS\system32\dllcache\imekrcic.dll + 2008-04-13 15:31:34 106,496 -c--a-w C:\WINDOWS\system32\dllcache\imekrcic.dll - 2004-06-10 16:21:16 85,504 -c--a-w C:\WINDOWS\system32\dllcache\imekrmbx.dll + 2008-04-13 15:31:34 86,016 -c--a-w C:\WINDOWS\system32\dllcache\imekrmbx.dll - 2004-06-11 16:43:24 34,816 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll + 2007-08-13 14:36:06 36,352 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll - 2004-06-10 15:46:38 811,064 -c--a-w C:\WINDOWS\system32\dllcache\imjp81k.dll + 2008-04-13 15:31:34 811,064 -c--a-w C:\WINDOWS\system32\dllcache\imjp81k.dll - 2004-06-10 15:46:40 368,696 -c--a-w C:\WINDOWS\system32\dllcache\imjpcic.dll + 2008-04-13 15:31:34 368,696 -c--a-w C:\WINDOWS\system32\dllcache\imjpcic.dll - 2004-06-10 15:46:40 716,856 -c--a-w C:\WINDOWS\system32\dllcache\imjpcus.dll + 2008-04-13 15:31:34 716,856 -c--a-w C:\WINDOWS\system32\dllcache\imjpcus.dll - 2004-06-10 15:46:40 81,976 -c--a-w C:\WINDOWS\system32\dllcache\imjpdct.dll + 2008-04-13 15:31:34 81,976 -c--a-w C:\WINDOWS\system32\dllcache\imjpdct.dll - 2004-06-10 15:47:02 274,489 -c--a-w C:\WINDOWS\system32\dllcache\imjputyc.dll + 2008-04-13 15:31:36 274,489 -c--a-w C:\WINDOWS\system32\dllcache\imjputyc.dll - 2004-06-10 15:47:12 102,456 -c--a-w C:\WINDOWS\system32\dllcache\imlang.dll + 2008-04-13 15:31:36 102,456 -c--a-w C:\WINDOWS\system32\dllcache\imlang.dll - 2001-08-28 13:00:00 315,452 -c--a-w C:\WINDOWS\system32\dllcache\imskf.dll + 2008-04-13 15:31:36 315,455 -c--a-w C:\WINDOWS\system32\dllcache\imskf.dll - 2004-06-11 16:43:24 81,408 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll + 2007-08-13 14:39:02 92,672 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll - 2004-06-11 16:43:26 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll + 2008-05-09 10:55:00 512,000 -c----w C:\WINDOWS\system32\dllcache\jscript.dll - 2004-06-11 16:43:26 15,872 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll + 2008-04-23 04:16:40 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll - 2004-06-11 16:43:26 6,656 -c--a-w C:\WINDOWS\system32\dllcache\laprxy.dll + 2008-04-13 15:33:30 6,656 -c--a-w C:\WINDOWS\system32\dllcache\laprxy.dll - 2004-06-11 16:43:26 22,528 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll + 2007-08-13 14:44:18 40,960 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll - 2004-06-11 16:43:42 103,936 -c--a-w C:\WINDOWS\system32\dllcache\logagent.exe + 2008-04-13 15:34:10 103,936 -c--a-w C:\WINDOWS\system32\dllcache\logagent.exe - 2004-06-11 16:43:42 782,336 -c--a-w C:\WINDOWS\system32\dllcache\migrate.exe + 2008-04-13 15:34:12 786,432 -c--a-w C:\WINDOWS\system32\dllcache\migrate.exe - 2004-06-11 16:43:28 310,272 -c--a-w C:\WINDOWS\system32\dllcache\mp43dmod.dll + 2008-04-13 15:33:32 310,272 -c--a-w C:\WINDOWS\system32\dllcache\mp43dmod.dll - 2004-06-11 16:43:28 384,512 -c--a-w C:\WINDOWS\system32\dllcache\mp4sdmod.dll + 2008-04-13 15:33:32 384,512 -c--a-w C:\WINDOWS\system32\dllcache\mp4sdmod.dll - 2004-06-11 16:43:28 240,640 -c--a-w C:\WINDOWS\system32\dllcache\mpg4dmod.dll + 2008-04-13 15:33:32 240,640 -c--a-w C:\WINDOWS\system32\dllcache\mpg4dmod.dll - 2004-06-11 16:43:44 124,928 -c--a-w C:\WINDOWS\system32\dllcache\mplay32.exe + 2008-04-13 15:34:14 124,928 -c--a-w C:\WINDOWS\system32\dllcache\mplay32.exe - 2004-06-11 16:43:44 4,639 -c--a-w C:\WINDOWS\system32\dllcache\mplayer2.exe + 2008-04-13 15:34:14 4,639 -c--a-w C:\WINDOWS\system32\dllcache\mplayer2.exe - 2004-06-11 16:43:28 368,640 -c--a-w C:\WINDOWS\system32\dllcache\mpvis.dll + 2008-04-13 15:33:32 368,640 -c--a-w C:\WINDOWS\system32\dllcache\mpvis.dll - 2004-06-11 16:42:28 4,126 -c--a-w C:\WINDOWS\system32\dllcache\msdxmlc.dll + 2008-04-13 15:31:54 4,126 -c--a-w C:\WINDOWS\system32\dllcache\msdxmlc.dll + 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll + 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll - 2004-06-11 16:43:44 29,184 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe + 2007-08-13 14:32:30 45,568 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe - 2004-06-11 16:43:28 3,035,136 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll + 2008-04-23 18:16:42 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll - 2004-06-11 16:43:28 452,608 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll + 2008-04-23 04:16:40 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll - 2004-06-11 16:35:40 57,344 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll + 2007-08-13 14:01:12 48,128 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll - 2001-08-28 13:00:00 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll + 2007-08-13 14:54:10 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll - 2004-06-11 16:43:50 259,072 -c--a-w C:\WINDOWS\system32\dllcache\msnetobj.dll + 2008-04-13 15:34:38 259,072 -c--a-w C:\WINDOWS\system32\dllcache\msnetobj.dll - 2004-06-11 16:43:30 52,736 -c--a-w C:\WINDOWS\system32\dllcache\mspmsnsv.dll + 2008-04-13 15:33:34 52,736 -c--a-w C:\WINDOWS\system32\dllcache\mspmsnsv.dll - 2004-06-11 16:43:30 201,728 -c--a-w C:\WINDOWS\system32\dllcache\mspmsp.dll + 2008-04-13 15:33:34 201,728 -c--a-w C:\WINDOWS\system32\dllcache\mspmsp.dll - 2004-06-11 16:43:30 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll + 2008-04-23 04:16:40 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll - 2004-06-11 16:43:52 356,352 -c--a-w C:\WINDOWS\system32\dllcache\msscp.dll + 2008-04-13 15:34:40 356,352 -c--a-w C:\WINDOWS\system32\dllcache\msscp.dll - 2004-06-11 16:43:30 530,432 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll + 2008-04-23 04:16:40 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll - 2004-06-11 16:43:30 246,272 -c--a-w C:\WINDOWS\system32\dllcache\mswmdm.dll + 2008-04-13 15:33:34 246,272 -c--a-w C:\WINDOWS\system32\dllcache\mswmdm.dll - 2004-06-11 16:43:30 247,296 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll + 2008-06-20 17:47:22 247,808 -c----w C:\WINDOWS\system32\dllcache\mswsock.dll + 2008-04-13 15:33:36 1,306,624 -c----w C:\WINDOWS\system32\dllcache\msxml6.dll + 2008-04-13 15:04:22 93,184 -c----w C:\WINDOWS\system32\dllcache\msxml6r.dll - 2004-06-11 16:43:52 226,816 -c--a-w C:\WINDOWS\system32\dllcache\npdrmv2.dll + 2008-04-13 15:34:40 226,816 -c--a-w C:\WINDOWS\system32\dllcache\npdrmv2.dll - 2004-06-11 16:43:30 364,544 -c--a-w C:\WINDOWS\system32\dllcache\npdsplay.dll + 2008-04-13 15:33:38 364,544 -c--a-w C:\WINDOWS\system32\dllcache\npdsplay.dll - 2004-06-11 16:43:30 10,240 -c--a-w C:\WINDOWS\system32\dllcache\npwmsdrm.dll + 2008-04-13 15:33:38 10,240 -c--a-w C:\WINDOWS\system32\dllcache\npwmsdrm.dll - 2004-06-11 16:43:30 96,768 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll + 2008-04-23 04:16:40 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll - 2004-06-10 15:46:50 15,872 -c--a-w C:\WINDOWS\system32\dllcache\padrs404.dll + 2008-04-13 15:32:18 15,872 -c--a-w C:\WINDOWS\system32\dllcache\padrs404.dll - 2004-06-10 15:46:38 15,360 -c--a-w C:\WINDOWS\system32\dllcache\padrs804.dll + 2008-04-13 15:32:18 15,360 -c--a-w C:\WINDOWS\system32\dllcache\padrs804.dll - 2004-06-11 16:43:04 24,064 -c--a-w C:\WINDOWS\system32\dllcache\pidgen.dll + 2008-04-13 15:31:18 24,064 -c----w C:\WINDOWS\system32\dllcache\pidgen.dll - 2004-06-10 15:46:38 175,104 -c--a-w C:\WINDOWS\system32\dllcache\pintlcsa.dll + 2008-04-13 15:32:18 175,104 -c--a-w C:\WINDOWS\system32\dllcache\pintlcsa.dll - 2004-06-10 15:46:38 53,760 -c--a-w C:\WINDOWS\system32\dllcache\pintlcsd.dll + 2008-04-13 15:32:18 53,760 -c--a-w C:\WINDOWS\system32\dllcache\pintlcsd.dll - 2004-06-10 15:46:36 70,144 -c--a-w C:\WINDOWS\system32\dllcache\pintlphr.exe + 2008-04-13 05:43:38 70,144 -c--a-w C:\WINDOWS\system32\dllcache\pintlphr.exe - 2004-06-10 15:46:38 67,584 -c--a-w C:\WINDOWS\system32\dllcache\pmigrate.dll + 2008-04-13 15:32:18 67,584 -c--a-w C:\WINDOWS\system32\dllcache\pmigrate.dll - 2004-06-11 16:43:32 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll + 2008-04-23 04:16:40 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll - 2004-06-11 16:43:32 1,292,800 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll + 2008-05-07 05:11:24 1,294,336 -c----w C:\WINDOWS\system32\dllcache\quartz.dll - 2004-06-11 16:43:34 159,744 -c--a-w C:\WINDOWS\system32\dllcache\scrobj.dll + 2008-05-09 10:55:00 180,224 -c----w C:\WINDOWS\system32\dllcache\scrobj.dll - 2004-06-11 16:43:34 151,552 -c--a-w C:\WINDOWS\system32\dllcache\scrrun.dll + 2008-05-09 10:55:00 172,032 -c----w C:\WINDOWS\system32\dllcache\scrrun.dll - 2004-06-11 16:43:46 778,240 -c--a-w C:\WINDOWS\system32\dllcache\setup_wm.exe + 2008-04-13 15:34:22 778,240 -c--a-w C:\WINDOWS\system32\dllcache\setup_wm.exe - 2004-06-11 16:43:34 153,088 -c--a-w C:\WINDOWS\system32\dllcache\shmedia.dll + 2008-04-13 15:33:42 153,600 -c--a-w C:\WINDOWS\system32\dllcache\shmedia.dll - 2004-06-11 16:43:36 246,302 -c--a-w C:\WINDOWS\system32\dllcache\strmdll.dll + 2008-04-13 15:33:48 246,814 -c--a-w C:\WINDOWS\system32\dllcache\strmdll.dll - 2004-06-10 16:31:08 359,424 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys + 2008-06-20 11:51:12 361,600 -c----w C:\WINDOWS\system32\dllcache\tcpip.sys - 2004-06-10 16:26:24 222,976 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys + 2008-06-20 11:08:27 225,856 -c----w C:\WINDOWS\system32\dllcache\tcpip6.sys - 2004-06-10 15:46:56 10,240 -c--a-w C:\WINDOWS\system32\dllcache\tmigrate.dll + 2008-04-13 15:32:44 10,240 -c--a-w C:\WINDOWS\system32\dllcache\tmigrate.dll - 2004-06-10 16:21:08 75,776 -c--a-w C:\WINDOWS\system32\dllcache\uniime.dll + 2008-04-13 15:32:46 76,288 -c--a-w C:\WINDOWS\system32\dllcache\uniime.dll - 2004-06-11 16:43:46 208,896 -c--a-w C:\WINDOWS\system32\dllcache\unregmp2.exe + 2008-04-13 15:34:28 208,896 -c--a-w C:\WINDOWS\system32\dllcache\unregmp2.exe - 2004-06-11 16:43:36 37,376 -c--a-w C:\WINDOWS\system32\dllcache\url.dll + 2008-04-23 04:16:40 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll - 2004-06-11 16:43:36 599,552 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll + 2008-04-23 04:16:40 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll - 2004-06-11 16:43:36 421,888 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll + 2008-05-09 10:55:00 430,080 -c----w C:\WINDOWS\system32\dllcache\vbscript.dll - 2004-06-11 16:43:36 848,896 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll + 2007-08-13 14:54:10 765,952 -c--a-w C:\WINDOWS\system32\dllcache\VGX.dll - 2004-06-10 15:47:14 426,041 -c--a-w C:\WINDOWS\system32\dllcache\voicepad.dll + 2008-04-13 15:32:48 426,041 -c--a-w C:\WINDOWS\system32\dllcache\voicepad.dll - 2004-06-10 15:47:14 86,073 -c--a-w C:\WINDOWS\system32\dllcache\voicesub.dll + 2008-04-13 15:32:48 86,073 -c--a-w C:\WINDOWS\system32\dllcache\voicesub.dll - 2004-06-11 16:43:38 281,600 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll + 2008-04-23 04:16:40 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll - 2004-06-11 16:43:38 652,800 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll + 2008-04-23 04:16:40 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll - 2004-06-11 16:43:38 408,064 -c--a-w C:\WINDOWS\system32\dllcache\wmadmod.dll + 2008-04-13 15:33:50 408,064 -c--a-w C:\WINDOWS\system32\dllcache\wmadmod.dll - 2004-06-11 16:43:38 670,720 -c--a-w C:\WINDOWS\system32\dllcache\wmadmoe.dll + 2008-04-13 15:33:50 670,720 -c--a-w C:\WINDOWS\system32\dllcache\wmadmoe.dll - 2004-06-11 16:43:38 230,400 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll + 2008-04-13 15:33:50 230,912 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll - 2004-06-11 16:43:38 27,136 -c--a-w C:\WINDOWS\system32\dllcache\wmdmlog.dll + 2008-04-13 15:33:50 27,136 -c--a-w C:\WINDOWS\system32\dllcache\wmdmlog.dll - 2004-06-11 16:43:38 23,552 -c--a-w C:\WINDOWS\system32\dllcache\wmdmps.dll + 2008-04-13 15:33:50 23,552 -c--a-w C:\WINDOWS\system32\dllcache\wmdmps.dll - 2004-06-11 16:39:52 200,704 -c--a-w C:\WINDOWS\system32\dllcache\wmerror.dll + 2008-04-13 14:59:36 200,704 -c--a-w C:\WINDOWS\system32\dllcache\wmerror.dll - 2004-06-11 16:43:38 151,552 -c--a-w C:\WINDOWS\system32\dllcache\wmidx.dll + 2008-04-13 15:33:50 151,552 -c--a-w C:\WINDOWS\system32\dllcache\wmidx.dll - 2004-06-11 16:43:38 1,050,624 -c--a-w C:\WINDOWS\system32\dllcache\wmnetmgr.dll + 2008-04-13 15:33:50 1,053,184 -c--a-w C:\WINDOWS\system32\dllcache\wmnetmgr.dll - 2004-06-11 16:43:38 4,874,240 -c--a-w C:\WINDOWS\system32\dllcache\wmp.dll + 2008-04-13 15:33:50 4,874,240 -c--a-w C:\WINDOWS\system32\dllcache\wmp.dll - 2004-06-11 16:43:38 114,688 -c--a-w C:\WINDOWS\system32\dllcache\wmpasf.dll + 2008-04-13 15:33:50 114,688 -c--a-w C:\WINDOWS\system32\dllcache\wmpasf.dll - 2004-06-11 16:43:38 98,304 -c--a-w C:\WINDOWS\system32\dllcache\wmpband.dll + 2008-04-13 15:33:50 98,304 -c--a-w C:\WINDOWS\system32\dllcache\wmpband.dll - 2004-06-11 16:43:38 20,480 -c--a-w C:\WINDOWS\system32\dllcache\wmpcd.dll + 2008-04-13 15:33:50 20,480 -c--a-w C:\WINDOWS\system32\dllcache\wmpcd.dll - 2004-06-11 16:43:38 20,480 -c--a-w C:\WINDOWS\system32\dllcache\wmpcore.dll + 2008-04-13 15:33:50 20,480 -c--a-w C:\WINDOWS\system32\dllcache\wmpcore.dll - 2004-06-11 16:43:38 233,472 -c--a-w C:\WINDOWS\system32\dllcache\wmpdxm.dll + 2008-04-13 15:33:50 233,472 -c--a-w C:\WINDOWS\system32\dllcache\wmpdxm.dll - 2004-06-11 16:43:46 73,728 -c--a-w C:\WINDOWS\system32\dllcache\wmplayer.exe + 2008-04-13 15:34:30 73,728 -c--a-w C:\WINDOWS\system32\dllcache\wmplayer.exe - 2004-06-11 16:33:50 2,985,984 -c--a-w C:\WINDOWS\system32\dllcache\wmploc.dll + 2008-04-13 15:02:18 2,985,984 -c--a-w C:\WINDOWS\system32\dllcache\wmploc.dll - 2004-06-11 16:43:38 221,184 -c--a-w C:\WINDOWS\system32\dllcache\wmpns.dll + 2008-04-13 15:33:50 221,184 -c--a-w C:\WINDOWS\system32\dllcache\wmpns.dll - 2004-06-11 16:43:38 102,400 -c--a-w C:\WINDOWS\system32\dllcache\wmpshell.dll + 2008-04-13 15:33:50 102,400 -c--a-w C:\WINDOWS\system32\dllcache\wmpshell.dll - 2004-06-11 16:43:38 20,480 -c--a-w C:\WINDOWS\system32\dllcache\wmpui.dll + 2008-04-13 15:33:50 20,480 -c--a-w C:\WINDOWS\system32\dllcache\wmpui.dll - 2004-06-11 16:43:38 759,296 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll + 2008-04-13 15:33:50 759,296 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll - 2004-06-11 16:43:38 115,200 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmoe.dll + 2008-04-13 15:33:50 115,200 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmoe.dll - 2004-06-11 16:43:38 1,119,744 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll + 2008-04-13 15:33:50 1,119,744 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll - 2004-06-11 16:43:38 484,864 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmod.dll + 2008-04-13 15:33:50 485,376 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmod.dll - 2004-06-11 16:43:38 896,512 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmoe.dll + 2008-04-13 15:33:50 897,024 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmoe.dll - 2004-06-11 16:43:38 303,616 -c--a-w C:\WINDOWS\system32\dllcache\wmstream.dll + 2008-04-13 15:33:50 303,616 -c--a-w C:\WINDOWS\system32\dllcache\wmstream.dll - 2004-06-11 16:43:52 2,105,344 -c--a-w C:\WINDOWS\system32\dllcache\wmvcore.dll + 2008-04-13 15:34:40 2,109,440 -c--a-w C:\WINDOWS\system32\dllcache\wmvcore.dll - 2004-06-11 16:43:38 809,984 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll + 2008-04-13 15:33:50 809,984 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll - 2004-06-11 16:43:38 1,001,472 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll + 2008-04-13 15:33:50 1,001,472 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll - 2004-06-11 16:43:46 114,688 -c--a-w C:\WINDOWS\system32\dllcache\wscript.exe + 2008-05-08 11:24:44 155,648 -c----w C:\WINDOWS\system32\dllcache\wscript.exe - 2004-06-11 16:43:38 65,536 -c--a-w C:\WINDOWS\system32\dllcache\wshext.dll + 2008-05-09 10:55:00 90,112 -c----w C:\WINDOWS\system32\dllcache\wshext.dll - 2005-05-26 00:16:30 467,224 -c--a-w C:\WINDOWS\system32\dllcache\wuapi.dll + 2007-07-30 15:19:36 549,720 -c--a-w C:\WINDOWS\system32\dllcache\wuapi.dll - 2005-05-26 00:16:30 125,720 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe + 2007-07-30 15:19:16 53,080 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe - 2005-05-26 00:16:30 1,343,768 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll + 2007-07-30 15:19:42 1,712,984 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll - 2005-05-26 00:16:32 128,792 -c--a-w C:\WINDOWS\system32\dllcache\wucltui.dll + 2007-07-30 15:19:32 325,976 -c--a-w C:\WINDOWS\system32\dllcache\wucltui.dll - 2005-05-26 00:16:30 41,240 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll + 2007-07-30 15:18:40 33,624 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll - 2005-05-26 00:16:30 173,536 -c--a-w C:\WINDOWS\system32\dllcache\wuweb.dll + 2007-07-30 15:19:28 203,096 -c--a-w C:\WINDOWS\system32\dllcache\wuweb.dll - 2004-06-11 16:43:40 5,120 ----a-w C:\WINDOWS\system32\dllhost.exe + 2008-04-13 15:34:02 5,120 ----a-w C:\WINDOWS\system32\dllhost.exe - 2004-06-11 16:43:40 225,280 ----a-w C:\WINDOWS\system32\dmadmin.exe + 2008-04-13 15:34:02 225,280 ----a-w C:\WINDOWS\system32\dmadmin.exe - 2004-06-11 16:43:20 28,672 ----a-w C:\WINDOWS\system32\dmband.dll + 2008-04-13 15:33:24 28,672 ----a-w C:\WINDOWS\system32\dmband.dll - 2004-06-11 16:43:20 61,440 ----a-w C:\WINDOWS\system32\dmcompos.dll + 2008-04-13 15:33:24 61,440 ----a-w C:\WINDOWS\system32\dmcompos.dll - 2001-08-28 13:00:00 273,920 ----a-w C:\WINDOWS\system32\dmdlgs.dll + 2008-04-13 15:33:24 285,184 ----a-w C:\WINDOWS\system32\dmdlgs.dll - 2004-06-11 16:43:20 200,704 ----a-w C:\WINDOWS\system32\dmdskmgr.dll + 2008-04-13 15:33:24 200,704 ----a-w C:\WINDOWS\system32\dmdskmgr.dll - 2004-06-11 16:43:20 181,248 ----a-w C:\WINDOWS\system32\dmime.dll + 2008-04-13 15:33:24 181,248 ----a-w C:\WINDOWS\system32\dmime.dll - 2004-06-11 16:43:20 35,840 ----a-w C:\WINDOWS\system32\dmloader.dll + 2008-04-13 15:33:24 35,840 ----a-w C:\WINDOWS\system32\dmloader.dll - 2004-06-11 16:43:40 15,872 ----a-w C:\WINDOWS\system32\dmremote.exe + 2008-04-13 15:34:02 15,872 ----a-w C:\WINDOWS\system32\dmremote.exe - 2004-06-11 16:43:20 82,432 ----a-w C:\WINDOWS\system32\dmscript.dll + 2008-04-13 15:33:24 82,432 ----a-w C:\WINDOWS\system32\dmscript.dll - 2004-06-11 16:43:20 24,576 ----a-w C:\WINDOWS\system32\dmserver.dll + 2008-04-13 15:33:24 24,576 ----a-w C:\WINDOWS\system32\dmserver.dll - 2004-06-11 16:43:20 105,984 ----a-w C:\WINDOWS\system32\dmstyle.dll + 2008-04-13 15:33:24 105,984 ----a-w C:\WINDOWS\system32\dmstyle.dll - 2004-06-11 16:43:20 103,424 ----a-w C:\WINDOWS\system32\dmsynth.dll + 2008-04-13 15:33:24 103,424 ----a-w C:\WINDOWS\system32\dmsynth.dll - 2004-06-11 16:43:20 104,448 ----a-w C:\WINDOWS\system32\dmusic.dll + 2008-04-13 15:33:24 104,448 ----a-w C:\WINDOWS\system32\dmusic.dll - 2004-06-11 16:53:30 58,880 ----a-w C:\WINDOWS\system32\dmutil.dll + 2008-04-13 15:33:24 58,880 ----a-w C:\WINDOWS\system32\dmutil.dll - 2004-06-11 16:43:20 149,504 ----a-w C:\WINDOWS\system32\dnsapi.dll + 2008-06-20 17:47:22 147,968 ----a-w C:\WINDOWS\system32\dnsapi.dll - 2004-06-11 16:43:20 46,080 ----a-w C:\WINDOWS\system32\dnsrslvr.dll + 2008-04-13 15:33:24 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll - 2004-06-11 16:43:20 48,640 ----a-w C:\WINDOWS\system32\docprop2.dll + 2008-04-13 15:33:24 48,640 ----a-w C:\WINDOWS\system32\docprop2.dll + 2008-04-13 15:33:24 26,112 ------w C:\WINDOWS\system32\dot3api.dll + 2008-04-13 15:33:24 60,928 ------w C:\WINDOWS\system32\dot3cfg.dll + 2008-04-13 15:33:24 9,216 ------w C:\WINDOWS\system32\dot3dlg.dll + 2008-04-13 15:33:24 39,936 ------w C:\WINDOWS\system32\dot3gpclnt.dll + 2008-04-13 15:33:24 56,832 ------w C:\WINDOWS\system32\dot3msm.dll + 2008-04-13 15:33:24 133,120 ------w C:\WINDOWS\system32\dot3svc.dll + 2008-04-13 15:33:24 651,264 ------w C:\WINDOWS\system32\dot3ui.dll - 2004-06-11 16:43:12 104,960 ----a-w C:\WINDOWS\system32\dpcdll.dll + 2008-04-13 15:32:26 103,424 ----a-w C:\WINDOWS\system32\dpcdll.dll - 2004-06-11 16:43:40 30,208 ----a-w C:\WINDOWS\system32\dplaysvr.exe + 2008-04-13 15:34:02 29,696 ----a-w C:\WINDOWS\system32\dplaysvr.exe - 2004-06-11 16:43:20 229,888 ----a-w C:\WINDOWS\system32\dplayx.dll + 2008-04-13 15:33:24 229,888 ----a-w C:\WINDOWS\system32\dplayx.dll - 2004-06-11 16:43:20 23,552 ----a-w C:\WINDOWS\system32\dpmodemx.dll + 2008-04-13 15:33:24 24,064 ----a-w C:\WINDOWS\system32\dpmodemx.dll - 2004-06-11 16:42:22 3,584 ----a-w C:\WINDOWS\system32\dpnaddr.dll + 2008-04-13 15:31:16 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll - 2004-06-11 16:43:20 375,296 ----a-w C:\WINDOWS\system32\dpnet.dll + 2008-04-13 15:33:24 375,296 ----a-w C:\WINDOWS\system32\dpnet.dll - 2004-06-11 16:43:20 34,816 ----a-w C:\WINDOWS\system32\dpnhpast.dll + 2008-04-13 15:33:24 35,328 ----a-w C:\WINDOWS\system32\dpnhpast.dll - 2004-06-11 16:43:20 60,928 ----a-w C:\WINDOWS\system32\dpnhupnp.dll + 2008-04-13 15:33:24 60,928 ----a-w C:\WINDOWS\system32\dpnhupnp.dll - 2004-06-11 16:42:22 3,584 ----a-w C:\WINDOWS\system32\dpnlobby.dll + 2008-04-13 15:31:16 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll - 2004-06-11 16:43:40 18,432 ----a-w C:\WINDOWS\system32\dpnsvr.exe + 2008-04-13 15:34:02 18,432 ----a-w C:\WINDOWS\system32\dpnsvr.exe - 2004-06-11 16:43:20 21,504 ----a-w C:\WINDOWS\system32\dpvacm.dll + 2008-04-13 15:33:24 21,504 ----a-w C:\WINDOWS\system32\dpvacm.dll - 2004-06-11 16:43:20 213,504 ----a-w C:\WINDOWS\system32\dpvoice.dll + 2008-04-13 15:33:24 213,504 ----a-w C:\WINDOWS\system32\dpvoice.dll - 2004-06-11 16:43:40 83,456 ----a-w C:\WINDOWS\system32\dpvsetup.exe + 2008-04-13 15:34:02 83,456 ----a-w C:\WINDOWS\system32\dpvsetup.exe - 2004-06-11 16:43:20 116,736 ----a-w C:\WINDOWS\system32\dpvvox.dll + 2008-04-13 15:33:24 116,736 ----a-w C:\WINDOWS\system32\dpvvox.dll - 2004-06-11 16:43:20 57,856 ----a-w C:\WINDOWS\system32\dpwsockx.dll + 2008-04-13 15:33:24 57,344 ----a-w C:\WINDOWS\system32\dpwsockx.dll - 2001-08-28 13:00:00 60,928 ----a-w C:\WINDOWS\system32\driverquery.exe + 2008-04-13 15:34:02 65,536 ----a-w C:\WINDOWS\system32\driverquery.exe - 2004-06-11 16:30:02 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys + 2008-04-13 14:52:44 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys + 2008-04-13 15:33:20 4,255 ------w C:\WINDOWS\system32\drivers\adv01nt5.dll + 2008-04-13 15:33:20 3,967 ------w C:\WINDOWS\system32\drivers\adv02nt5.dll + 2008-04-13 15:33:20 3,615 ------w C:\WINDOWS\system32\drivers\adv05nt5.dll + 2008-04-13 15:33:20 3,647 ------w C:\WINDOWS\system32\drivers\adv07nt5.dll + 2008-04-13 15:33:20 3,135 ------w C:\WINDOWS\system32\drivers\adv08nt5.dll + 2008-04-13 15:33:20 3,711 ------w C:\WINDOWS\system32\drivers\adv09nt5.dll + 2008-04-13 15:33:20 3,775 ------w C:\WINDOWS\system32\drivers\adv11nt5.dll - 2004-06-10 11:55:16 142,464 ----a-w C:\WINDOWS\system32\drivers\aec.sys + 2008-04-13 05:39:24 142,592 ----a-w C:\WINDOWS\system32\drivers\aec.sys + 2008-04-13 07:36:40 42,368 ------w C:\WINDOWS\system32\drivers\agp440.sys + 2008-04-13 07:36:40 44,928 ------w C:\WINDOWS\system32\drivers\agpcpq.sys + 2008-04-13 07:36:40 42,752 ------w C:\WINDOWS\system32\drivers\alim1541.sys + 2008-04-13 07:36:40 43,008 ------w C:\WINDOWS\system32\drivers\amdagp.sys - 2004-06-11 16:53:30 41,216 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys + 2008-04-13 14:54:30 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys - 2004-06-11 16:53:30 41,600 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys + 2008-04-13 14:54:30 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys - 2004-06-11 16:53:30 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys + 2008-04-13 07:51:26 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys - 2004-06-10 16:23:28 14,464 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys + 2008-04-13 07:57:28 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys - 2004-06-10 16:18:12 95,360 ----a-w C:\WINDOWS\system32\drivers\atapi.sys + 2008-04-13 07:40:32 96,512 ----a-w C:\WINDOWS\system32\drivers\atapi.sys + 2008-04-13 05:34:18 56,623 ------w C:\WINDOWS\system32\drivers\ati1btxx.sys + 2008-04-13 05:34:18 11,615 ------w C:\WINDOWS\system32\drivers\ati1mdxx.sys + 2008-04-13 05:34:18 12,047 ------w C:\WINDOWS\system32\drivers\ati1pdxx.sys + 2008-04-13 05:34:18 30,671 ------w C:\WINDOWS\system32\drivers\ati1raxx.sys + 2008-04-13 05:34:18 63,663 ------w C:\WINDOWS\system32\drivers\ati1rvxx.sys + 2008-04-13 05:34:18 26,367 ------w C:\WINDOWS\system32\drivers\ati1snxx.sys + 2008-04-13 05:34:18 21,343 ------w C:\WINDOWS\system32\drivers\ati1ttxx.sys + 2008-04-13 05:34:18 36,463 ------w C:\WINDOWS\system32\drivers\ati1tuxx.sys + 2008-04-13 05:34:20 29,455 ------w C:\WINDOWS\system32\drivers\ati1xbxx.sys + 2008-04-13 05:34:20 34,735 ------w C:\WINDOWS\system32\drivers\ati1xsxx.sys + 2008-04-13 14:55:32 327,168 ------w C:\WINDOWS\system32\drivers\ati2mtaa.sys + 2008-04-13 14:55:34 701,440 ------w C:\WINDOWS\system32\drivers\ati2mtag.sys + 2008-04-13 05:34:18 57,856 ------w C:\WINDOWS\system32\drivers\atinbtxx.sys + 2008-04-13 05:34:18 13,824 ------w C:\WINDOWS\system32\drivers\atinmdxx.sys + 2008-04-13 05:34:18 14,336 ------w C:\WINDOWS\system32\drivers\atinpdxx.sys + 2008-04-13 05:34:18 52,224 ------w C:\WINDOWS\system32\drivers\atinraxx.sys + 2008-04-13 05:34:18 104,960 ------w C:\WINDOWS\system32\drivers\atinrvxx.sys + 2008-04-13 05:34:18 28,672 ------w C:\WINDOWS\system32\drivers\atinsnxx.sys + 2008-04-13 05:34:18 13,824 ------w C:\WINDOWS\system32\drivers\atinttxx.sys + 2008-04-13 05:34:18 73,216 ------w C:\WINDOWS\system32\drivers\atintuxx.sys + 2008-04-13 05:34:20 31,744 ------w C:\WINDOWS\system32\drivers\atinxbxx.sys + 2008-04-13 05:34:20 63,488 ------w C:\WINDOWS\system32\drivers\atinxsxx.sys - 2004-06-10 16:17:18 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys + 2008-04-13 07:51:26 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys - 2004-06-10 16:17:20 55,936 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys + 2008-04-13 07:51:32 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys + 2008-04-13 15:33:20 21,183 ------w C:\WINDOWS\system32\drivers\atv01nt5.dll + 2008-04-13 15:33:20 11,359 ------w C:\WINDOWS\system32\drivers\atv02nt5.dll + 2008-04-13 15:33:20 25,471 ------w C:\WINDOWS\system32\drivers\atv04nt5.dll + 2008-04-13 15:33:20 14,143 ------w C:\WINDOWS\system32\drivers\atv06nt5.dll + 2008-04-13 15:33:20 17,279 ------w C:\WINDOWS\system32\drivers\atv10nt5.dll + 2008-01-21 14:12:56 41,792 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys + 2008-01-21 14:11:28 22,336 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys + 2008-03-04 09:28:53 79,424 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys - 2004-06-10 16:18:30 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys + 2008-04-13 07:53:24 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys + 2008-04-13 07:46:34 17,024 ------w C:\WINDOWS\system32\drivers\bthenum.sys + 2008-04-13 07:46:34 37,888 ------w C:\WINDOWS\system32\drivers\bthmodem.sys + 2008-04-13 07:51:36 101,120 ------w C:\WINDOWS\system32\drivers\bthpan.sys + 2008-04-13 07:46:32 36,480 ------w C:\WINDOWS\system32\drivers\bthprint.sys + 2008-04-13 07:46:30 18,944 ------w C:\WINDOWS\system32\drivers\bthusb.sys - 2004-06-10 16:30:56 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys + 2008-04-13 08:14:22 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys - 2004-06-10 16:18:22 49,536 ----a-w C:\WINDOWS\system32\drivers\cdrom.sys + 2008-04-13 07:40:48 62,976 ----a-w C:\WINDOWS\system32\drivers\cdrom.sys + 2008-04-13 15:33:22 15,423 ------w C:\WINDOWS\system32\drivers\ch7xxnt5.dll - 2004-06-10 16:31:00 49,792 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys + 2008-04-13 08:16:24 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys - 2004-06-11 16:53:30 40,704 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys + 2008-04-13 15:02:48 40,960 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys - 2004-06-10 16:18:22 36,352 ----a-w C:\WINDOWS\system32\drivers\disk.sys + 2008-04-13 07:40:48 36,352 ----a-w C:\WINDOWS\system32\drivers\disk.sys - 2004-06-10 16:18:20 14,208 ----a-w C:\WINDOWS\system32\drivers\diskdump.sys + 2008-04-13 07:40:46 14,208 ----a-w C:\WINDOWS\system32\drivers\diskdump.sys - 2004-06-11 16:36:38 800,384 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys + 2008-04-13 15:05:08 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys - 2004-06-11 16:36:44 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys + 2008-04-13 15:05:14 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys - 2004-06-10 12:24:14 52,864 ----a-w C:\WINDOWS\system32\drivers\DMusic.sys + 2008-04-13 07:45:02 52,864 ----a-w C:\WINDOWS\system32\drivers\dmusic.sys - 2004-06-10 12:24:40 60,288 ----a-w C:\WINDOWS\system32\drivers\drmk.sys + 2008-04-13 07:45:16 60,160 ----a-w C:\WINDOWS\system32\drivers\drmk.sys - 2004-06-10 12:24:40 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys + 2008-04-13 07:45:14 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys - 2004-06-10 16:18:44 71,040 ----a-w C:\WINDOWS\system32\drivers\dxg.sys + 2008-04-13 07:38:30 71,168 ----a-w C:\WINDOWS\system32\drivers\dxg.sys - 2004-06-10 16:31:00 142,720 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys + 2008-04-13 08:14:30 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys - 2004-06-10 16:18:06 27,264 ----a-w C:\WINDOWS\system32\drivers\fdc.sys + 2008-04-13 07:40:26 27,392 ----a-w C:\WINDOWS\system32\drivers\fdc.sys - 2001-08-28 13:00:00 35,072 ----a-w C:\WINDOWS\system32\drivers\fips.sys + 2008-04-13 14:57:40 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys - 2004-06-10 16:18:06 20,480 ----a-w C:\WINDOWS\system32\drivers\flpydisk.sys + 2008-04-13 07:40:26 20,480 ----a-w C:\WINDOWS\system32\drivers\flpydisk.sys - 2004-06-10 16:19:44 124,032 ----a-w C:\WINDOWS\system32\drivers\fltMgr.sys + 2008-04-13 07:33:00 129,792 ----a-w C:\WINDOWS\system32\drivers\fltmgr.sys + 2008-04-13 07:36:42 46,464 ------w C:\WINDOWS\system32\drivers\gagp30kx.sys - 2004-04-26 11:31:14 135,168 ------w C:\WINDOWS\system32\drivers\Hdaudbus.sys + 2008-04-13 05:36:06 144,384 ------w C:\WINDOWS\system32\drivers\hdaudbus.sys + 2008-04-13 14:59:56 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys - 2004-06-10 16:24:56 36,352 ----a-w C:\WINDOWS\system32\drivers\hidclass.sys + 2008-04-13 07:45:28 36,864 ----a-w C:\WINDOWS\system32\drivers\hidclass.sys + 2008-04-13 07:45:28 19,200 ------w C:\WINDOWS\system32\drivers\hidir.sys - 2004-06-10 16:24:52 24,960 ----a-w C:\WINDOWS\system32\drivers\hidparse.sys + 2008-04-13 07:45:24 24,960 ----a-w C:\WINDOWS\system32\drivers\hidparse.sys - 2001-08-17 22:02:20 9,600 ----a-w C:\WINDOWS\system32\drivers\hidusb.sys + 2008-04-13 07:45:28 10,368 ----a-w C:\WINDOWS\system32\drivers\hidusb.sys + 2008-04-13 07:23:50 220,032 ------w C:\WINDOWS\system32\drivers\hsfbs2s2.sys + 2008-04-13 07:23:52 685,056 ------w C:\WINDOWS\system32\drivers\hsfcxts2.sys + 2008-04-13 07:23:54 1,041,536 ------w C:\WINDOWS\system32\drivers\hsfdpsp2.sys - 2004-06-10 16:18:48 263,168 ----a-w C:\WINDOWS\system32\drivers\http.sys + 2008-04-13 07:53:54 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys - 2004-06-11 16:35:24 54,528 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys + 2008-04-13 15:00:54 54,144 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys - 2004-06-10 16:18:38 41,856 ----a-w C:\WINDOWS\system32\drivers\imapi.sys + 2008-04-13 07:41:00 42,112 ----a-w C:\WINDOWS\system32\drivers\imapi.sys + 2008-08-10 10:25:24 79,760 ----a-w C:\WINDOWS\system32\drivers\inspect.sys - 2004-06-11 16:37:00 40,320 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys + 2008-04-13 15:03:28 40,576 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys - 2004-06-10 16:18:36 29,056 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys + 2008-04-13 07:53:36 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys - 2004-06-10 16:23:14 20,992 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys + 2008-04-13 07:57:08 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys - 2004-06-10 16:23:18 134,784 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys + 2008-04-13 07:57:16 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys - 2004-06-10 16:31:02 77,952 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys + 2008-04-13 08:19:44 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys + 2008-04-13 07:45:36 46,592 ------w C:\WINDOWS\system32\drivers\irbus.sys - 2004-06-10 16:19:22 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys + 2008-04-13 07:54:30 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys - 2001-08-23 12:58:06 36,224 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys + 2008-04-13 15:04:36 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys - 2004-06-11 16:37:52 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys + 2008-04-13 15:05:16 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys - 2004-06-10 12:24:32 171,776 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys + 2008-04-13 07:45:10 172,416 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys - 2004-06-10 12:31:44 140,928 ----a-w C:\WINDOWS\system32\drivers\ks.sys + 2008-04-13 08:16:38 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys - 2004-06-10 16:18:32 92,032 ----a-w C:\WINDOWS\system32\drivers\ksecdd.sys + 2008-04-13 07:31:44 92,288 ----a-w C:\WINDOWS\system32\drivers\ksecdd.sys + 2008-04-13 07:23:58 11,868 ------w C:\WINDOWS\system32\drivers\mdmxsdk.sys - 2004-06-11 16:53:30 63,744 ----a-w C:\WINDOWS\system32\drivers\mf.sys + 2008-04-13 07:36:42 63,744 ----a-w C:\WINDOWS\system32\drivers\mf.sys - 2004-06-11 16:53:30 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys + 2008-04-13 14:53:06 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys - 2004-06-11 16:53:30 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys + 2008-04-13 14:53:20 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys - 2004-06-10 16:17:18 41,216 ----a-w C:\WINDOWS\system32\drivers\mountmgr.sys + 2008-04-13 07:39:48 42,368 ----a-w C:\WINDOWS\system32\drivers\mountmgr.sys - 2004-06-10 16:17:06 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys + 2008-04-13 07:39:46 92,544 ----a-w C:\WINDOWS\system32\drivers\mqac.sys - 2004-06-10 16:19:28 181,760 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys + 2008-04-13 07:32:46 180,608 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys - 2004-06-10 16:31:20 451,712 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys + 2008-04-13 08:17:02 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys - 2004-06-10 16:19:10 19,072 ----a-w C:\WINDOWS\system32\drivers\msfs.sys + 2008-04-13 07:32:40 19,072 ----a-w C:\WINDOWS\system32\drivers\msfs.sys - 2004-06-10 16:22:34 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys + 2008-04-13 07:56:34 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys - 2004-06-10 12:17:26 7,552 ----a-w C:\WINDOWS\system32\drivers\MSKSSRV.sys + 2008-04-13 07:39:54 7,552 ----a-w C:\WINDOWS\system32\drivers\mskssrv.sys - 2004-06-10 12:17:24 5,376 ----a-w C:\WINDOWS\system32\drivers\MSPCLOCK.sys + 2008-04-13 07:39:52 5,376 ----a-w C:\WINDOWS\system32\drivers\mspclock.sys - 2004-06-10 12:17:26 4,992 ----a-w C:\WINDOWS\system32\drivers\MSPQM.sys + 2008-04-13 07:39:52 4,992 ----a-w C:\WINDOWS\system32\drivers\mspqm.sys - 2004-06-11 16:53:30 15,488 ----a-w C:\WINDOWS\system32\drivers\mssmbios.sys + 2008-04-13 07:36:48 15,488 ----a-w C:\WINDOWS\system32\drivers\mssmbios.sys + 2008-04-13 07:23:42 126,686 ------w C:\WINDOWS\system32\drivers\mtlmnt5.sys + 2008-04-13 07:23:40 1,309,184 ------w C:\WINDOWS\system32\drivers\mtlstrm.sys + 2008-04-13 05:34:28 452,736 ------w C:\WINDOWS\system32\drivers\mtxparhm.sys - 2004-06-10 16:31:22 109,952 ----a-w C:\WINDOWS\system32\drivers\mup.sys + 2008-04-13 08:17:06 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys + 2008-04-13 07:43:56 12,672 ------w C:\WINDOWS\system32\drivers\mutohpen.sys - 2004-06-10 16:31:02 183,040 ----a-w C:\WINDOWS\system32\drivers\ndis.sys + 2008-04-13 08:20:38 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys - 2001-08-28 13:00:00 9,600 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys + 2008-04-13 07:57:28 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys - 2004-06-11 16:53:30 12,800 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys + 2008-04-13 07:56:00 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys - 2004-06-10 16:31:04 91,904 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys + 2008-04-13 08:20:44 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys - 2001-08-28 13:00:00 38,016 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys + 2008-04-13 07:57:30 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys - 2004-06-10 16:21:52 34,560 ----a-w C:\WINDOWS\system32\drivers\netbios.sys + 2008-04-13 07:56:04 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys - 2004-06-10 16:31:08 162,304 ----a-w C:\WINDOWS\system32\drivers\netbt.sys + 2008-04-13 08:21:02 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys - 2004-06-11 16:53:30 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys + 2008-04-13 07:51:26 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys - 2004-06-10 16:18:24 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys + 2008-04-13 07:53:10 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys - 2004-06-10 16:19:14 30,848 ----a-w C:\WINDOWS\system32\drivers\npfs.sys + 2008-04-13 07:32:40 30,848 ----a-w C:\WINDOWS\system32\drivers\npfs.sys - 2004-06-10 16:31:16 573,440 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys + 2008-04-13 08:15:54 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys + 2008-04-13 07:23:42 180,360 ------w C:\WINDOWS\system32\drivers\ntmtlfax.sys - 2004-06-10 16:22:06 88,448 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys + 2008-04-13 07:56:08 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys - 2004-06-10 16:20:54 163,584 ----a-w C:\WINDOWS\system32\drivers\nwrdr.sys + 2008-04-13 07:34:14 163,584 ----a-w C:\WINDOWS\system32\drivers\nwrdr.sys - 2004-06-11 16:53:30 46,720 ----a-w C:\WINDOWS\system32\drivers\p3.sys + 2008-04-13 15:09:38 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys - 2004-06-11 16:53:30 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys + 2008-04-13 15:09:42 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys - 2001-08-28 13:00:00 18,688 ----a-w C:\WINDOWS\system32\drivers\partmgr.sys + 2008-04-13 07:40:50 19,712 ----a-w C:\WINDOWS\system32\drivers\partmgr.sys - 2004-06-11 16:31:40 68,352 ----a-w C:\WINDOWS\system32\drivers\pci.sys + 2008-04-13 15:09:48 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys - 2004-06-10 16:18:12 25,088 ----a-w C:\WINDOWS\system32\drivers\pciidex.sys + 2008-04-13 07:40:30 24,960 ----a-w C:\WINDOWS\system32\drivers\pciidex.sys - 2004-06-11 16:31:42 120,320 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys + 2008-04-13 15:09:54 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys - 2004-03-15 14:41:52 135,040 ----a-w C:\WINDOWS\system32\drivers\portcls.sys + 2008-04-13 08:19:42 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys - 2004-06-11 16:53:30 39,552 ----a-w C:\WINDOWS\system32\drivers\processr.sys + 2008-04-13 14:55:32 40,064 ----a-w C:\WINDOWS\system32\drivers\processr.sys - 2004-06-10 16:22:40 68,608 ----a-w C:\WINDOWS\system32\drivers\psched.sys + 2008-04-13 07:56:40 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys - 2004-06-10 16:31:00 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys + 2008-04-13 08:19:44 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys - 2004-06-10 16:23:30 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys + 2008-04-13 07:57:34 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys - 2004-06-10 16:31:02 48,512 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys + 2008-04-13 08:19:50 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys - 2004-06-10 16:33:58 177,152 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys + 2008-04-13 08:28:40 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys - 2004-06-10 12:19:40 197,376 ----a-w C:\WINDOWS\system32\drivers\rdpdr.sys + 2008-04-13 07:32:52 196,224 ----a-w C:\WINDOWS\system32\drivers\rdpdr.sys - 2004-06-11 16:43:58 127,880 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys + 2008-04-13 15:34:56 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys + 2008-04-13 07:23:44 13,776 ------w C:\WINDOWS\system32\drivers\recagent.sys - 2004-06-11 16:33:32 58,496 ----a-w C:\WINDOWS\system32\drivers\redbook.sys + 2008-04-13 14:57:36 58,752 ----a-w C:\WINDOWS\system32\drivers\redbook.sys + 2008-04-13 07:46:34 59,136 ------w C:\WINDOWS\system32\drivers\rfcomm.sys - 2001-08-28 13:00:00 200,064 ----a-w C:\WINDOWS\system32\drivers\RMCast.sys + 2008-05-08 14:02:52 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys - 2004-06-10 16:22:52 30,080 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys + 2008-04-13 07:56:50 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys + 2008-04-13 07:56:50 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys + 2008-04-13 05:34:34 166,912 ------w C:\WINDOWS\system32\drivers\s3gnbm.sys - 2004-06-10 16:18:12 96,256 ----a-w C:\WINDOWS\system32\drivers\scsiport.sys + 2008-04-13 07:40:32 96,384 ----a-w C:\WINDOWS\system32\drivers\scsiport.sys - 2004-06-10 16:26:06 67,584 ----a-w C:\WINDOWS\system32\drivers\sdbus.sys + 2008-04-13 07:36:46 79,232 ----a-w C:\WINDOWS\system32\drivers\sdbus.sys - 2006-11-26 08:46:14 11,973 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys + 2008-04-13 05:39:16 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys - 2004-06-10 16:17:50 15,488 ----a-w C:\WINDOWS\system32\drivers\serenum.sys + 2008-04-13 07:40:14 15,744 ----a-w C:\WINDOWS\system32\drivers\serenum.sys - 2004-06-11 16:34:56 66,304 ----a-w C:\WINDOWS\system32\drivers\serial.sys + 2008-04-13 15:00:10 66,048 ----a-w C:\WINDOWS\system32\drivers\serial.sys - 2004-06-10 16:18:22 11,136 ----a-w C:\WINDOWS\system32\drivers\sffdisk.sys + 2008-04-13 07:40:48 11,904 ----a-w C:\WINDOWS\system32\drivers\sffdisk.sys + 2008-04-13 07:40:50 10,240 ------w C:\WINDOWS\system32\drivers\sffp_mmc.sys - 2004-06-10 16:18:22 10,112 ----a-w C:\WINDOWS\system32\drivers\sffp_sd.sys + 2008-04-13 07:40:48 11,008 ----a-w C:\WINDOWS\system32\drivers\sffp_sd.sys - 2004-06-10 16:18:22 11,392 ----a-w C:\WINDOWS\system32\drivers\sfloppy.sys + 2008-04-13 07:40:50 11,392 ----a-w C:\WINDOWS\system32\drivers\sfloppy.sys + 2008-04-13 15:33:42 3,901 ------w C:\WINDOWS\system32\drivers\siint5.dll + 2008-04-13 07:36:40 40,960 ------w C:\WINDOWS\system32\drivers\sisagp.sys + 2008-04-13 07:23:44 129,535 ------w C:\WINDOWS\system32\drivers\slnt7554.sys + 2008-04-13 07:23:46 404,990 ------w C:\WINDOWS\system32\drivers\slntamr.sys + 2008-04-13 07:23:48 95,424 ------w C:\WINDOWS\system32\drivers\slnthal.sys + 2008-04-13 07:23:48 13,240 ------w C:\WINDOWS\system32\drivers\slwdmsup.sys + 2008-04-13 07:36:36 5,888 ------w C:\WINDOWS\system32\drivers\smbali.sys - 2004-06-11 16:53:30 25,472 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys + 2008-04-13 07:46:08 25,344 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys - 2004-06-10 12:24:28 6,400 ----a-w C:\WINDOWS\system32\drivers\splitter.sys + 2008-04-13 07:45:08 6,272 ----a-w C:\WINDOWS\system32\drivers\splitter.sys - 2004-06-11 16:38:08 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys + 2008-04-13 15:10:04 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys - 2004-06-10 16:31:16 334,976 ----a-w C:\WINDOWS\system32\drivers\srv.sys + 2008-04-13 08:15:12 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys + 2007-03-01 06:34:22 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys - 2004-06-10 12:24:42 48,640 ----a-w C:\WINDOWS\system32\drivers\stream.sys + 2008-04-13 07:45:16 49,408 ----a-w C:\WINDOWS\system32\drivers\stream.sys - 2004-06-11 16:53:30 4,352 ----a-w C:\WINDOWS\system32\drivers\swenum.sys + 2008-04-13 07:39:54 4,352 ----a-w C:\WINDOWS\system32\drivers\swenum.sys - 2001-08-17 18:00:52 54,272 ----a-w C:\WINDOWS\system32\drivers\swmidi.sys + 2008-04-13 07:45:10 56,576 ----a-w C:\WINDOWS\system32\drivers\swmidi.sys - 2004-06-10 12:32:02 60,672 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys + 2008-04-13 08:15:56 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys - 2004-06-10 16:18:26 14,976 ----a-w C:\WINDOWS\system32\drivers\tape.sys + 2008-04-13 07:40:52 14,976 ----a-w C:\WINDOWS\system32\drivers\tape.sys - 2004-06-10 16:26:30 18,560 ----a-w C:\WINDOWS\system32\drivers\tdi.sys + 2008-04-13 08:00:06 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys - 2004-06-11 16:43:58 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys + 2008-04-13 15:34:54 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys - 2004-06-11 16:43:58 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys + 2008-04-13 15:34:54 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys - 2004-06-11 12:43:58 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys + 2008-04-13 15:34:54 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys - 2004-06-11 16:53:30 12,416 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys + 2008-04-13 07:56:02 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys - 2004-06-10 16:25:46 44,672 ----a-w C:\WINDOWS\system32\drivers\UAGP35.SYS + 2008-04-13 07:36:42 44,672 ----a-w C:\WINDOWS\system32\drivers\uagp35.sys - 2004-06-10 16:19:02 66,176 ----a-w C:\WINDOWS\system32\drivers\udfs.sys + 2008-04-13 07:32:38 66,048 ----a-w C:\WINDOWS\system32\drivers\udfs.sys - 2004-06-10 16:17:20 199,040 ----a-w C:\WINDOWS\system32\drivers\update.sys + 2008-04-13 07:39:48 384,768 ----a-w C:\WINDOWS\system32\drivers\update.sys - 2004-06-10 16:22:52 12,672 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys + 2008-04-13 07:56:50 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys + 2008-04-13 07:56:50 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys - 2001-08-28 13:00:00 23,808 ----a-w C:\WINDOWS\system32\drivers\usbcamd.sys + 2008-04-13 07:45:42 25,600 ----a-w C:\WINDOWS\system32\drivers\usbcamd.sys - 2001-08-28 13:00:00 23,936 ----a-w C:\WINDOWS\system32\drivers\usbcamd2.sys + 2008-04-13 07:45:42 25,728 ----a-w C:\WINDOWS\system32\drivers\usbcamd2.sys - 2004-06-10 12:25:06 31,616 ----a-w C:\WINDOWS\system32\drivers\usbccgp.sys + 2008-04-13 07:45:40 32,128 ----a-w C:\WINDOWS\system32\drivers\usbccgp.sys - 2004-06-10 16:25:04 26,624 ----a-w C:\WINDOWS\system32\drivers\usbehci.sys + 2008-04-13 07:45:36 30,208 ----a-w C:\WINDOWS\system32\drivers\usbehci.sys - 2004-06-10 16:25:04 57,600 ----a-w C:\WINDOWS\system32\drivers\usbhub.sys + 2008-04-13 07:45:38 59,520 ----a-w C:\WINDOWS\system32\drivers\usbhub.sys - 2004-06-11 16:53:30 16,000 ----a-w C:\WINDOWS\system32\drivers\usbintel.sys + 2008-04-13 07:45:44 15,872 ----a-w C:\WINDOWS\system32\drivers\usbintel.sys - 2004-06-10 16:25:04 142,976 ----a-w C:\WINDOWS\system32\drivers\usbport.sys + 2008-04-13 07:45:38 143,872 ----a-w C:\WINDOWS\system32\drivers\usbport.sys - 2004-06-10 12:19:36 25,856 ----a-w C:\WINDOWS\system32\drivers\usbprint.sys + 2008-04-13 07:47:38 25,856 ----a-w C:\WINDOWS\system32\drivers\usbprint.sys - 2004-06-10 12:17:26 15,104 ----a-w C:\WINDOWS\system32\drivers\usbscan.sys + 2008-04-13 07:45:36 15,104 ----a-w C:\WINDOWS\system32\drivers\usbscan.sys - 2004-06-10 12:25:06 26,496 ----a-w C:\WINDOWS\system32\drivers\USBSTOR.SYS + 2008-04-13 07:45:40 26,368 ----a-w C:\WINDOWS\system32\drivers\usbstor.sys - 2004-06-10 16:25:04 20,480 ----a-w C:\WINDOWS\system32\drivers\usbuhci.sys + 2008-04-13 07:45:36 20,608 ----a-w C:\WINDOWS\system32\drivers\usbuhci.sys + 2008-04-13 07:46:22 121,984 ------w C:\WINDOWS\system32\drivers\usbvideo.sys + 2008-04-13 15:33:50 11,325 ------w C:\WINDOWS\system32\drivers\vchnt5.dll - 2004-06-10 16:23:34 20,992 ----a-w C:\WINDOWS\system32\drivers\vga.sys + 2008-04-13 07:44:42 20,992 ----a-w C:\WINDOWS\system32\drivers\vga.sys + 2008-04-13 07:36:42 42,240 ------w C:\WINDOWS\system32\drivers\viaagp.sys - 2004-06-10 16:18:12 5,376 ----a-w C:\WINDOWS\system32\drivers\viaide.sys + 2008-04-13 07:40:32 5,376 ----a-w C:\WINDOWS\system32\drivers\viaide.sys - 2004-06-10 16:23:34 79,744 ----a-w C:\WINDOWS\system32\drivers\videoprt.sys + 2008-04-13 07:44:42 81,664 ----a-w C:\WINDOWS\system32\drivers\videoprt.sys - 2004-06-11 16:39:30 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys + 2008-04-13 14:56:06 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys + 2008-04-13 07:43:56 14,208 ------w C:\WINDOWS\system32\drivers\wacompen.sys + 2008-04-13 05:34:28 11,807 ------w C:\WINDOWS\system32\drivers\wadv07nt.sys + 2008-04-13 05:34:28 11,295 ------w C:\WINDOWS\system32\drivers\wadv08nt.sys + 2008-04-13 05:34:28 11,871 ------w C:\WINDOWS\system32\drivers\wadv09nt.sys + 2008-04-13 05:34:30 11,935 ------w C:\WINDOWS\system32\drivers\wadv11nt.sys - 2004-06-10 16:23:22 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys + 2008-04-13 07:57:22 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys + 2008-04-13 05:34:30 22,271 ------w C:\WINDOWS\system32\drivers\watv06nt.sys + 2008-04-13 05:34:30 25,471 ------w C:\WINDOWS\system32\drivers\watv10nt.sys - 2004-06-10 12:31:32 82,560 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys + 2008-04-13 08:17:20 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys - 2004-06-11 16:43:54 299,520 ----a-w C:\WINDOWS\system32\drmclien.dll + 2008-04-13 15:34:42 299,520 ----a-w C:\WINDOWS\system32\drmclien.dll - 2004-06-11 16:43:20 87,040 ----a-w C:\WINDOWS\system32\drmstor.dll + 2008-04-13 15:33:24 87,040 ----a-w C:\WINDOWS\system32\drmstor.dll - 2004-06-11 16:43:52 695,808 ----a-w C:\WINDOWS\system32\drmv2clt.dll + 2008-04-13 15:34:40 695,808 ----a-w C:\WINDOWS\system32\drmv2clt.dll - 2004-06-11 16:43:20 13,824 ----a-w C:\WINDOWS\system32\drprov.dll + 2008-04-13 15:33:24 14,336 ----a-w C:\WINDOWS\system32\drprov.dll - 2004-06-11 16:43:20 16,384 ----a-w C:\WINDOWS\system32\ds32gt.dll + 2008-04-13 15:33:24 16,384 ----a-w C:\WINDOWS\system32\ds32gt.dll - 2004-06-11 16:43:20 181,760 ----a-w C:\WINDOWS\system32\dsdmo.dll + 2008-04-13 15:33:24 181,248 ----a-w C:\WINDOWS\system32\dsdmo.dll - 2004-06-11 16:43:20 72,192 ----a-w C:\WINDOWS\system32\dsdmoprp.dll + 2008-04-13 15:33:24 72,192 ----a-w C:\WINDOWS\system32\dsdmoprp.dll - 2004-06-11 16:43:20 93,696 ----a-w C:\WINDOWS\system32\dskquota.dll + 2008-04-13 15:33:24 93,696 ----a-w C:\WINDOWS\system32\dskquota.dll - 2001-08-28 13:00:00 150,016 ----a-w C:\WINDOWS\system32\dskquoui.dll + 2008-04-13 15:33:24 161,280 ----a-w C:\WINDOWS\system32\dskquoui.dll - 2004-06-11 16:43:20 367,104 ----a-w C:\WINDOWS\system32\dsound.dll + 2008-04-13 15:33:24 367,616 ----a-w C:\WINDOWS\system32\dsound.dll - 2004-06-11 16:43:20 1,294,336 ----a-w C:\WINDOWS\system32\dsound3d.dll + 2008-04-13 15:33:24 1,293,824 ----a-w C:\WINDOWS\system32\dsound3d.dll - 2004-06-11 16:43:20 145,408 ----a-w C:\WINDOWS\system32\dsprop.dll + 2008-04-13 15:33:24 145,920 ----a-w C:\WINDOWS\system32\dsprop.dll - 2004-06-11 16:37:24 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll + 2008-04-13 15:06:30 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll - 2004-06-11 16:43:20 240,640 ----a-w C:\WINDOWS\system32\dsquery.dll + 2008-04-13 15:33:24 240,640 ----a-w C:\WINDOWS\system32\dsquery.dll - 2004-06-11 16:43:20 52,736 ----a-w C:\WINDOWS\system32\dssec.dll + 2008-04-13 15:33:24 52,736 ----a-w C:\WINDOWS\system32\dssec.dll - 2004-06-10 15:45:38 137,216 ----a-w C:\WINDOWS\system32\dssenh.dll + 2008-04-13 06:37:58 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll - 2004-06-11 16:43:20 113,664 ----a-w C:\WINDOWS\system32\dsuiext.dll + 2008-04-13 15:33:24 113,664 ----a-w C:\WINDOWS\system32\dsuiext.dll - 2004-06-11 16:43:20 18,944 ----a-w C:\WINDOWS\system32\dswave.dll + 2008-04-13 15:33:24 19,456 ----a-w C:\WINDOWS\system32\dswave.dll - 2004-06-11 16:43:40 10,752 ----a-w C:\WINDOWS\system32\dumprep.exe + 2008-04-13 15:34:02 10,752 ----a-w C:\WINDOWS\system32\dumprep.exe - 2004-06-11 16:43:20 303,104 ----a-w C:\WINDOWS\system32\duser.dll + 2008-04-13 15:33:24 304,128 ----a-w C:\WINDOWS\system32\duser.dll - 2004-06-11 16:43:40 17,920 ----a-w C:\WINDOWS\system32\dvdupgrd.exe + 2008-04-13 15:34:02 17,920 ----a-w C:\WINDOWS\system32\dvdupgrd.exe - 2004-06-11 16:43:40 180,224 ----a-w C:\WINDOWS\system32\dwwin.exe + 2008-04-13 15:34:02 180,224 ----a-w C:\WINDOWS\system32\dwwin.exe - 2004-06-11 16:43:20 619,008 ----a-w C:\WINDOWS\system32\dx7vb.dll + 2008-04-13 15:33:24 619,008 ----a-w C:\WINDOWS\system32\dx7vb.dll - 2004-06-11 16:43:22 1,227,264 ----a-w C:\WINDOWS\system32\dx8vb.dll + 2008-04-13 15:33:24 1,227,264 ----a-w C:\WINDOWS\system32\dx8vb.dll - 2004-06-11 16:43:40 1,298,432 ----a-w C:\WINDOWS\system32\dxdiag.exe + 2008-04-13 15:34:02 1,298,432 ----a-w C:\WINDOWS\system32\dxdiag.exe - 2004-06-11 16:43:22 2,113,536 ----a-w C:\WINDOWS\system32\dxdiagn.dll + 2008-04-13 15:33:24 2,113,536 ----a-w C:\WINDOWS\system32\dxdiagn.dll - 2004-06-11 16:43:22 499,741 ----a-w C:\WINDOWS\system32\dxmasf.dll + 2008-04-13 15:33:24 500,278 ----a-w C:\WINDOWS\system32\dxmasf.dll - 2004-06-11 16:43:22 358,912 ----a-w C:\WINDOWS\system32\dxtmsft.dll + 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll - 2004-06-11 16:43:22 205,824 ----a-w C:\WINDOWS\system32\dxtrans.dll + 2008-04-23 04:16:39 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll + 2008-04-13 15:33:24 30,720 ------w C:\WINDOWS\system32\eapolqec.dll + 2008-04-13 15:33:24 184,832 ------w C:\WINDOWS\system32\eapp3hst.dll + 2008-04-13 15:33:24 126,976 ------w C:\WINDOWS\system32\eappcfg.dll + 2008-04-13 15:33:24 94,720 ------w C:\WINDOWS\system32\eappgnui.dll + 2008-04-13 15:33:24 180,736 ------w C:\WINDOWS\system32\eapphost.dll + 2008-04-13 15:33:24 40,960 ------w C:\WINDOWS\system32\eappprxy.dll + 2008-04-13 15:33:24 59,392 ------w C:\WINDOWS\system32\eapqec.dll + 2008-04-13 15:33:24 33,792 ------w C:\WINDOWS\system32\eapsvc.dll - 2004-06-11 16:43:22 27,136 ----a-w C:\WINDOWS\system32\efsadu.dll + 2008-04-13 15:33:24 27,136 ----a-w C:\WINDOWS\system32\efsadu.dll - 2004-06-11 16:43:22 187,392 ----a-w C:\WINDOWS\system32\els.dll + 2008-04-13 15:33:24 187,392 ----a-w C:\WINDOWS\system32\els.dll - 2004-06-11 16:43:22 20,480 ----a-w C:\WINDOWS\system32\encapi.dll + 2008-04-13 15:33:24 20,480 ----a-w C:\WINDOWS\system32\encapi.dll - 2004-06-11 16:43:22 186,368 ----a-w C:\WINDOWS\system32\encdec.dll + 2008-04-13 15:33:24 186,880 ----a-w C:\WINDOWS\system32\encdec.dll - 2004-06-11 16:43:22 23,040 ----a-w C:\WINDOWS\system32\ersvc.dll + 2008-04-13 15:33:26 23,040 ----a-w C:\WINDOWS\system32\ersvc.dll - 2004-06-11 16:43:22 338,432 ----a-w C:\WINDOWS\system32\es.dll + 2008-04-13 15:33:26 246,272 ----a-w C:\WINDOWS\system32\es.dll - 2004-06-11 16:43:22 1,105,408 ----a-w C:\WINDOWS\system32\esent.dll + 2008-04-13 15:33:26 1,097,728 ----a-w C:\WINDOWS\system32\esent.dll - 2004-06-11 16:43:42 195,072 ----a-w C:\WINDOWS\system32\eudcedit.exe + 2008-04-13 15:34:02 195,072 ----a-w C:\WINDOWS\system32\eudcedit.exe - 2004-06-11 16:43:42 52,736 ----a-w C:\WINDOWS\system32\eventcreate.exe + 2008-04-13 15:34:02 53,248 ----a-w C:\WINDOWS\system32\eventcreate.exe - 2004-06-11 16:43:22 55,808 ----a-w C:\WINDOWS\system32\eventlog.dll + 2008-04-13 15:33:26 56,320 ----a-w C:\WINDOWS\system32\eventlog.dll - 2001-08-28 13:00:00 81,408 ----a-w C:\WINDOWS\system32\eventtriggers.exe + 2008-04-13 15:34:04 86,528 ----a-w C:\WINDOWS\system32\eventtriggers.exe - 2004-06-11 16:43:22 380,957 ----a-w C:\WINDOWS\system32\expsrv.dll + 2008-04-13 15:33:26 380,445 ----a-w C:\WINDOWS\system32\expsrv.dll - 2004-06-11 16:43:22 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll + 2008-04-23 04:16:39 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll - 2004-06-11 16:43:42 45,568 ----a-w C:\WINDOWS\system32\extrac32.exe + 2008-04-13 15:34:06 24,064 ----a-w C:\WINDOWS\system32\extrac32.exe - 2001-08-28 13:00:00 121,856 ----a-w C:\WINDOWS\system32\exts.dll + 2008-04-13 15:33:26 125,952 ----a-w C:\WINDOWS\system32\exts.dll - 2004-06-11 16:43:22 80,896 ----a-w C:\WINDOWS\system32\faultrep.dll + 2008-04-13 15:33:26 80,896 ----a-w C:\WINDOWS\system32\faultrep.dll + 2008-04-13 15:34:06 20,992 ------w C:\WINDOWS\system32\faxpatch.exe - 2001-08-28 13:00:00 119,296 ----a-w C:\WINDOWS\system32\fde.dll + 2008-04-13 15:33:26 126,464 ----a-w C:\WINDOWS\system32\fde.dll - 2004-06-11 16:43:22 75,776 ----a-w C:\WINDOWS\system32\fdeploy.dll + 2008-04-13 15:33:26 76,288 ----a-w C:\WINDOWS\system32\fdeploy.dll - 2004-06-11 16:43:22 21,504 ----a-w C:\WINDOWS\system32\feclient.dll + 2008-04-13 15:33:26 21,504 ----a-w C:\WINDOWS\system32\feclient.dll - 2004-06-11 16:43:22 348,160 ----a-w C:\WINDOWS\system32\filemgmt.dll + 2008-04-13 15:33:26 348,160 ----a-w C:\WINDOWS\system32\filemgmt.dll - 2004-06-11 16:43:42 29,184 ----a-w C:\WINDOWS\system32\findstr.exe + 2008-04-13 15:34:06 29,184 ----a-w C:\WINDOWS\system32\findstr.exe - 2004-06-11 16:43:22 88,064 ----a-w C:\WINDOWS\system32\fldrclnr.dll + 2008-04-13 15:33:26 88,064 ----a-w C:\WINDOWS\system32\fldrclnr.dll - 2004-06-11 16:43:22 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll + 2008-04-13 15:33:26 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll - 2004-06-11 16:43:42 22,528 ----a-w C:\WINDOWS\system32\fltMc.exe + 2008-04-13 15:34:06 23,040 ----a-w C:\WINDOWS\system32\fltmc.exe - 2008-06-28 13:17:16 292,480 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT + 2008-08-11 14:08:32 309,992 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT - 2004-06-11 16:43:22 386,560 ----a-w C:\WINDOWS\system32\fontext.dll + 2008-04-13 15:33:26 386,560 ----a-w C:\WINDOWS\system32\fontext.dll - 2001-08-28 13:00:00 79,360 ----a-w C:\WINDOWS\system32\fontsub.dll + 2008-04-13 15:33:26 80,896 ----a-w C:\WINDOWS\system32\fontsub.dll - 2004-06-11 16:43:42 21,504 ----a-w C:\WINDOWS\system32\fontview.exe + 2008-04-13 15:34:06 21,504 ----a-w C:\WINDOWS\system32\fontview.exe - 2001-08-28 13:00:00 7,168 ----a-w C:\WINDOWS\system32\forcedos.exe + 2008-04-13 15:34:06 7,680 ----a-w C:\WINDOWS\system32\forcedos.exe - 2001-08-28 13:00:00 25,600 ----a-w C:\WINDOWS\system32\format.com + 2008-04-13 15:34:32 29,696 ----a-w C:\WINDOWS\system32\format.com + 2008-04-13 15:33:30 28,672 ------w C:\WINDOWS\system32\fr\microsoft.managementconsole.resources.dll + 2008-04-13 15:33:32 36,864 ------w C:\WINDOWS\system32\fr\mmcex.resources.dll + 2008-04-13 15:33:32 5,120 ------w C:\WINDOWS\system32\fr\mmcfxcommon.resources.dll - 2004-06-11 16:42:24 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll + 2008-04-13 15:31:24 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll - 2004-06-11 16:43:42 193,024 ----a-w C:\WINDOWS\system32\fsquirt.exe + 2008-04-13 15:34:06 193,024 ----a-w C:\WINDOWS\system32\fsquirt.exe - 2004-06-11 16:43:42 46,080 ----a-w C:\WINDOWS\system32\ftp.exe + 2008-04-13 15:34:06 46,080 ----a-w C:\WINDOWS\system32\ftp.exe - 2004-06-11 16:43:22 59,392 ----a-w C:\WINDOWS\system32\fwcfg.dll + 2008-04-13 15:33:26 60,416 ----a-w C:\WINDOWS\system32\fwcfg.dll - 2004-06-11 16:43:22 270,848 ----a-w C:\WINDOWS\system32\gdi32.dll + 2008-04-13 15:33:26 285,184 ----a-w C:\WINDOWS\system32\gdi32.dll - 2001-08-28 13:00:00 57,344 ----a-w C:\WINDOWS\system32\getmac.exe + 2008-04-13 15:34:06 61,952 ----a-w C:\WINDOWS\system32\getmac.exe - 2004-06-11 16:43:22 123,904 ----a-w C:\WINDOWS\system32\glu32.dll + 2008-04-13 15:33:26 123,904 ----a-w C:\WINDOWS\system32\glu32.dll - 2004-06-11 16:43:22 577,536 ----a-w C:\WINDOWS\system32\gpedit.dll + 2008-04-13 15:33:26 577,536 ----a-w C:\WINDOWS\system32\gpedit.dll - 2004-06-11 16:43:42 123,392 ----a-w C:\WINDOWS\system32\gpresult.exe + 2008-04-13 15:34:06 124,416 ----a-w C:\WINDOWS\system32\gpresult.exe - 2004-06-11 16:43:22 201,216 ----a-w C:\WINDOWS\system32\gptext.dll + 2008-04-13 15:33:28 202,240 ----a-w C:\WINDOWS\system32\gptext.dll - 2001-08-28 13:00:00 37,888 ----a-w C:\WINDOWS\system32\grpconv.exe + 2008-04-13 15:34:06 39,424 ----a-w C:\WINDOWS\system32\grpconv.exe - 2004-06-11 16:43:22 614,912 ----a-w C:\WINDOWS\system32\h323msp.dll + 2008-04-13 15:33:28 614,912 ----a-w C:\WINDOWS\system32\h323msp.dll - 2004-06-10 16:17:50 132,096 ----a-w C:\WINDOWS\system32\hal.dll + 2008-04-13 07:31:30 131,840 ----a-w C:\WINDOWS\system32\HAL.DLL - 2004-06-11 16:43:22 7,168 ----a-w C:\WINDOWS\system32\hccoin.dll + 2008-04-13 15:33:28 7,168 ----a-w C:\WINDOWS\system32\hccoin.dll - 2001-08-28 13:00:00 16,384 ----a-w C:\WINDOWS\system32\help.exe + 2008-04-13 15:34:06 17,408 ----a-w C:\WINDOWS\system32\help.exe - 2004-06-11 16:43:24 38,912 ----a-w C:\WINDOWS\system32\hhsetup.dll + 2008-04-13 15:33:28 41,472 ----a-w C:\WINDOWS\system32\hhsetup.dll - 2004-06-11 16:53:30 23,552 ----a-w C:\WINDOWS\system32\hid.dll + 2008-04-13 15:33:28 20,992 ----a-w C:\WINDOWS\system32\hid.dll - 2001-08-28 13:00:00 77,850 ----a-w C:\WINDOWS\system32\hlink.dll + 2008-04-13 15:33:28 72,704 ----a-w C:\WINDOWS\system32\hlink.dll - 2004-06-11 16:43:24 346,112 ----a-w C:\WINDOWS\system32\hnetcfg.dll + 2008-04-13 15:33:28 347,136 ----a-w C:\WINDOWS\system32\hnetcfg.dll - 2004-06-11 16:43:24 336,384 ----a-w C:\WINDOWS\system32\hnetwiz.dll + 2008-04-13 15:33:28 336,384 ----a-w C:\WINDOWS\system32\hnetwiz.dll - 2004-06-11 16:43:24 146,944 ----a-w C:\WINDOWS\system32\hotplug.dll + 2008-04-13 15:33:28 146,944 ----a-w C:\WINDOWS\system32\hotplug.dll + 2008-04-13 15:33:28 32,285 ------w C:\WINDOWS\system32\hsfcisp2.dll - 2004-06-11 16:43:24 24,576 ----a-w C:\WINDOWS\system32\httpapi.dll + 2008-04-13 15:33:28 24,576 ----a-w C:\WINDOWS\system32\httpapi.dll - 2004-06-11 16:43:24 43,008 ----a-w C:\WINDOWS\system32\htui.dll + 2008-04-13 15:33:28 43,008 ----a-w C:\WINDOWS\system32\htui.dll - 2004-06-11 16:43:24 351,744 ----a-w C:\WINDOWS\system32\hypertrm.dll + 2008-04-13 15:33:28 354,304 ----a-w C:\WINDOWS\system32\hypertrm.dll - 2004-06-11 16:43:24 119,808 ----a-w C:\WINDOWS\system32\iasrad.dll + 2008-04-13 15:33:28 119,808 ----a-w C:\WINDOWS\system32\iasrad.dll - 2004-06-11 16:43:24 11,264 ----a-w C:\WINDOWS\system32\icaapi.dll + 2008-04-13 15:33:28 11,264 ----a-w C:\WINDOWS\system32\icaapi.dll + 2008-04-23 04:16:39 63,488 ----a-w C:\WINDOWS\system32\icardie.dll - 2004-06-11 16:43:24 80,384 ----a-w C:\WINDOWS\system32\iccvid.dll + 2008-04-13 15:33:28 80,384 ----a-w C:\WINDOWS\system32\iccvid.dll - 2004-06-11 16:43:24 253,952 ----a-w C:\WINDOWS\system32\icm32.dll + 2008-04-13 15:33:28 254,976 ----a-w C:\WINDOWS\system32\icm32.dll - 2004-06-11 16:42:24 3,584 ----a-w C:\WINDOWS\system32\icmp.dll + 2008-04-13 15:31:32 3,584 ----a-w C:\WINDOWS\system32\icmp.dll - 2004-06-11 16:43:24 69,632 ----a-w C:\WINDOWS\system32\icwdial.dll + 2008-04-13 15:33:28 73,728 ----a-w C:\WINDOWS\system32\icwdial.dll - 2004-06-11 16:43:24 65,536 ----a-w C:\WINDOWS\system32\icwphbk.dll + 2008-04-13 15:33:28 65,536 ----a-w C:\WINDOWS\system32\icwphbk.dll + 2006-06-29 04:05:44 26,112 ------w C:\WINDOWS\system32\idndl.dll - 2004-06-11 16:43:24 121,856 ----a-w C:\WINDOWS\system32\idq.dll + 2008-04-13 15:33:28 121,856 ----a-w C:\WINDOWS\system32\idq.dll - 2004-06-11 16:43:42 33,280 ----a-w C:\WINDOWS\system32\ie4uinit.exe + 2008-04-22 07:41:08 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe - 2004-06-11 16:43:24 139,264 ----a-w C:\WINDOWS\system32\ieakeng.dll + 2008-04-23 04:16:39 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll - 2004-06-11 16:43:24 221,696 ----a-w C:\WINDOWS\system32\ieaksie.dll + 2008-04-23 04:16:39 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll - 2001-08-28 13:00:00 245,760 ----a-w C:\WINDOWS\system32\ieakui.dll + 2008-04-20 05:07:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll + 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\system32\ieapfltr.dat + 2008-04-23 04:16:39 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll - 2004-06-11 16:43:24 319,488 ----a-w C:\WINDOWS\system32\iedkcs32.dll + 2008-04-23 04:16:39 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll - 2004-06-11 16:43:24 81,920 ----a-w C:\WINDOWS\system32\ieencode.dll + 2008-04-13 15:33:28 81,920 ----a-w C:\WINDOWS\system32\ieencode.dll + 2008-04-23 04:16:39 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll - 2004-06-11 16:43:24 247,296 ----a-w C:\WINDOWS\system32\iepeers.dll + 2007-08-13 14:54:10 191,488 ----a-w C:\WINDOWS\system32\iepeers.dll - 2004-06-11 16:43:24 26,624 ----a-w C:\WINDOWS\system32\iernonce.dll + 2008-04-23 04:16:39 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll + 2008-04-23 04:16:39 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll - 2004-06-11 16:43:24 62,976 ----a-w C:\WINDOWS\system32\iesetup.dll + 2007-08-13 14:39:12 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll + 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe + 2007-08-13 14:54:10 180,736 ------w C:\WINDOWS\system32\ieui.dll - 2004-06-11 16:43:42 114,688 ----a-w C:\WINDOWS\system32\iexpress.exe + 2008-04-13 15:34:08 114,688 ----a-w C:\WINDOWS\system32\iexpress.exe - 2004-06-11 16:43:24 142,848 ----a-w C:\WINDOWS\system32\ifmon.dll + 2008-04-13 15:33:28 142,848 ----a-w C:\WINDOWS\system32\ifmon.dll - 2004-06-11 16:43:24 8,192 ----a-w C:\WINDOWS\system32\igmpagnt.dll + 2008-04-13 15:33:28 8,192 ----a-w C:\WINDOWS\system32\igmpagnt.dll - 2004-06-11 16:43:24 81,920 ----a-w C:\WINDOWS\system32\ils.dll + 2008-04-13 15:33:28 81,920 ----a-w C:\WINDOWS\system32\ils.dll - 2004-06-11 16:43:24 144,384 ----a-w C:\WINDOWS\system32\imagehlp.dll + 2008-04-13 15:33:28 144,384 ----a-w C:\WINDOWS\system32\imagehlp.dll - 2004-06-11 16:43:42 150,016 ----a-w C:\WINDOWS\system32\imapi.exe + 2008-04-13 15:34:08 150,528 ----a-w C:\WINDOWS\system32\imapi.exe - 2004-06-11 16:43:24 36,921 ----a-w C:\WINDOWS\system32\imeshare.dll + 2008-04-13 15:33:28 36,921 ----a-w C:\WINDOWS\system32\imeshare.dll - 2004-06-11 16:43:24 34,816 ----a-w C:\WINDOWS\system32\imgutil.dll + 2007-08-13 14:36:06 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll - 2004-06-11 16:43:24 110,080 ----a-w C:\WINDOWS\system32\imm32.dll + 2008-04-13 15:33:28 110,080 ----a-w C:\WINDOWS\system32\imm32.dll - 2004-06-11 16:43:24 282,624 ----a-w C:\WINDOWS\system32\inetcfg.dll + 2008-04-13 15:33:28 282,624 ----a-w C:\WINDOWS\system32\inetcfg.dll - 2004-06-11 16:43:24 678,400 ----a-w C:\WINDOWS\system32\inetcomm.dll + 2008-04-13 15:33:28 691,712 ----a-w C:\WINDOWS\system32\inetcomm.dll - 2004-06-11 16:43:24 33,280 ----a-w C:\WINDOWS\system32\inetmib1.dll + 2008-04-13 15:33:28 32,768 ----a-w C:\WINDOWS\system32\inetmib1.dll - 2004-06-11 16:43:24 74,752 ----a-w C:\WINDOWS\system32\inetpp.dll + 2008-04-13 15:33:28 75,264 ----a-w C:\WINDOWS\system32\inetpp.dll - 2004-06-11 16:43:24 16,384 ----a-w C:\WINDOWS\system32\inetppui.dll + 2008-04-13 15:33:28 16,384 ----a-w C:\WINDOWS\system32\inetppui.dll - 2004-06-11 16:36:36 50,688 ----a-w C:\WINDOWS\system32\inetres.dll + 2008-04-13 15:02:56 50,688 ----a-w C:\WINDOWS\system32\inetres.dll + 2008-04-13 15:33:42 221,696 ------w C:\WINDOWS\system32\inetsrv\seo.dll + 2008-04-13 15:33:42 189,440 ------w C:\WINDOWS\system32\inetsrv\smtpadm.dll + 2008-04-13 15:33:42 2,134,528 ------w C:\WINDOWS\system32\inetsrv\smtpsnap.dll - 2004-06-11 16:43:24 147,456 ----a-w C:\WINDOWS\system32\initpki.dll + 2008-04-13 15:33:28 147,456 ----a-w C:\WINDOWS\system32\initpki.dll - 2004-06-11 16:43:24 126,464 ----a-w C:\WINDOWS\system32\input.dll + 2008-04-13 15:33:28 126,464 ----a-w C:\WINDOWS\system32\input.dll - 2004-06-11 16:43:24 81,408 ----a-w C:\WINDOWS\system32\inseng.dll + 2007-08-13 14:39:02 92,672 ----a-w C:\WINDOWS\system32\inseng.dll - 2004-06-11 16:43:42 58,368 ----a-w C:\WINDOWS\system32\ipconfig.exe + 2008-04-13 15:34:10 58,368 ----a-w C:\WINDOWS\system32\ipconfig.exe - 2004-06-11 16:43:24 95,744 ----a-w C:\WINDOWS\system32\iphlpapi.dll + 2008-04-13 15:33:28 95,744 ----a-w C:\WINDOWS\system32\iphlpapi.dll - 2001-08-28 13:00:00 167,424 ----a-w C:\WINDOWS\system32\ipmontr.dll + 2008-04-13 15:33:28 174,592 ----a-w C:\WINDOWS\system32\ipmontr.dll - 2004-06-11 16:43:24 332,288 ----a-w C:\WINDOWS\system32\ipnathlp.dll + 2008-04-13 15:33:28 332,800 ----a-w C:\WINDOWS\system32\ipnathlp.dll - 2004-06-11 16:43:24 356,352 ----a-w C:\WINDOWS\system32\ippromon.dll + 2008-04-13 15:33:28 355,840 ----a-w C:\WINDOWS\system32\ippromon.dll - 2001-08-28 13:00:00 169,984 ----a-w C:\WINDOWS\system32\iprtrmgr.dll + 2008-04-13 15:33:28 177,152 ----a-w C:\WINDOWS\system32\iprtrmgr.dll - 2004-06-11 16:43:24 361,472 ----a-w C:\WINDOWS\system32\ipsecsnp.dll + 2008-04-13 15:33:28 361,472 ----a-w C:\WINDOWS\system32\ipsecsnp.dll - 2004-06-11 16:43:24 188,416 ----a-w C:\WINDOWS\system32\ipsecsvc.dll + 2008-04-13 15:33:28 185,344 ----a-w C:\WINDOWS\system32\ipsecsvc.dll - 2004-06-11 16:43:24 388,096 ----a-w C:\WINDOWS\system32\ipsmsnap.dll + 2008-04-13 15:33:28 388,096 ----a-w C:\WINDOWS\system32\ipsmsnap.dll - 2004-06-11 16:43:42 53,248 ----a-w C:\WINDOWS\system32\ipv6.exe + 2008-04-13 15:34:10 53,760 ----a-w C:\WINDOWS\system32\ipv6.exe - 2004-06-11 16:43:24 59,392 ----a-w C:\WINDOWS\system32\ipv6mon.dll + 2008-04-13 15:33:28 59,904 ----a-w C:\WINDOWS\system32\ipv6mon.dll - 2004-06-11 16:43:42 24,576 ----a-w C:\WINDOWS\system32\ipxroute.exe + 2008-04-13 15:34:10 24,576 ----a-w C:\WINDOWS\system32\ipxroute.exe - 2001-08-28 13:00:00 20,992 ----a-w C:\WINDOWS\system32\ipxwan.dll + 2008-04-13 15:33:28 22,016 ----a-w C:\WINDOWS\system32\ipxwan.dll - 2004-06-11 16:43:24 120,320 ----a-w C:\WINDOWS\system32\ir41_qc.dll + 2008-04-13 15:33:28 120,320 ----a-w C:\WINDOWS\system32\ir41_qc.dll - 2004-06-11 16:43:24 338,432 ----a-w C:\WINDOWS\system32\ir41_qcx.dll + 2008-04-13 15:33:28 338,432 ----a-w C:\WINDOWS\system32\ir41_qcx.dll - 2004-06-11 16:43:24 755,200 ----a-w C:\WINDOWS\system32\ir50_32.dll + 2008-04-13 15:33:28 755,200 ----a-w C:\WINDOWS\system32\ir50_32.dll - 2004-06-11 16:43:26 200,192 ----a-w C:\WINDOWS\system32\ir50_qc.dll + 2008-04-13 15:33:28 200,192 ----a-w C:\WINDOWS\system32\ir50_qc.dll - 2004-06-11 16:43:26 183,808 ----a-w C:\WINDOWS\system32\ir50_qcx.dll + 2008-04-13 15:33:28 183,808 ----a-w C:\WINDOWS\system32\ir50_qcx.dll - 2004-06-11 16:43:26 86,016 ----a-w C:\WINDOWS\system32\isign32.dll + 2008-04-13 15:33:28 86,016 ----a-w C:\WINDOWS\system32\isign32.dll - 2004-06-11 16:43:26 32,768 ----a-w C:\WINDOWS\system32\isrdbg32.dll + 2008-04-13 15:33:28 32,768 ----a-w C:\WINDOWS\system32\isrdbg32.dll - 2004-06-11 16:43:26 143,872 ----a-w C:\WINDOWS\system32\itircl.dll + 2008-04-13 15:33:28 155,136 ----a-w C:\WINDOWS\system32\itircl.dll - 2004-06-11 16:43:26 122,880 ----a-w C:\WINDOWS\system32\itss.dll + 2008-04-13 15:33:28 138,240 ----a-w C:\WINDOWS\system32\itss.dll - 2004-06-11 16:43:26 54,784 ----a-w C:\WINDOWS\system32\ixsso.dll + 2008-04-13 15:33:28 54,784 ----a-w C:\WINDOWS\system32\ixsso.dll - 2004-06-11 16:53:30 46,592 ----a-w C:\WINDOWS\system32\iyuv_32.dll + 2008-04-13 15:33:28 47,616 ----a-w C:\WINDOWS\system32\iyuv_32.dll - 2008-03-24 21:28:39 135,168 ----a-w C:\WINDOWS\system32\java.exe + 2008-06-09 21:21:01 135,168 ----a-w C:\WINDOWS\system32\java.exe - 2008-03-24 21:28:43 135,168 ----a-w C:\WINDOWS\system32\javaw.exe + 2008-06-09 21:21:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe - 2008-03-24 22:37:01 139,264 ----a-w C:\WINDOWS\system32\javaws.exe + 2008-06-09 22:32:34 139,264 ----a-w C:\WINDOWS\system32\javaws.exe - 2001-08-28 13:00:00 144,896 ----a-w C:\WINDOWS\system32\jgdw400.dll + 2008-04-13 15:33:28 163,840 ----a-w C:\WINDOWS\system32\jgdw400.dll - 2001-08-28 13:00:00 42,496 ----a-w C:\WINDOWS\system32\jgpl400.dll + 2008-04-13 15:33:28 27,648 ----a-w C:\WINDOWS\system32\jgpl400.dll - 2004-06-11 16:43:26 450,560 ----a-w C:\WINDOWS\system32\jscript.dll + 2008-05-09 10:55:00 512,000 ----a-w C:\WINDOWS\system32\jscript.dll - 2004-06-11 16:43:26 15,872 ----a-w C:\WINDOWS\system32\jsproxy.dll + 2008-04-23 04:16:40 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\system32\kbdbhc.dll - 2004-06-11 16:43:12 7,168 ----a-w C:\WINDOWS\system32\kbdfi1.dll + 2008-04-13 15:31:44 7,168 ----a-w C:\WINDOWS\system32\kbdfi1.dll - 2004-06-11 16:42:56 6,144 ----a-w C:\WINDOWS\system32\kbdinbe1.dll + 2008-04-13 15:31:44 6,144 ----a-w C:\WINDOWS\system32\kbdinbe1.dll - 2004-06-11 16:43:04 6,656 ----a-w C:\WINDOWS\system32\kbdinben.dll + 2008-04-13 15:31:44 6,144 ----a-w C:\WINDOWS\system32\kbdinben.dll - 2004-06-11 16:42:52 6,656 ----a-w C:\WINDOWS\system32\kbdinmal.dll + 2008-04-13 15:31:44 6,656 ----a-w C:\WINDOWS\system32\kbdinmal.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\system32\kbdiultn.dll - 2004-06-11 16:43:04 5,632 ----a-w C:\WINDOWS\system32\kbdmaori.dll + 2008-04-13 15:31:44 5,632 ----a-w C:\WINDOWS\system32\kbdmaori.dll - 2004-06-11 16:42:58 6,144 ----a-w C:\WINDOWS\system32\kbdmlt47.dll + 2008-04-13 15:31:44 6,144 ----a-w C:\WINDOWS\system32\kbdmlt47.dll - 2004-06-11 16:43:04 6,144 ----a-w C:\WINDOWS\system32\kbdmlt48.dll + 2008-04-13 15:31:44 6,144 ----a-w C:\WINDOWS\system32\kbdmlt48.dll - 2001-08-28 13:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdnec.dll + 2008-04-13 15:31:44 7,168 ----a-w C:\WINDOWS\system32\kbdnec.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\system32\kbdnepr.dll - 2004-06-11 16:43:10 7,168 ----a-w C:\WINDOWS\system32\kbdno1.dll + 2008-04-13 15:31:44 7,168 ----a-w C:\WINDOWS\system32\kbdno1.dll + 2008-04-13 15:31:44 6,144 ------w C:\WINDOWS\system32\kbdpash.dll - 2004-06-11 16:43:04 7,680 ----a-w C:\WINDOWS\system32\kbdsmsfi.dll + 2008-04-13 15:31:44 7,680 ----a-w C:\WINDOWS\system32\kbdsmsfi.dll - 2004-06-11 16:43:06 7,680 ----a-w C:\WINDOWS\system32\kbdsmsno.dll + 2008-04-13 15:31:44 7,680 ----a-w C:\WINDOWS\system32\kbdsmsno.dll - 2004-06-11 16:42:52 7,168 ----a-w C:\WINDOWS\system32\kbdukx.dll + 2008-04-13 15:31:44 7,168 ----a-w C:\WINDOWS\system32\kbdukx.dll - 2004-06-10 16:18:02 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll + 2008-04-13 07:31:36 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll - 2004-06-11 16:43:26 297,984 ----a-w C:\WINDOWS\system32\kerberos.dll + 2008-04-13 15:33:30 299,520 ----a-w C:\WINDOWS\system32\kerberos.dll - 2004-06-11 16:43:26 1,039,360 ----a-w C:\WINDOWS\system32\kernel32.dll + 2008-04-13 15:33:30 1,054,720 ----a-w C:\WINDOWS\system32\kernel32.dll - 2004-06-11 16:43:26 157,184 ----a-w C:\WINDOWS\system32\keymgr.dll + 2008-04-13 15:33:30 157,184 ----a-w C:\WINDOWS\system32\keymgr.dll + 2008-04-13 15:33:30 61,440 ------w C:\WINDOWS\system32\kmsvc.dll - 2004-06-11 12:43:26 4,096 ----a-w C:\WINDOWS\system32\ksuser.dll + 2008-04-13 15:33:30 4,096 ----a-w C:\WINDOWS\system32\ksuser.dll + 2008-04-13 15:33:30 37,376 ------w C:\WINDOWS\system32\l2gpstore.dll - 2004-06-11 16:43:26 6,656 ----a-w C:\WINDOWS\system32\laprxy.dll + 2008-04-13 15:33:30 6,656 ----a-w C:\WINDOWS\system32\laprxy.dll + 2008-03-20 14:06:36 1,480,232 ------w C:\WINDOWS\system32\LegitCheckControl.dll - 2004-06-11 16:43:26 434,176 ----a-w C:\WINDOWS\system32\licdll.dll + 2008-04-13 15:33:30 424,960 ----a-w C:\WINDOWS\system32\licdll.dll - 2004-06-11 16:43:26 22,528 ----a-w C:\WINDOWS\system32\licmgr10.dll + 2007-08-13 14:44:18 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll - 2004-06-11 16:43:26 67,072 ----a-w C:\WINDOWS\system32\licwmi.dll + 2008-04-13 15:33:30 58,880 ----a-w C:\WINDOWS\system32\licwmi.dll - 2004-06-11 16:43:26 18,944 ----a-w C:\WINDOWS\system32\linkinfo.dll + 2008-04-13 15:33:30 19,968 ----a-w C:\WINDOWS\system32\linkinfo.dll - 2004-06-11 16:43:26 10,752 ----a-w C:\WINDOWS\system32\lmhsvc.dll + 2008-04-13 15:33:30 13,824 ----a-w C:\WINDOWS\system32\lmhsvc.dll - 2004-06-11 16:43:26 399,872 ----a-w C:\WINDOWS\system32\lmrt.dll + 2008-04-13 15:33:30 399,872 ----a-w C:\WINDOWS\system32\lmrt.dll - 2004-06-11 16:43:26 100,352 ----a-w C:\WINDOWS\system32\loadperf.dll + 2008-04-13 15:33:30 100,352 ----a-w C:\WINDOWS\system32\loadperf.dll - 2004-06-11 16:43:26 228,352 ----a-w C:\WINDOWS\system32\localsec.dll + 2008-04-13 15:33:30 228,352 ----a-w C:\WINDOWS\system32\localsec.dll - 2004-06-11 16:43:26 332,288 ----a-w C:\WINDOWS\system32\localspl.dll + 2008-04-13 15:33:30 346,112 ----a-w C:\WINDOWS\system32\localspl.dll - 2004-06-11 16:43:26 11,776 ----a-w C:\WINDOWS\system32\localui.dll + 2008-04-13 15:33:30 11,776 ----a-w C:\WINDOWS\system32\localui.dll - 2004-06-11 16:43:42 75,264 ----a-w C:\WINDOWS\system32\locator.exe + 2008-04-13 15:34:10 75,264 ----a-w C:\WINDOWS\system32\locator.exe - 2004-06-11 16:43:42 103,936 ----a-w C:\WINDOWS\system32\logagent.exe + 2008-04-13 15:34:10 103,936 ----a-w C:\WINDOWS\system32\logagent.exe - 2004-06-11 16:43:42 61,952 ----a-w C:\WINDOWS\system32\logman.exe + 2008-04-13 15:34:10 61,952 ----a-w C:\WINDOWS\system32\logman.exe - 2004-06-11 16:43:48 221,696 ----a-w C:\WINDOWS\system32\logon.scr + 2008-04-13 15:34:34 221,696 ----a-w C:\WINDOWS\system32\logon.scr - 2004-06-11 16:43:42 515,584 ----a-w C:\WINDOWS\system32\logonui.exe + 2008-04-13 15:34:10 515,584 ----a-w C:\WINDOWS\system32\logonui.exe - 2004-06-11 16:43:26 22,016 ----a-w C:\WINDOWS\system32\lpk.dll + 2008-04-13 15:33:30 22,016 ----a-w C:\WINDOWS\system32\lpk.dll - 2004-06-11 16:43:26 10,240 ----a-w C:\WINDOWS\system32\lprhelp.dll + 2008-04-13 15:33:30 10,240 ----a-w C:\WINDOWS\system32\lprhelp.dll - 2004-06-11 16:43:26 730,112 ----a-w C:\WINDOWS\system32\lsasrv.dll + 2008-04-13 15:33:30 734,720 ----a-w C:\WINDOWS\system32\lsasrv.dll - 2004-06-11 16:43:42 13,312 ----a-w C:\WINDOWS\system32\lsass.exe + 2008-04-13 15:34:10 13,312 ----a-w C:\WINDOWS\system32\lsass.exe - 2007-06-11 20:34:40 190,696 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe + 2008-03-25 03:21:20 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe - 2007-10-11 16:42:32 45,218 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe + 2008-08-11 12:48:51 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe - 2004-06-11 16:43:42 73,216 ----a-w C:\WINDOWS\system32\magnify.exe + 2008-04-13 15:34:12 73,216 ----a-w C:\WINDOWS\system32\magnify.exe - 2004-06-11 16:43:42 85,504 ----a-w C:\WINDOWS\system32\makecab.exe + 2008-04-13 15:34:12 57,344 ----a-w C:\WINDOWS\system32\makecab.exe - 2004-06-11 16:43:26 14,336 ----a-w C:\WINDOWS\system32\mcastmib.dll + 2008-04-13 15:33:30 14,336 ----a-w C:\WINDOWS\system32\mcastmib.dll - 2004-06-11 16:43:26 85,504 ----a-w C:\WINDOWS\system32\mciavi32.dll + 2008-04-13 15:33:30 85,504 ----a-w C:\WINDOWS\system32\mciavi32.dll - 2004-06-11 16:43:26 35,328 ----a-w C:\WINDOWS\system32\mciqtz32.dll + 2008-04-13 15:33:30 35,328 ----a-w C:\WINDOWS\system32\mciqtz32.dll - 2004-06-11 16:43:26 23,040 ----a-w C:\WINDOWS\system32\mciseq.dll + 2008-04-13 15:33:30 23,040 ----a-w C:\WINDOWS\system32\mciseq.dll - 2004-06-11 16:43:26 23,552 ----a-w C:\WINDOWS\system32\mciwave.dll + 2008-04-13 15:33:30 23,552 ----a-w C:\WINDOWS\system32\mciwave.dll - 2004-06-11 16:43:26 120,320 ----a-w C:\WINDOWS\system32\mdminst.dll + 2008-04-13 15:33:30 120,320 ----a-w C:\WINDOWS\system32\mdminst.dll + 2008-04-13 15:33:30 86,016 ------w C:\WINDOWS\system32\mdmxsdk.dll - 2004-06-11 16:43:26 39,936 ----a-w C:\WINDOWS\system32\mf3216.dll + 2008-04-13 15:33:30 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll - 2001-08-28 13:00:00 924,432 ----a-w C:\WINDOWS\system32\mfc40u.dll + 2008-04-13 15:33:30 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll - 2004-06-11 16:43:26 1,028,096 ----a-w C:\WINDOWS\system32\mfc42.dll + 2008-04-13 15:33:30 1,028,096 ----a-w C:\WINDOWS\system32\mfc42.dll - 2004-06-11 16:43:26 1,024,000 ----a-w C:\WINDOWS\system32\mfc42u.dll + 2007-04-02 16:14:48 981,760 ----a-w C:\WINDOWS\system32\mfc42u.dll - 2004-06-11 16:43:26 28,160 ----a-w C:\WINDOWS\system32\mfcsubs.dll + 2008-04-13 15:33:30 22,528 ----a-w C:\WINDOWS\system32\mfcsubs.dll - 2004-06-11 16:43:26 14,848 ----a-w C:\WINDOWS\system32\mgmtapi.dll + 2008-04-13 15:33:30 14,848 ----a-w C:\WINDOWS\system32\mgmtapi.dll + 2008-04-13 15:33:30 184,320 ------w C:\WINDOWS\system32\microsoft.managementconsole.dll - 2004-06-11 16:43:26 19,456 ----a-w C:\WINDOWS\system32\midimap.dll + 2008-04-13 15:33:30 18,944 ----a-w C:\WINDOWS\system32\midimap.dll - 2004-06-11 16:43:26 60,928 ----a-w C:\WINDOWS\system32\miglibnt.dll + 2008-04-13 15:33:30 60,928 ----a-w C:\WINDOWS\system32\miglibnt.dll - 2001-08-28 13:00:00 18,944 ----a-w C:\WINDOWS\system32\mimefilt.dll + 2008-04-13 15:33:30 29,696 ----a-w C:\WINDOWS\system32\mimefilt.dll - 2004-06-11 16:43:26 586,240 ----a-w C:\WINDOWS\system32\mlang.dll + 2008-04-13 15:33:30 586,240 ----a-w C:\WINDOWS\system32\mlang.dll - 2004-06-11 16:43:42 816,128 ----a-w C:\WINDOWS\system32\mmc.exe + 2008-04-13 15:34:12 1,415,680 ----a-w C:\WINDOWS\system32\mmc.exe - 2004-06-11 16:43:26 79,872 ----a-w C:\WINDOWS\system32\mmcbase.dll + 2008-04-13 15:33:30 174,080 ----a-w C:\WINDOWS\system32\mmcbase.dll + 2008-04-13 15:33:32 397,312 ------w C:\WINDOWS\system32\mmcex.dll + 2008-04-13 15:33:32 106,496 ------w C:\WINDOWS\system32\mmcfxcommon.dll - 2004-06-11 16:43:26 1,198,080 ----a-w C:\WINDOWS\system32\mmcndmgr.dll + 2008-04-13 15:33:32 1,879,040 ----a-w C:\WINDOWS\system32\mmcndmgr.dll + 2008-04-13 15:34:12 33,792 ------w C:\WINDOWS\system32\mmcperf.exe - 2004-06-11 16:43:26 50,688 ----a-w C:\WINDOWS\system32\mmcshext.dll + 2008-04-13 15:33:32 61,440 ----a-w C:\WINDOWS\system32\mmcshext.dll - 2004-06-11 16:43:26 17,920 ----a-w C:\WINDOWS\system32\mmfutil.dll + 2008-04-13 15:33:32 17,920 ----a-w C:\WINDOWS\system32\mmfutil.dll - 2004-06-11 16:43:26 34,560 ----a-w C:\WINDOWS\system32\mnmdd.dll + 2008-04-13 15:33:32 34,560 ----a-w C:\WINDOWS\system32\mnmdd.dll - 2004-06-11 16:43:42 32,768 ----a-w C:\WINDOWS\system32\mnmsrvc.exe + 2008-04-13 15:34:12 32,768 ----a-w C:\WINDOWS\system32\mnmsrvc.exe - 2004-06-11 16:43:26 210,432 ----a-w C:\WINDOWS\system32\mobsync.dll + 2008-04-13 15:33:32 210,432 ----a-w C:\WINDOWS\system32\mobsync.dll - 2004-06-11 16:43:42 144,384 ----a-w C:\WINDOWS\system32\mobsync.exe + 2008-04-13 15:34:12 143,872 ----a-w C:\WINDOWS\system32\mobsync.exe - 2004-06-11 16:43:26 156,160 ----a-w C:\WINDOWS\system32\modemui.dll + 2008-04-13 15:33:32 156,160 ----a-w C:\WINDOWS\system32\modemui.dll - 2001-08-28 13:00:00 15,872 ----a-w C:\WINDOWS\system32\more.com + 2008-04-13 15:34:32 16,896 ----a-w C:\WINDOWS\system32\more.com - 2004-06-10 15:57:38 216,064 ----a-w C:\WINDOWS\system32\moricons.dll + 2008-04-13 05:45:32 216,064 ----a-w C:\WINDOWS\system32\moricons.dll - 2004-06-11 16:43:28 310,272 ----a-w C:\WINDOWS\system32\mp43dmod.dll + 2008-04-13 15:33:32 310,272 ----a-w C:\WINDOWS\system32\mp43dmod.dll - 2004-06-11 16:43:28 384,512 ----a-w C:\WINDOWS\system32\mp4sdmod.dll + 2008-04-13 15:33:32 384,512 ----a-w C:\WINDOWS\system32\mp4sdmod.dll - 2004-06-11 16:43:28 240,640 ----a-w C:\WINDOWS\system32\mpg4dmod.dll + 2008-04-13 15:33:32 240,640 ----a-w C:\WINDOWS\system32\mpg4dmod.dll - 2004-06-11 16:43:44 124,928 ----a-w C:\WINDOWS\system32\mplay32.exe + 2008-04-13 15:34:14 124,928 ----a-w C:\WINDOWS\system32\mplay32.exe - 2004-06-11 16:43:28 59,904 ----a-w C:\WINDOWS\system32\mpr.dll + 2008-04-13 15:33:32 59,904 ----a-w C:\WINDOWS\system32\mpr.dll - 2004-06-11 16:43:28 87,552 ----a-w C:\WINDOWS\system32\mprapi.dll + 2008-04-13 15:33:32 87,040 ----a-w C:\WINDOWS\system32\mprapi.dll - 2001-08-28 13:00:00 49,152 ----a-w C:\WINDOWS\system32\mprdim.dll + 2008-04-13 15:33:32 53,248 ----a-w C:\WINDOWS\system32\mprdim.dll - 2004-06-11 16:43:28 138,240 ----a-w C:\WINDOWS\system32\mqad.dll + 2008-04-13 15:33:32 138,240 ----a-w C:\WINDOWS\system32\mqad.dll - 2004-06-11 16:43:44 19,968 ----a-w C:\WINDOWS\system32\mqbkup.exe + 2008-04-13 15:34:14 19,968 ----a-w C:\WINDOWS\system32\mqbkup.exe - 2004-06-11 16:43:28 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll + 2008-04-13 15:33:32 47,616 ----a-w C:\WINDOWS\system32\mqdscli.dll - 2004-06-11 16:43:28 16,896 ----a-w C:\WINDOWS\system32\mqise.dll + 2008-04-13 15:33:32 16,896 ----a-w C:\WINDOWS\system32\mqise.dll - 2004-06-11 16:43:28 89,088 ----a-w C:\WINDOWS\system32\mqlogmgr.dll + 2008-04-13 15:33:32 89,088 ----a-w C:\WINDOWS\system32\mqlogmgr.dll - 2004-06-11 16:43:28 225,280 ----a-w C:\WINDOWS\system32\mqoa.dll + 2008-04-13 15:33:32 225,280 ----a-w C:\WINDOWS\system32\mqoa.dll - 2004-06-11 16:43:28 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll + 2008-04-13 15:33:32 663,040 ----a-w C:\WINDOWS\system32\mqqm.dll - 2004-06-11 16:43:28 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll + 2008-04-13 15:33:32 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll - 2004-06-11 16:43:28 123,392 ----a-w C:\WINDOWS\system32\mqrtdep.dll + 2008-04-13 15:33:32 123,904 ----a-w C:\WINDOWS\system32\mqrtdep.dll - 2004-06-11 16:43:28 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll + 2008-04-13 15:33:32 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll - 2004-06-11 16:43:28 517,632 ----a-w C:\WINDOWS\system32\mqsnap.dll + 2008-04-13 15:33:32 517,632 ----a-w C:\WINDOWS\system32\mqsnap.dll - 2004-06-11 16:43:44 4,608 ----a-w C:\WINDOWS\system32\mqsvc.exe + 2008-04-13 15:34:14 4,608 ----a-w C:\WINDOWS\system32\mqsvc.exe - 2004-06-11 16:43:44 116,736 ----a-w C:\WINDOWS\system32\mqtgsvc.exe + 2008-04-13 15:34:14 117,248 ----a-w C:\WINDOWS\system32\mqtgsvc.exe - 2004-06-11 16:43:28 186,880 ----a-w C:\WINDOWS\system32\mqtrig.dll + 2008-04-13 15:33:32 187,392 ----a-w C:\WINDOWS\system32\mqtrig.dll - 2004-06-11 16:43:28 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll + 2008-04-13 15:33:32 49,152 ----a-w C:\WINDOWS\system32\mqupgrd.dll - 2004-06-11 16:43:28 527,360 ----a-w C:\WINDOWS\system32\mqutil.dll + 2008-04-13 15:33:32 527,360 ----a-w C:\WINDOWS\system32\mqutil.dll + 2008-06-25 05:15:48 17,972,344 ----a-w C:\WINDOWS\system32\MRT.exe - 2004-06-11 16:43:28 72,704 ----a-w C:\WINDOWS\system32\msacm32.dll + 2008-04-13 15:33:32 72,192 ----a-w C:\WINDOWS\system32\msacm32.dll - 2004-06-11 16:42:28 3,584 ----a-w C:\WINDOWS\system32\msafd.dll + 2008-04-13 15:31:52 3,584 ----a-w C:\WINDOWS\system32\msafd.dll - 2004-06-11 16:43:28 80,640 ----a-w C:\WINDOWS\system32\msapsspc.dll + 2008-04-13 15:33:32 86,016 ----a-w C:\WINDOWS\system32\msapsspc.dll - 2004-06-11 16:43:28 57,344 ----a-w C:\WINDOWS\system32\msasn1.dll + 2008-04-13 15:33:32 57,344 ----a-w C:\WINDOWS\system32\msasn1.dll - 2004-06-11 16:43:28 72,192 ----a-w C:\WINDOWS\system32\mscms.dll + 2008-04-13 15:33:32 73,728 ----a-w C:\WINDOWS\system32\mscms.dll - 2004-06-11 16:43:28 69,632 ----a-w C:\WINDOWS\system32\msconf.dll + 2008-04-13 15:33:32 69,632 ----a-w C:\WINDOWS\system32\msconf.dll - 2004-06-10 15:42:38 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dLL + 2008-04-13 06:26:08 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll - 2004-06-11 16:43:28 36,864 ----a-w C:\WINDOWS\system32\mscpxl32.dLL + 2008-04-13 15:33:32 36,864 ----a-w C:\WINDOWS\system32\mscpxl32.dll - 2004-06-11 16:43:28 293,888 ----a-w C:\WINDOWS\system32\MSCTF.dll + 2008-04-13 15:33:32 297,984 ----a-w C:\WINDOWS\system32\msctf.dll - 2004-06-11 16:43:28 69,120 ----a-w C:\WINDOWS\system32\MSCTFP.dll + 2008-04-13 15:33:32 68,608 ----a-w C:\WINDOWS\system32\msctfp.dll - 2004-06-11 16:43:28 118,784 ----a-w C:\WINDOWS\system32\msdadiag.dll + 2008-04-13 15:33:32 118,784 ----a-w C:\WINDOWS\system32\msdadiag.dll - 2004-06-11 16:43:28 151,552 ----a-w C:\WINDOWS\system32\msdart.dll + 2008-04-13 15:33:32 151,552 ----a-w C:\WINDOWS\system32\msdart.dll - 2004-06-11 16:43:28 14,336 ----a-w C:\WINDOWS\system32\msdmo.dll + 2008-04-13 15:33:32 14,336 ----a-w C:\WINDOWS\system32\msdmo.dll - 2004-06-11 16:43:44 6,656 ----a-w C:\WINDOWS\system32\msdtc.exe + 2008-04-13 15:34:14 6,144 ----a-w C:\WINDOWS\system32\msdtc.exe - 2004-06-11 16:43:28 86,016 ----a-w C:\WINDOWS\system32\msdtclog.dll + 2008-04-13 15:33:32 58,880 ----a-w C:\WINDOWS\system32\msdtclog.dll - 2004-06-11 16:43:28 624,128 ----a-w C:\WINDOWS\system32\msdtcprx.dll + 2008-04-13 15:33:32 427,008 ----a-w C:\WINDOWS\system32\msdtcprx.dll - 2004-06-11 16:43:28 1,554,432 ----a-w C:\WINDOWS\system32\msdtctm.dll + 2008-04-13 15:33:32 956,928 ----a-w C:\WINDOWS\system32\msdtctm.dll - 2004-06-11 16:43:28 161,280 ----a-w C:\WINDOWS\system32\msdtcuiu.dll + 2008-04-13 15:33:32 161,792 ----a-w C:\WINDOWS\system32\msdtcuiu.dll - 2004-06-11 16:42:28 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll + 2008-04-13 15:31:54 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll - 2004-06-11 16:43:28 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll + 2007-04-02 01:47:44 518,944 ----a-w C:\WINDOWS\system32\msexch40.dll - 2004-06-11 16:43:28 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll + 2007-04-02 01:48:00 326,432 ----a-w C:\WINDOWS\system32\msexcl40.dll + 2008-04-23 04:16:40 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll + 2008-04-23 04:16:40 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll + 2007-08-13 14:36:40 12,288 ------w C:\WINDOWS\system32\msfeedssync.exe - 2004-06-11 16:43:28 537,088 ----a-w C:\WINDOWS\system32\msftedit.dll + 2008-04-13 15:33:32 539,136 ----a-w C:\WINDOWS\system32\msftedit.dll - 2004-06-11 16:43:28 1,001,472 ----a-w C:\WINDOWS\system32\msgina.dll + 2008-04-13 15:33:32 1,007,104 ----a-w C:\WINDOWS\system32\msgina.dll - 2004-06-11 16:43:28 33,792 ----a-w C:\WINDOWS\system32\msgsvc.dll + 2008-04-13 15:33:32 33,792 ----a-w C:\WINDOWS\system32\msgsvc.dll - 2004-06-11 16:43:48 188,416 ----a-w C:\WINDOWS\system32\msh261.drv + 2008-04-13 15:34:36 188,416 ----a-w C:\WINDOWS\system32\msh261.drv - 2004-06-11 16:53:30 294,912 ----a-w C:\WINDOWS\system32\msh263.drv + 2008-04-13 15:34:36 294,912 ----a-w C:\WINDOWS\system32\msh263.drv - 2004-06-11 16:43:44 29,184 ----a-w C:\WINDOWS\system32\mshta.exe + 2007-08-13 14:32:30 45,568 ----a-w C:\WINDOWS\system32\mshta.exe - 2004-06-11 16:43:28 3,035,136 ----a-w C:\WINDOWS\system32\mshtml.dll + 2008-04-23 18:16:42 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll - 2004-06-11 16:43:28 452,608 ----a-w C:\WINDOWS\system32\mshtmled.dll + 2008-04-23 04:16:40 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll - 2004-06-11 16:35:40 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll + 2007-08-13 14:01:12 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll - 2004-06-11 16:43:28 2,496,000 ----a-w C:\WINDOWS\system32\msi.dll + 2008-04-13 15:33:34 2,843,136 ----a-w C:\WINDOWS\system32\msi.dll - 2004-06-11 16:43:28 51,712 ----a-w C:\WINDOWS\system32\msident.dll + 2008-04-13 15:33:34 51,712 ----a-w C:\WINDOWS\system32\msident.dll - 2004-06-11 16:43:28 6,656 ----a-w C:\WINDOWS\system32\msidle.dll + 2008-04-13 15:33:34 6,656 ----a-w C:\WINDOWS\system32\msidle.dll - 2004-06-11 16:43:28 252,416 ----a-w C:\WINDOWS\system32\msieftp.dll + 2008-04-13 15:33:34 252,416 ----a-w C:\WINDOWS\system32\msieftp.dll - 2004-06-11 16:43:44 77,312 ----a-w C:\WINDOWS\system32\msiexec.exe + 2008-04-13 15:34:14 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe - 2004-06-11 16:43:28 331,264 ----a-w C:\WINDOWS\system32\msihnd.dll + 2008-04-13 15:33:34 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll - 2004-06-11 16:43:28 4,608 ----a-w C:\WINDOWS\system32\msimg32.dll + 2008-04-13 15:33:34 4,608 ----a-w C:\WINDOWS\system32\msimg32.dll - 2004-06-10 15:22:28 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll + 2008-04-13 04:39:44 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll - 2004-06-11 16:43:28 159,232 ----a-w C:\WINDOWS\system32\MSIMTF.dll + 2008-04-13 15:33:34 159,232 ----a-w C:\WINDOWS\system32\msimtf.dll - 2004-06-11 16:43:28 44,032 ----a-w C:\WINDOWS\system32\msisip.dll + 2008-04-13 15:33:34 15,360 ----a-w C:\WINDOWS\system32\msisip.dll - 2004-06-11 16:43:28 1,507,356 ----a-w C:\WINDOWS\system32\msjet40.dll + 2007-10-21 22:30:52 1,516,568 ----a-w C:\WINDOWS\system32\msjet40.dll - 2004-05-23 17:04:16 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll + 2007-04-02 01:49:22 355,112 ----a-w C:\WINDOWS\system32\msjetoledb40.dll - 2004-06-11 16:43:28 184,351 ----a-w C:\WINDOWS\system32\msjint40.dll + 2007-09-10 00:25:02 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll - 2004-06-11 16:43:28 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll + 2007-04-02 01:49:34 60,192 ----a-w C:\WINDOWS\system32\msjter40.dll - 2004-06-11 16:43:28 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll + 2007-04-02 01:49:38 248,608 ----a-w C:\WINDOWS\system32\msjtes40.dll - 2004-06-11 16:43:28 25,600 ----a-w C:\WINDOWS\system32\mslbui.dll + 2008-04-13 15:33:34 25,600 ----a-w C:\WINDOWS\system32\mslbui.dll - 2001-08-28 13:00:00 146,432 ----a-w C:\WINDOWS\system32\msls31.dll + 2007-08-13 14:54:10 156,160 ----a-w C:\WINDOWS\system32\msls31.dll - 2004-06-11 16:43:28 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll + 2007-04-02 01:49:52 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll - 2004-06-11 16:43:50 259,072 ----a-w C:\WINDOWS\system32\msnetobj.dll + 2008-04-13 15:34:38 259,072 ----a-w C:\WINDOWS\system32\msnetobj.dll - 2004-06-11 16:43:30 319,760 ----a-w C:\WINDOWS\system32\msnsspc.dll + 2008-04-13 15:33:34 290,816 ----a-w C:\WINDOWS\system32\msnsspc.dll - 2004-06-11 16:43:30 252,928 ----a-w C:\WINDOWS\system32\msoeacct.dll + 2008-04-13 15:33:34 252,928 ----a-w C:\WINDOWS\system32\msoeacct.dll - 2004-06-11 16:43:30 105,984 ----a-w C:\WINDOWS\system32\msoert2.dll + 2008-04-13 15:33:34 105,984 ----a-w C:\WINDOWS\system32\msoert2.dll - 2004-06-11 16:43:30 143,360 ----a-w C:\WINDOWS\system32\msorcl32.dll + 2008-04-13 15:33:34 143,360 ----a-w C:\WINDOWS\system32\msorcl32.dll - 2004-06-11 16:43:44 347,648 ----a-w C:\WINDOWS\system32\mspaint.exe + 2008-04-13 15:34:16 347,648 ----a-w C:\WINDOWS\system32\mspaint.exe - 2004-06-11 16:43:30 30,208 ----a-w C:\WINDOWS\system32\mspatcha.dll + 2008-04-13 15:33:34 29,696 ----a-w C:\WINDOWS\system32\mspatcha.dll - 2004-06-11 16:43:30 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll + 2007-04-02 01:50:06 355,104 ----a-w C:\WINDOWS\system32\mspbde40.dll - 2004-06-11 16:43:30 52,736 ----a-w C:\WINDOWS\system32\mspmsnsv.dll + 2008-04-13 15:33:34 52,736 ----a-w C:\WINDOWS\system32\mspmsnsv.dll - 2004-06-11 16:43:30 201,728 ----a-w C:\WINDOWS\system32\mspmsp.dll + 2008-04-13 15:33:34 201,728 ----a-w C:\WINDOWS\system32\mspmsp.dll - 2004-06-10 15:42:40 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll + 2008-04-13 05:23:32 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll - 2004-06-11 16:43:30 146,432 ----a-w C:\WINDOWS\system32\msrating.dll + 2008-04-23 04:16:40 193,024 ----a-w C:\WINDOWS\system32\msrating.dll - 2004-06-11 16:43:30 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll + 2007-04-02 01:50:28 432,928 ----a-w C:\WINDOWS\system32\msrd2x40.dll - 2004-06-11 16:43:30 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll + 2007-04-02 01:50:44 322,336 ----a-w C:\WINDOWS\system32\msrd3x40.dll - 2004-06-11 16:43:30 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll + 2007-04-02 01:51:06 559,904 ----a-w C:\WINDOWS\system32\msrepl40.dll - 2004-06-11 16:43:30 11,264 ----a-w C:\WINDOWS\system32\msrle32.dll + 2008-04-13 15:33:34 11,264 ----a-w C:\WINDOWS\system32\msrle32.dll - 2004-06-11 16:43:30 134,656 ----a-w C:\WINDOWS\system32\mssap.dll + 2008-04-13 15:33:34 134,656 ----a-w C:\WINDOWS\system32\mssap.dll - 2004-06-11 16:43:52 356,352 ----a-w C:\WINDOWS\system32\msscp.dll + 2008-04-13 15:34:40 356,352 ----a-w C:\WINDOWS\system32\msscp.dll + 2008-04-13 15:33:34 155,136 ------w C:\WINDOWS\system32\mssha.dll + 2008-04-13 15:03:10 81,920 ------w C:\WINDOWS\system32\msshavmsg.dll - 2004-06-11 16:43:30 304,128 ----a-w C:\WINDOWS\system32\mstask.dll + 2008-04-13 15:33:34 281,600 ----a-w C:\WINDOWS\system32\mstask.dll - 2004-06-11 16:43:30 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll + 2007-04-02 01:51:28 264,992 ----a-w C:\WINDOWS\system32\mstext40.dll - 2004-06-11 16:43:30 530,432 ----a-w C:\WINDOWS\system32\mstime.dll + 2008-04-23 04:16:40 671,232 ----a-w C:\WINDOWS\system32\mstime.dll - 2004-06-11 16:43:44 12,288 ----a-w C:\WINDOWS\system32\mstinit.exe + 2008-04-13 15:34:16 12,288 ----a-w C:\WINDOWS\system32\mstinit.exe - 2004-06-11 16:43:30 115,712 ----a-w C:\WINDOWS\system32\mstlsapi.dll + 2008-04-13 15:33:34 116,224 ----a-w C:\WINDOWS\system32\mstlsapi.dll - 2004-06-11 16:30:46 411,648 ----a-w C:\WINDOWS\system32\mstsc.exe + 2008-04-13 15:34:10 677,888 ----a-w C:\WINDOWS\system32\mstsc.exe - 2004-06-10 16:17:44 655,360 ----a-w C:\WINDOWS\system32\mstscax.dll + 2008-04-13 15:33:30 2,061,824 ----a-w C:\WINDOWS\system32\mstscax.dll - 2004-06-11 16:43:30 195,584 ----a-w C:\WINDOWS\system32\msutb.dll + 2008-04-13 15:33:34 195,584 ----a-w C:\WINDOWS\system32\msutb.dll - 2004-06-11 16:43:30 130,560 ----a-w C:\WINDOWS\system32\msv1_0.dll + 2008-04-13 15:33:34 132,608 ----a-w C:\WINDOWS\system32\msv1_0.dll - 2004-02-22 21:00:00 1,386,496 ----a-w C:\WINDOWS\system32\MSVBVM60.DLL + 2008-04-13 15:33:34 1,384,479 ----a-w C:\WINDOWS\system32\msvbvm60.dll - 2004-06-11 16:43:30 54,784 ----a-w C:\WINDOWS\system32\msvcirt.dll + 2008-04-13 15:33:34 57,344 ----a-w C:\WINDOWS\system32\msvcirt.dll - 2004-06-11 16:43:30 413,696 ----a-w C:\WINDOWS\system32\msvcp60.dll + 2008-04-13 15:33:34 413,696 ----a-w C:\WINDOWS\system32\msvcp60.dll - 2004-06-11 16:43:30 343,040 ----a-w C:\WINDOWS\system32\msvcrt.dll + 2008-04-13 15:33:34 343,040 ----a-w C:\WINDOWS\system32\msvcrt.dll - 2004-06-10 16:17:14 61,440 ------w C:\WINDOWS\system32\msvcrt40.dll + 2008-04-13 07:30:48 61,440 ------w C:\WINDOWS\system32\msvcrt40.dll - 2004-06-11 16:43:30 121,856 ----a-w C:\WINDOWS\system32\msvfw32.dll + 2008-04-13 15:33:34 122,368 ----a-w C:\WINDOWS\system32\msvfw32.dll - 2004-06-11 16:43:30 1,433,600 ----a-w C:\WINDOWS\system32\msvidctl.dll + 2008-04-13 15:33:34 1,434,112 ----a-w C:\WINDOWS\system32\msvidctl.dll - 2004-06-11 16:43:30 72,704 ----a-w C:\WINDOWS\system32\msw3prt.dll + 2008-04-13 15:33:34 72,704 ----a-w C:\WINDOWS\system32\msw3prt.dll - 2004-06-11 16:43:30 831,519 ----a-w C:\WINDOWS\system32\mswdat10.dll + 2007-04-02 01:51:48 838,432 ----a-w C:\WINDOWS\system32\mswdat10.dll - 2004-06-11 16:43:30 204,800 ----a-w C:\WINDOWS\system32\mswebdvd.dll + 2008-04-13 15:33:34 204,800 ----a-w C:\WINDOWS\system32\mswebdvd.dll - 2004-06-11 16:43:30 246,272 ----a-w C:\WINDOWS\system32\mswmdm.dll + 2008-04-13 15:33:34 246,272 ----a-w C:\WINDOWS\system32\mswmdm.dll - 2004-06-11 16:43:30 614,429 ----a-w C:\WINDOWS\system32\mswstr10.dll + 2007-03-28 01:56:40 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll - 2004-06-11 16:43:30 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll + 2007-04-02 01:52:02 355,104 ----a-w C:\WINDOWS\system32\msxbde40.dll - 2004-06-11 16:43:30 506,368 ----a-w C:\WINDOWS\system32\msxml.dll + 2008-04-13 15:33:36 506,368 ----a-w C:\WINDOWS\system32\msxml.dll - 2004-06-11 16:43:30 701,440 ----a-w C:\WINDOWS\system32\msxml2.dll + 2008-04-13 15:33:36 701,440 ----a-w C:\WINDOWS\system32\msxml2.dll - 2004-06-11 16:43:30 1,236,480 ----a-w C:\WINDOWS\system32\msxml3.dll + 2008-04-13 15:33:36 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll - 2003-04-18 12:46:22 1,233,920 ----a-w C:\WINDOWS\system32\msxml4.dll + 2007-05-08 11:03:04 1,275,392 ----a-w C:\WINDOWS\system32\msxml4.dll + 2008-04-13 15:33:36 1,306,624 ------w C:\WINDOWS\system32\msxml6.dll + 2008-04-13 15:04:22 93,184 ------w C:\WINDOWS\system32\msxml6r.dll - 2004-06-11 16:53:30 17,408 ----a-w C:\WINDOWS\system32\msyuv.dll + 2008-04-13 15:33:36 16,896 ----a-w C:\WINDOWS\system32\msyuv.dll - 2004-06-11 16:43:30 88,576 ----a-w C:\WINDOWS\system32\mtxclu.dll + 2008-04-13 15:33:36 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll - 2001-08-28 13:00:00 20,480 ----a-w C:\WINDOWS\system32\mtxdm.dll + 2008-04-13 15:33:36 30,720 ----a-w C:\WINDOWS\system32\mtxdm.dll - 2001-08-28 13:00:00 4,096 ----a-w C:\WINDOWS\system32\mtxex.dll + 2008-04-13 15:33:36 4,096 ----a-w C:\WINDOWS\system32\mtxex.dll - 2001-08-28 13:00:00 25,088 ----a-w C:\WINDOWS\system32\mtxlegih.dll + 2008-04-13 15:33:36 34,304 ----a-w C:\WINDOWS\system32\mtxlegih.dll - 2004-06-11 16:43:30 101,376 ----a-w C:\WINDOWS\system32\mtxoci.dll + 2008-04-13 15:33:36 91,648 ----a-w C:\WINDOWS\system32\mtxoci.dll + 2008-04-13 15:33:36 1,737,856 ------w C:\WINDOWS\system32\mtxparhd.dll - 2004-06-11 16:43:30 91,648 ----a-w C:\WINDOWS\system32\mydocs.dll + 2008-04-13 15:33:36 91,648 ----a-w C:\WINDOWS\system32\mydocs.dll + 2008-04-13 15:33:36 30,208 ------w C:\WINDOWS\system32\napipsec.dll + 2008-04-13 15:33:36 200,704 ------w C:\WINDOWS\system32\napmontr.dll + 2008-04-13 15:34:16 177,664 ------w C:\WINDOWS\system32\napstat.exe - 2004-06-11 16:43:44 55,296 ----a-w C:\WINDOWS\system32\narrator.exe + 2008-04-13 15:34:16 55,296 ----a-w C:\WINDOWS\system32\narrator.exe - 2004-06-11 16:43:30 36,352 ----a-w C:\WINDOWS\system32\ncobjapi.dll + 2008-04-13 15:33:36 36,352 ----a-w C:\WINDOWS\system32\ncobjapi.dll - 2004-06-11 16:43:30 18,432 ----a-w C:\WINDOWS\system32\nddeapi.dll + 2008-04-13 15:33:36 18,432 ----a-w C:\WINDOWS\system32\nddeapi.dll - 2004-06-11 16:43:44 4,096 ----a-w C:\WINDOWS\system32\nddeapir.exe + 2008-04-13 15:34:16 4,096 ----a-w C:\WINDOWS\system32\nddeapir.exe - 2004-06-11 16:43:30 18,432 ----a-w C:\WINDOWS\system32\nddenb32.dll + 2008-04-13 15:33:36 19,456 ----a-w C:\WINDOWS\system32\nddenb32.dll - 2004-06-11 16:43:44 42,496 ----a-w C:\WINDOWS\system32\net.exe + 2008-04-13 15:34:16 42,496 ----a-w C:\WINDOWS\system32\net.exe - 2004-06-11 16:43:44 124,928 ----a-w C:\WINDOWS\system32\net1.exe + 2008-04-13 15:34:16 124,928 ----a-w C:\WINDOWS\system32\net1.exe - 2004-06-11 16:43:30 327,168 ----a-w C:\WINDOWS\system32\netapi32.dll + 2008-04-13 15:33:36 337,408 ----a-w C:\WINDOWS\system32\netapi32.dll - 2004-06-11 16:43:30 633,856 ----a-w C:\WINDOWS\system32\netcfgx.dll + 2008-04-13 15:33:36 634,368 ----a-w C:\WINDOWS\system32\netcfgx.dll - 2004-06-11 16:43:44 114,176 ----a-w C:\WINDOWS\system32\netdde.exe + 2008-04-13 15:34:16 114,176 ----a-w C:\WINDOWS\system32\netdde.exe - 2004-06-11 16:43:30 144,896 ----a-w C:\WINDOWS\system32\netid.dll + 2008-04-13 15:33:36 144,896 ----a-w C:\WINDOWS\system32\netid.dll - 2004-06-11 16:43:30 417,792 ----a-w C:\WINDOWS\system32\netlogon.dll + 2008-04-13 15:33:36 407,040 ----a-w C:\WINDOWS\system32\netlogon.dll - 2004-06-11 16:43:30 187,904 ----a-w C:\WINDOWS\system32\netman.dll + 2008-04-13 15:33:36 198,144 ----a-w C:\WINDOWS\system32\netman.dll - 2004-06-11 16:43:30 884,736 ----a-w C:\WINDOWS\system32\netplwiz.dll + 2008-04-13 15:33:36 885,248 ----a-w C:\WINDOWS\system32\netplwiz.dll - 2004-06-11 16:43:30 11,776 ----a-w C:\WINDOWS\system32\netrap.dll + 2008-04-13 15:33:36 11,776 ----a-w C:\WINDOWS\system32\netrap.dll - 2004-06-11 16:45:42 332,800 ----a-w C:\WINDOWS\system32\netsetup.exe + 2008-04-13 15:37:12 332,800 ----a-w C:\WINDOWS\system32\netsetup.exe - 2004-06-11 16:43:44 88,576 ----a-w C:\WINDOWS\system32\netsh.exe + 2008-04-13 15:34:16 88,576 ----a-w C:\WINDOWS\system32\netsh.exe - 2004-06-11 16:43:30 1,701,376 ----a-w C:\WINDOWS\system32\netshell.dll + 2008-04-13 15:33:36 1,719,808 ----a-w C:\WINDOWS\system32\netshell.dll - 2004-06-11 16:43:44 37,376 ----a-w C:\WINDOWS\system32\netstat.exe + 2008-04-13 15:34:16 37,888 ----a-w C:\WINDOWS\system32\netstat.exe - 2004-06-11 16:43:30 83,456 ----a-w C:\WINDOWS\system32\netui0.dll + 2008-04-13 15:33:36 83,456 ----a-w C:\WINDOWS\system32\netui0.dll - 2004-06-11 16:43:30 245,248 ----a-w C:\WINDOWS\system32\netui1.dll + 2008-04-13 15:33:36 245,760 ----a-w C:\WINDOWS\system32\netui1.dll - 2004-06-11 16:43:30 251,392 ----a-w C:\WINDOWS\system32\newdev.dll + 2008-04-13 15:33:36 250,880 ----a-w C:\WINDOWS\system32\newdev.dll - 2004-06-11 16:43:30 103,936 ----a-w C:\WINDOWS\system32\nlhtml.dll + 2008-04-13 15:33:36 98,304 ----a-w C:\WINDOWS\system32\nlhtml.dll + 2006-06-28 13:59:26 24,576 ------w C:\WINDOWS\system32\nlsdl.dll - 2004-06-11 16:43:30 24,576 ----a-w C:\WINDOWS\system32\nmmkcert.dll + 2008-04-13 15:33:38 28,672 ----a-w C:\WINDOWS\system32\nmmkcert.dll + 2006-06-29 04:05:44 23,552 ------w C:\WINDOWS\system32\normaliz.dll - 2004-06-11 16:43:44 70,656 ----a-w C:\WINDOWS\system32\notepad.exe + 2008-04-13 15:34:16 70,656 ----a-w C:\WINDOWS\system32\notepad.exe - 2004-06-11 16:43:30 57,344 ----a-w C:\WINDOWS\system32\npp\ndisnpp.dll + 2008-04-13 15:33:36 57,344 ----a-w C:\WINDOWS\system32\npp\ndisnpp.dll - 2004-06-11 16:43:44 15,360 ----a-w C:\WINDOWS\system32\npp\nppagent.exe + 2008-04-13 15:34:16 15,360 ----a-w C:\WINDOWS\system32\npp\nppagent.exe - 2004-06-11 16:43:30 55,296 ----a-w C:\WINDOWS\system32\npptools.dll + 2008-04-13 15:33:38 55,296 ----a-w C:\WINDOWS\system32\npptools.dll - 2004-06-11 16:43:44 79,360 ----a-w C:\WINDOWS\system32\nslookup.exe + 2008-04-13 15:34:16 79,360 ----a-w C:\WINDOWS\system32\nslookup.exe - 2004-06-11 16:43:46 1,230,848 ----a-w C:\WINDOWS\system32\ntbackup.exe + 2008-04-13 15:34:18 1,231,360 ----a-w C:\WINDOWS\system32\ntbackup.exe - 2004-06-11 16:42:38 724,480 ----a-w C:\WINDOWS\system32\ntdll.dll + 2008-04-13 15:33:04 731,136 ----a-w C:\WINDOWS\system32\ntdll.dll - 2004-06-11 16:43:30 68,096 ----a-w C:\WINDOWS\system32\ntdsapi.dll + 2008-04-13 15:33:38 67,072 ----a-w C:\WINDOWS\system32\ntdsapi.dll - 2004-06-11 16:53:30 2,058,240 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe + 2008-04-13 15:07:28 2,067,968 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe - 2004-06-11 16:43:30 43,520 ----a-w C:\WINDOWS\system32\ntlanman.dll + 2008-04-13 15:33:38 44,032 ----a-w C:\WINDOWS\system32\ntlanman.dll - 2004-06-11 16:43:30 8,192 ----a-w C:\WINDOWS\system32\ntlsapi.dll + 2008-04-13 15:33:38 8,192 ----a-w C:\WINDOWS\system32\ntlsapi.dll - 2004-06-11 16:43:30 119,808 ----a-w C:\WINDOWS\system32\ntmarta.dll + 2008-04-13 15:33:38 119,808 ----a-w C:\WINDOWS\system32\ntmarta.dll - 2004-06-11 16:43:30 40,960 ----a-w C:\WINDOWS\system32\ntmsapi.dll + 2008-04-13 15:33:38 40,960 ----a-w C:\WINDOWS\system32\ntmsapi.dll - 2004-06-11 16:43:30 181,248 ----a-w C:\WINDOWS\system32\ntmsdba.dll + 2008-04-13 15:33:38 181,248 ----a-w C:\WINDOWS\system32\ntmsdba.dll - 2004-06-11 16:43:30 496,640 ----a-w C:\WINDOWS\system32\ntmsmgr.dll + 2008-04-13 15:33:38 496,640 ----a-w C:\WINDOWS\system32\ntmsmgr.dll - 2004-06-11 16:43:30 438,272 ----a-w C:\WINDOWS\system32\ntmssvc.dll + 2008-04-13 15:33:38 438,272 ----a-w C:\WINDOWS\system32\ntmssvc.dll - 2004-06-11 16:28:40 2,184,064 ----a-w C:\WINDOWS\system32\ntoskrnl.exe + 2008-04-13 15:08:04 2,191,104 ----a-w C:\WINDOWS\system32\ntoskrnl.exe - 2004-06-11 16:43:30 91,648 ----a-w C:\WINDOWS\system32\ntprint.dll + 2008-04-13 15:33:38 91,648 ----a-w C:\WINDOWS\system32\ntprint.dll - 2004-06-11 16:43:30 145,920 ----a-w C:\WINDOWS\system32\ntshrui.dll + 2008-04-13 15:33:38 145,920 ----a-w C:\WINDOWS\system32\ntshrui.dll - 2004-06-11 16:43:46 420,352 ----a-w C:\WINDOWS\system32\ntvdm.exe + 2008-04-13 15:34:18 421,888 ----a-w C:\WINDOWS\system32\ntvdm.exe - 2001-08-28 13:00:00 13,312 ----a-w C:\WINDOWS\system32\ntvdmd.dll + 2008-04-13 15:33:38 15,360 ----a-w C:\WINDOWS\system32\ntvdmd.dll - 2001-08-28 13:00:00 58,880 ----a-w C:\WINDOWS\system32\nwapi32.dll + 2008-04-13 15:33:38 64,000 ----a-w C:\WINDOWS\system32\nwapi32.dll - 2004-06-11 16:43:30 147,968 ----a-w C:\WINDOWS\system32\nwprovau.dll + 2008-04-13 15:33:38 145,920 ----a-w C:\WINDOWS\system32\nwprovau.dll - 2004-06-11 16:43:30 64,000 ----a-w C:\WINDOWS\system32\nwwks.dll + 2008-04-13 15:33:38 65,536 ----a-w C:\WINDOWS\system32\nwwks.dll - 2004-06-11 16:43:30 341,504 ----a-w C:\WINDOWS\system32\oakley.dll + 2008-04-13 15:33:38 271,360 ----a-w C:\WINDOWS\system32\oakley.dll - 2004-06-11 16:43:30 288,768 ----a-w C:\WINDOWS\system32\objsel.dll + 2008-04-13 15:33:38 289,280 ----a-w C:\WINDOWS\system32\objsel.dll - 2004-06-11 16:43:30 96,768 ----a-w C:\WINDOWS\system32\occache.dll + 2008-04-23 04:16:40 102,912 ----a-w C:\WINDOWS\system32\occache.dll - 2001-08-28 13:00:00 62,976 ----a-w C:\WINDOWS\system32\ocmanage.dll + 2008-04-13 15:33:40 69,632 ----a-w C:\WINDOWS\system32\ocmanage.dll - 2004-06-11 16:43:30 249,856 ----a-w C:\WINDOWS\system32\odbc32.dll + 2008-04-13 15:33:40 249,856 ----a-w C:\WINDOWS\system32\odbc32.dll - 2004-06-11 16:43:30 16,384 ----a-w C:\WINDOWS\system32\odbc32gt.dll + 2008-04-13 15:33:40 16,384 ----a-w C:\WINDOWS\system32\odbc32gt.dll - 2004-06-11 16:43:46 32,768 ----a-w C:\WINDOWS\system32\odbcad32.exe + 2008-04-13 15:34:18 32,768 ----a-w C:\WINDOWS\system32\odbcad32.exe - 2004-06-11 16:43:30 24,576 ----a-w C:\WINDOWS\system32\odbcbcp.dll + 2008-04-13 15:33:40 24,576 ----a-w C:\WINDOWS\system32\odbcbcp.dll - 2004-06-11 16:43:30 135,168 ----a-w C:\WINDOWS\system32\odbcconf.dll + 2008-04-13 15:33:40 135,168 ----a-w C:\WINDOWS\system32\odbcconf.dll - 2004-06-11 16:43:46 69,632 ----a-w C:\WINDOWS\system32\odbcconf.exe + 2008-04-13 15:34:18 69,632 ----a-w C:\WINDOWS\system32\odbcconf.exe - 2004-06-11 16:43:30 106,496 ----a-w C:\WINDOWS\system32\odbccp32.dll + 2008-04-13 15:33:40 106,496 ----a-w C:\WINDOWS\system32\odbccp32.dll - 2004-06-11 16:43:30 65,536 ----a-w C:\WINDOWS\system32\odbccr32.dll + 2008-04-13 15:33:40 65,536 ----a-w C:\WINDOWS\system32\odbccr32.dll - 2004-06-11 16:43:30 65,536 ----a-w C:\WINDOWS\system32\odbccu32.dll + 2008-04-13 15:33:40 65,536 ----a-w C:\WINDOWS\system32\odbccu32.dll - 2004-06-11 16:43:04 61,712 ----a-w C:\WINDOWS\system32\odbcji32.dll + 2008-04-13 15:32:16 61,471 ----a-w C:\WINDOWS\system32\odbcji32.dll - 2004-06-11 16:43:30 278,559 ----a-w C:\WINDOWS\system32\odbcjt32.dll + 2008-04-13 15:33:40 278,559 ----a-w C:\WINDOWS\system32\odbcjt32.dll - 2004-06-10 15:42:38 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll + 2008-04-13 06:26:06 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll - 2004-06-11 16:43:30 147,456 ----a-w C:\WINDOWS\system32\odbctrac.dll + 2008-04-13 15:33:40 147,456 ----a-w C:\WINDOWS\system32\odbctrac.dll - 2004-06-11 16:43:30 20,511 ----a-w C:\WINDOWS\system32\oddbse32.dll + 2008-04-13 15:33:40 20,511 ----a-w C:\WINDOWS\system32\oddbse32.dll - 2004-06-11 16:43:30 20,510 ----a-w C:\WINDOWS\system32\odexl32.dll + 2008-04-13 15:33:40 20,510 ----a-w C:\WINDOWS\system32\odexl32.dll - 2004-06-11 16:43:30 20,510 ----a-w C:\WINDOWS\system32\odfox32.dll + 2008-04-13 15:33:40 20,510 ----a-w C:\WINDOWS\system32\odfox32.dll - 2004-06-11 16:43:30 20,510 ----a-w C:\WINDOWS\system32\odpdx32.dll + 2008-04-13 15:33:40 20,510 ----a-w C:\WINDOWS\system32\odpdx32.dll - 2004-06-11 16:43:30 20,511 ----a-w C:\WINDOWS\system32\odtext32.dll + 2008-04-13 15:33:40 20,511 ----a-w C:\WINDOWS\system32\odtext32.dll - 2004-06-11 16:43:32 120,832 ----a-w C:\WINDOWS\system32\offfilt.dll + 2008-04-13 15:33:40 192,000 ----a-w C:\WINDOWS\system32\offfilt.dll - 2004-06-11 16:43:32 1,285,120 ----a-w C:\WINDOWS\system32\ole32.dll + 2008-04-13 15:33:40 1,287,168 ----a-w C:\WINDOWS\system32\ole32.dll - 2004-06-11 16:43:32 555,520 ------w C:\WINDOWS\system32\oleaut32.dll + 2008-04-13 15:33:40 551,936 ------w C:\WINDOWS\system32\oleaut32.dll - 2001-08-28 13:00:00 69,120 ----a-w C:\WINDOWS\system32\olecli32.dll + 2008-04-13 15:33:40 75,264 ----a-w C:\WINDOWS\system32\olecli32.dll - 2001-08-28 13:00:00 34,304 ----a-w C:\WINDOWS\system32\olecnv32.dll + 2008-04-13 15:33:40 37,376 ----a-w C:\WINDOWS\system32\olecnv32.dll - 2001-08-28 13:00:00 119,808 ----a-w C:\WINDOWS\system32\oledlg.dll + 2008-04-13 15:33:40 124,928 ----a-w C:\WINDOWS\system32\oledlg.dll - 2004-06-11 16:43:32 110,592 ----a-w C:\WINDOWS\system32\oleprn.dll + 2008-04-13 15:33:40 110,592 ----a-w C:\WINDOWS\system32\oleprn.dll - 2004-06-11 16:43:32 83,456 ------w C:\WINDOWS\system32\olepro32.dll + 2008-04-13 15:33:40 84,992 ----a-w C:\WINDOWS\system32\olepro32.dll + 2008-04-13 15:33:40 144,896 ------w C:\WINDOWS\system32\onex.dll - 2004-06-11 16:43:30 122,368 ----a-w C:\WINDOWS\system32\oobe\msobcomm.dll + 2008-04-13 15:33:34 122,368 ----a-w C:\WINDOWS\system32\oobe\msobcomm.dll - 2004-06-11 16:43:30 16,384 ----a-w C:\WINDOWS\system32\oobe\msobdl.dll + 2008-04-13 15:33:34 16,384 ----a-w C:\WINDOWS\system32\oobe\msobdl.dll - 2004-06-11 16:43:30 562,176 ----a-w C:\WINDOWS\system32\oobe\msobmain.dll + 2008-04-13 15:33:34 566,272 ----a-w C:\WINDOWS\system32\oobe\msobmain.dll - 2004-06-11 16:43:30 30,720 ----a-w C:\WINDOWS\system32\oobe\msobshel.dll + 2008-04-13 15:33:34 30,720 ----a-w C:\WINDOWS\system32\oobe\msobshel.dll - 2004-06-11 16:43:30 18,944 ----a-w C:\WINDOWS\system32\oobe\msobweb.dll + 2008-04-13 15:33:34 19,456 ----a-w C:\WINDOWS\system32\oobe\msobweb.dll - 2001-08-28 13:00:00 28,160 ----a-w C:\WINDOWS\system32\oobe\msoobe.exe + 2008-04-13 15:34:14 29,184 ----a-w C:\WINDOWS\system32\oobe\msoobe.exe - 2004-06-11 16:43:46 51,712 ----a-w C:\WINDOWS\system32\oobe\oobebaln.exe + 2008-04-13 15:34:18 51,712 ----a-w C:\WINDOWS\system32\oobe\oobebaln.exe - 2004-06-11 16:43:46 71,680 ----a-w C:\WINDOWS\system32\openfiles.exe + 2008-04-13 15:34:18 71,680 ----a-w C:\WINDOWS\system32\openfiles.exe - 2004-06-11 16:43:32 706,560 ----a-w C:\WINDOWS\system32\opengl32.dll + 2008-04-13 15:33:40 713,728 ----a-w C:\WINDOWS\system32\opengl32.dll - 2004-06-11 16:43:46 216,576 ----a-w C:\WINDOWS\system32\osk.exe + 2008-04-13 15:34:18 216,576 ----a-w C:\WINDOWS\system32\osk.exe - 2004-06-11 16:43:32 68,096 ----a-w C:\WINDOWS\system32\osuninst.dll + 2008-04-13 15:33:40 68,096 ----a-w C:\WINDOWS\system32\osuninst.dll - 2004-06-11 16:43:32 116,224 ----a-w C:\WINDOWS\system32\p2p.dll + 2008-04-13 15:33:40 153,600 ----a-w C:\WINDOWS\system32\p2p.dll - 2004-06-11 16:43:32 86,016 ----a-w C:\WINDOWS\system32\p2pgasvc.dll + 2008-04-13 15:33:40 105,472 ----a-w C:\WINDOWS\system32\p2pgasvc.dll - 2004-06-11 16:43:32 312,320 ----a-w C:\WINDOWS\system32\p2pgraph.dll + 2008-04-13 15:33:40 313,856 ----a-w C:\WINDOWS\system32\p2pgraph.dll - 2004-06-11 16:43:32 88,064 ----a-w C:\WINDOWS\system32\p2pnetsh.dll + 2008-04-13 15:33:40 115,712 ----a-w C:\WINDOWS\system32\p2pnetsh.dll - 2004-06-11 16:43:32 526,848 ----a-w C:\WINDOWS\system32\p2psvc.dll + 2008-04-13 15:33:40 554,496 ----a-w C:\WINDOWS\system32\p2psvc.dll - 2004-06-11 16:43:46 59,904 ----a-w C:\WINDOWS\system32\packager.exe + 2008-04-13 15:34:18 59,904 ----a-w C:\WINDOWS\system32\packager.exe - 2004-06-11 16:43:32 65,024 ----a-w C:\WINDOWS\system32\pautoenr.dll + 2008-04-13 15:33:40 69,632 ----a-w C:\WINDOWS\system32\pautoenr.dll - 2004-06-11 16:43:32 286,208 ----a-w C:\WINDOWS\system32\pdh.dll + 2008-04-13 15:33:40 286,720 ----a-w C:\WINDOWS\system32\pdh.dll - 2008-07-05 22:55:25 40,108 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-08-10 00:17:52 40,108 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-07-05 22:55:25 48,764 ----a-w C:\WINDOWS\system32\perfc00C.dat + 2008-08-10 00:17:52 48,764 ----a-w C:\WINDOWS\system32\perfc00C.dat - 2004-06-11 16:43:32 42,496 ----a-w C:\WINDOWS\system32\perfctrs.dll + 2008-04-13 15:33:40 42,496 ----a-w C:\WINDOWS\system32\perfctrs.dll - 2004-06-11 16:43:32 27,136 ----a-w C:\WINDOWS\system32\perfdisk.dll + 2008-04-13 15:33:40 27,136 ----a-w C:\WINDOWS\system32\perfdisk.dll - 2008-07-05 22:55:25 311,912 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-08-10 00:17:52 311,912 ----a-w C:\WINDOWS\system32\perfh009.dat - 2008-07-05 22:55:25 368,036 ----a-w C:\WINDOWS\system32\perfh00C.dat + 2008-08-10 00:17:52 368,036 ----a-w C:\WINDOWS\system32\perfh00C.dat - 2004-06-11 16:43:46 15,872 ----a-w C:\WINDOWS\system32\perfmon.exe + 2008-04-13 15:34:18 15,872 ----a-w C:\WINDOWS\system32\perfmon.exe - 2001-08-28 13:00:00 17,408 ----a-w C:\WINDOWS\system32\perfnet.dll + 2008-04-13 15:33:40 18,432 ----a-w C:\WINDOWS\system32\perfnet.dll - 2004-06-11 16:43:32 26,112 ----a-w C:\WINDOWS\system32\perfos.dll + 2008-04-13 15:33:40 26,624 ----a-w C:\WINDOWS\system32\perfos.dll - 2004-06-11 16:43:32 35,840 ----a-w C:\WINDOWS\system32\perfproc.dll + 2008-04-13 15:33:40 35,840 ----a-w C:\WINDOWS\system32\perfproc.dll - 2006-10-24 08:30:20 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll + 2008-04-13 15:33:40 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll - 2004-06-11 16:43:32 172,032 ----a-w C:\WINDOWS\system32\photowiz.dll + 2008-04-13 15:33:40 172,032 ----a-w C:\WINDOWS\system32\photowiz.dll - 2004-06-11 16:53:30 35,328 ----a-w C:\WINDOWS\system32\pid.dll + 2008-04-13 15:33:40 35,328 ----a-w C:\WINDOWS\system32\pid.dll - 2004-06-11 16:43:04 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll + 2008-04-13 15:31:18 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll - 2004-06-11 16:43:46 18,944 ----a-w C:\WINDOWS\system32\ping.exe + 2008-04-13 15:34:20 19,456 ----a-w C:\WINDOWS\system32\ping.exe - 2004-06-11 16:53:30 14,848 ----a-w C:\WINDOWS\system32\pjlmon.dll + 2008-04-13 15:33:40 15,360 ----a-w C:\WINDOWS\system32\pjlmon.dll - 2004-06-11 16:43:32 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll + 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll - 2004-06-11 16:43:32 48,640 ----a-w C:\WINDOWS\system32\pnrpnsp.dll + 2008-04-13 15:33:40 58,880 ----a-w C:\WINDOWS\system32\pnrpnsp.dll - 2004-06-11 16:43:32 106,496 ----a-w C:\WINDOWS\system32\polstore.dll + 2008-04-13 15:33:40 106,496 ----a-w C:\WINDOWS\system32\polstore.dll - 2004-06-11 16:43:46 49,152 ----a-w C:\WINDOWS\system32\powercfg.exe + 2008-04-13 15:34:20 49,152 ----a-w C:\WINDOWS\system32\powercfg.exe - 2004-06-11 16:43:32 17,408 ----a-w C:\WINDOWS\system32\powrprof.dll + 2008-04-13 15:33:40 17,408 ----a-w C:\WINDOWS\system32\powrprof.dll - 2004-06-11 16:43:32 573,440 ----a-w C:\WINDOWS\system32\printui.dll + 2008-04-13 15:33:40 578,560 ----a-w C:\WINDOWS\system32\printui.dll - 2004-06-11 16:43:32 27,648 ----a-w C:\WINDOWS\system32\profmap.dll + 2008-04-13 15:33:40 27,648 ----a-w C:\WINDOWS\system32\profmap.dll - 2004-06-11 16:43:46 109,568 ----a-w C:\WINDOWS\system32\progman.exe + 2008-04-13 15:34:20 109,568 ----a-w C:\WINDOWS\system32\progman.exe - 2004-06-11 16:43:46 50,688 ----a-w C:\WINDOWS\system32\proquota.exe + 2008-04-13 15:34:20 50,688 ----a-w C:\WINDOWS\system32\proquota.exe - 2004-06-11 16:43:46 9,728 ----a-w C:\WINDOWS\system32\proxycfg.exe + 2008-04-13 15:34:20 9,728 ----a-w C:\WINDOWS\system32\proxycfg.exe - 2004-06-11 16:43:32 23,040 ----a-w C:\WINDOWS\system32\psapi.dll + 2008-04-13 15:33:40 23,040 ----a-w C:\WINDOWS\system32\psapi.dll - 2004-06-11 16:43:32 98,816 ----a-w C:\WINDOWS\system32\psbase.dll + 2008-04-13 15:33:40 98,816 ----a-w C:\WINDOWS\system32\psbase.dll - 2004-06-11 16:43:32 43,520 ----a-w C:\WINDOWS\system32\pstorec.dll + 2008-04-13 15:33:40 43,520 ----a-w C:\WINDOWS\system32\pstorec.dll - 2004-06-11 16:43:32 34,304 ----a-w C:\WINDOWS\system32\pstorsvc.dll + 2008-04-13 15:33:40 34,304 ----a-w C:\WINDOWS\system32\pstorsvc.dll + 2008-04-13 15:33:40 151,040 ------w C:\WINDOWS\system32\qagent.dll + 2008-04-13 15:33:40 293,376 ------w C:\WINDOWS\system32\qagentrt.dll - 2004-06-11 16:43:32 237,568 ----a-w C:\WINDOWS\system32\qasf.dll + 2008-04-13 15:33:40 237,568 ----a-w C:\WINDOWS\system32\qasf.dll - 2004-06-11 16:43:32 192,512 ----a-w C:\WINDOWS\system32\qcap.dll + 2008-04-13 15:33:40 192,512 ----a-w C:\WINDOWS\system32\qcap.dll + 2008-04-13 15:33:40 62,464 ------w C:\WINDOWS\system32\qcliprov.dll - 2004-06-11 16:43:32 279,040 ----a-w C:\WINDOWS\system32\qdv.dll + 2008-04-13 15:33:40 279,040 ----a-w C:\WINDOWS\system32\qdv.dll - 2004-06-11 16:43:32 386,048 ----a-w C:\WINDOWS\system32\qdvd.dll + 2008-04-13 15:33:40 387,072 ----a-w C:\WINDOWS\system32\qdvd.dll - 2004-06-11 16:43:32 563,200 ----a-w C:\WINDOWS\system32\qedit.dll + 2008-04-13 15:33:40 563,200 ----a-w C:\WINDOWS\system32\qedit.dll - 2004-06-10 16:09:34 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll + 2008-04-13 06:21:34 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll - 2004-06-11 16:43:32 381,952 ----a-w C:\WINDOWS\system32\qmgr.dll + 2008-04-13 15:33:40 409,088 ----a-w C:\WINDOWS\system32\qmgr.dll - 2004-06-11 16:43:32 18,944 ----a-w C:\WINDOWS\system32\qmgrprxy.dll + 2008-04-13 15:33:40 18,944 ----a-w C:\WINDOWS\system32\qmgrprxy.dll - 2004-06-11 16:43:46 20,992 ----a-w C:\WINDOWS\system32\qprocess.exe + 2008-04-13 15:34:20 20,992 ----a-w C:\WINDOWS\system32\qprocess.exe - 2004-06-11 16:43:32 1,292,800 ------w C:\WINDOWS\system32\quartz.dll + 2008-05-07 05:11:24 1,294,336 ------w C:\WINDOWS\system32\quartz.dll - 2004-06-11 16:43:32 1,440,768 ----a-w C:\WINDOWS\system32\query.dll + 2008-04-13 15:33:40 1,440,768 ----a-w C:\WINDOWS\system32\query.dll + 2008-04-13 15:33:40 76,800 ------w C:\WINDOWS\system32\qutil.dll - 2004-06-11 16:43:32 43,520 ----a-w C:\WINDOWS\system32\racpldlg.dll + 2008-04-13 15:33:40 43,520 ----a-w C:\WINDOWS\system32\racpldlg.dll - 2004-06-11 16:43:32 7,680 ----a-w C:\WINDOWS\system32\rasadhlp.dll + 2008-04-13 15:33:40 7,680 ----a-w C:\WINDOWS\system32\rasadhlp.dll - 2004-06-11 16:43:32 237,056 ----a-w C:\WINDOWS\system32\rasapi32.dll + 2008-04-13 15:33:40 237,056 ----a-w C:\WINDOWS\system32\rasapi32.dll - 2004-06-11 16:43:32 89,088 ----a-w C:\WINDOWS\system32\rasauto.dll + 2008-04-13 15:33:40 88,576 ----a-w C:\WINDOWS\system32\rasauto.dll - 2004-06-11 16:43:32 69,120 ----a-w C:\WINDOWS\system32\raschap.dll + 2008-04-13 15:33:40 79,872 ----a-w C:\WINDOWS\system32\raschap.dll - 2004-06-11 16:43:32 683,520 ----a-w C:\WINDOWS\system32\rasdlg.dll + 2008-04-13 15:33:40 685,568 ----a-w C:\WINDOWS\system32\rasdlg.dll - 2004-06-11 16:43:32 61,440 ----a-w C:\WINDOWS\system32\rasman.dll + 2008-04-13 15:33:40 61,440 ----a-w C:\WINDOWS\system32\rasman.dll - 2004-06-11 16:43:32 173,568 ----a-w C:\WINDOWS\system32\rasmans.dll + 2008-04-13 15:33:40 186,368 ----a-w C:\WINDOWS\system32\rasmans.dll - 2004-06-11 16:43:46 57,344 ----a-w C:\WINDOWS\system32\rasphone.exe + 2008-04-13 15:34:20 57,344 ----a-w C:\WINDOWS\system32\rasphone.exe - 2004-06-11 16:43:32 206,336 ----a-w C:\WINDOWS\system32\rasppp.dll + 2008-04-13 15:33:40 210,944 ----a-w C:\WINDOWS\system32\rasppp.dll + 2008-04-13 15:33:40 61,952 ------w C:\WINDOWS\system32\rasqec.dll - 2004-06-11 16:43:32 16,896 ----a-w C:\WINDOWS\system32\rassapi.dll + 2008-04-13 15:33:40 16,384 ----a-w C:\WINDOWS\system32\rassapi.dll - 2004-06-11 16:43:32 58,880 ----a-w C:\WINDOWS\system32\rastapi.dll + 2008-04-13 15:33:40 58,368 ----a-w C:\WINDOWS\system32\rastapi.dll - 2004-06-11 16:43:32 113,152 ----a-w C:\WINDOWS\system32\rastls.dll + 2008-04-13 15:33:40 151,040 ----a-w C:\WINDOWS\system32\rastls.dll - 2004-06-11 16:43:32 103,424 ----a-w C:\WINDOWS\system32\rcbdyctl.dll + 2008-04-13 15:33:40 102,912 ----a-w C:\WINDOWS\system32\rcbdyctl.dll - 2004-06-11 16:43:46 35,840 ----a-w C:\WINDOWS\system32\rcimlby.exe + 2008-04-13 15:34:20 35,840 ----a-w C:\WINDOWS\system32\rcimlby.exe - 2004-06-11 16:43:46 23,040 ----a-w C:\WINDOWS\system32\rcp.exe + 2008-04-13 15:34:20 23,040 ----a-w C:\WINDOWS\system32\rcp.exe - 2004-06-11 16:43:32 147,968 ----a-w C:\WINDOWS\system32\rdchost.dll + 2008-04-13 15:33:40 147,968 ----a-w C:\WINDOWS\system32\rdchost.dll - 2004-06-11 16:43:46 62,464 ----a-w C:\WINDOWS\system32\rdpclip.exe + 2008-04-13 15:34:20 62,976 ----a-w C:\WINDOWS\system32\rdpclip.exe - 2004-06-11 16:43:58 92,168 ----a-w C:\WINDOWS\system32\rdpdd.dll + 2008-04-13 15:34:54 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll - 2004-06-11 16:43:32 19,968 ----a-w C:\WINDOWS\system32\rdpsnd.dll + 2008-04-13 15:33:40 19,968 ----a-w C:\WINDOWS\system32\rdpsnd.dll - 2004-06-11 16:43:58 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll + 2008-04-13 15:34:56 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll - 2004-06-11 16:43:46 13,824 ----a-w C:\WINDOWS\system32\rdsaddin.exe + 2008-04-13 15:34:20 13,824 ----a-w C:\WINDOWS\system32\rdsaddin.exe - 2004-06-11 16:43:46 67,072 ----a-w C:\WINDOWS\system32\rdshost.exe + 2008-04-13 15:34:20 67,072 ----a-w C:\WINDOWS\system32\rdshost.exe - 2004-06-11 16:43:46 53,248 ----a-w C:\WINDOWS\system32\reg.exe + 2008-04-13 15:34:20 53,248 ----a-w C:\WINDOWS\system32\reg.exe - 2004-06-11 16:43:32 49,664 ----a-w C:\WINDOWS\system32\regapi.dll + 2008-04-13 15:33:40 49,664 ----a-w C:\WINDOWS\system32\regapi.dll - 2004-06-11 16:43:32 59,904 ----a-w C:\WINDOWS\system32\regsvc.dll + 2008-04-13 15:33:40 59,904 ----a-w C:\WINDOWS\system32\regsvc.dll - 2004-06-11 16:43:46 12,288 ----a-w C:\WINDOWS\system32\regsvr32.exe + 2008-04-13 15:34:20 12,288 ----a-w C:\WINDOWS\system32\regsvr32.exe - 2004-06-11 16:43:32 405,504 ----a-w C:\WINDOWS\system32\regwizc.dll + 2008-04-13 15:33:40 405,504 ----a-w C:\WINDOWS\system32\regwizc.dll + 2006-10-22 04:22:00 4,527,488 ----a-w C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\nv4_disp.dll + 2006-10-22 04:22:00 3,994,624 ----a-w C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\nv4_mini.sys + 2004-06-11 16:53:30 41,600 ----a-w C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\amdk7.sys - 2004-06-11 16:43:32 61,440 ----a-w C:\WINDOWS\system32\remotepg.dll + 2008-04-13 15:33:40 61,952 ----a-w C:\WINDOWS\system32\remotepg.dll - 2004-06-11 16:43:46 384,512 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe + 2008-04-13 15:34:20 384,512 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe - 2004-06-11 16:43:32 58,880 ----a-w C:\WINDOWS\system32\resutils.dll + 2008-04-13 15:33:40 58,880 ----a-w C:\WINDOWS\system32\resutils.dll - 2004-06-11 16:43:46 14,336 ----a-w C:\WINDOWS\system32\rexec.exe + 2008-04-13 15:34:20 14,848 ----a-w C:\WINDOWS\system32\rexec.exe + 2008-04-13 15:33:40 290,304 ------w C:\WINDOWS\system32\rhttpaa.dll - 2004-06-11 16:43:32 430,592 ----a-w C:\WINDOWS\system32\riched20.dll + 2008-04-13 15:33:40 433,664 ----a-w C:\WINDOWS\system32\riched20.dll - 2004-06-11 16:43:32 587,264 ----a-w C:\WINDOWS\system32\rpcrt4.dll + 2008-04-13 15:33:40 584,704 ----a-w C:\WINDOWS\system32\rpcrt4.dll - 2004-06-11 16:43:32 395,776 ----a-w C:\WINDOWS\system32\rpcss.dll + 2008-04-13 15:33:40 399,360 ----a-w C:\WINDOWS\system32\rpcss.dll - 2004-06-10 15:45:36 152,576 ----a-w C:\WINDOWS\system32\rsaenh.dll + 2008-04-13 06:37:58 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll - 2004-06-11 16:43:46 15,360 ----a-w C:\WINDOWS\system32\rsh.exe + 2008-04-13 15:34:20 15,872 ----a-w C:\WINDOWS\system32\rsh.exe - 2004-06-11 16:43:32 40,448 ----a-w C:\WINDOWS\system32\rshx32.dll + 2008-04-13 15:33:40 40,960 ----a-w C:\WINDOWS\system32\rshx32.dll - 2004-06-11 16:43:32 18,944 ----a-w C:\WINDOWS\system32\rsmps.dll + 2008-04-13 15:33:40 18,944 ----a-w C:\WINDOWS\system32\rsmps.dll - 2004-06-11 16:43:46 107,520 ----a-w C:\WINDOWS\system32\rsnotify.exe + 2008-04-13 15:34:20 107,520 ----a-w C:\WINDOWS\system32\rsnotify.exe - 2001-08-28 13:00:00 90,112 ----a-w C:\WINDOWS\system32\rsvpsp.dll + 2008-04-13 15:33:40 92,672 ----a-w C:\WINDOWS\system32\rsvpsp.dll - 2004-06-11 16:43:46 78,336 ----a-w C:\WINDOWS\system32\rtcshare.exe + 2008-04-13 15:34:22 78,336 ----a-w C:\WINDOWS\system32\rtcshare.exe - 2004-06-11 16:43:32 31,232 ----a-w C:\WINDOWS\system32\rtipxmib.dll + 2008-04-13 15:33:40 31,744 ----a-w C:\WINDOWS\system32\rtipxmib.dll - 2004-06-11 16:43:32 44,032 ----a-w C:\WINDOWS\system32\rtutils.dll + 2008-04-13 15:33:40 44,032 ----a-w C:\WINDOWS\system32\rtutils.dll - 2004-06-11 16:43:46 33,792 ----a-w C:\WINDOWS\system32\rundll32.exe + 2008-04-13 15:34:22 33,792 ----a-w C:\WINDOWS\system32\rundll32.exe - 2004-06-11 16:43:46 14,336 ----a-w C:\WINDOWS\system32\runonce.exe + 2008-04-13 15:34:22 14,336 ----a-w C:\WINDOWS\system32\runonce.exe + 2008-04-13 15:33:40 9,728 ------w C:\WINDOWS\system32\rwnh.dll + 2008-04-13 15:33:40 397,056 ------w C:\WINDOWS\system32\s3gnb.dll - 2004-06-11 16:43:32 43,520 ----a-w C:\WINDOWS\system32\safrcdlg.dll + 2008-04-13 15:33:40 43,520 ----a-w C:\WINDOWS\system32\safrcdlg.dll - 2004-06-11 16:43:32 29,696 ----a-w C:\WINDOWS\system32\safrdm.dll + 2008-04-13 15:33:40 29,696 ----a-w C:\WINDOWS\system32\safrdm.dll - 2004-06-11 16:43:32 45,568 ----a-w C:\WINDOWS\system32\safrslv.dll + 2008-04-13 15:33:40 45,568 ----a-w C:\WINDOWS\system32\safrslv.dll - 2004-06-11 16:43:32 64,000 ----a-w C:\WINDOWS\system32\samlib.dll + 2008-04-13 15:33:40 64,000 ----a-w C:\WINDOWS\system32\samlib.dll - 2004-06-11 16:43:32 429,568 ----a-w C:\WINDOWS\system32\samsrv.dll + 2008-04-13 15:33:40 431,104 ----a-w C:\WINDOWS\system32\samsrv.dll - 2004-06-11 16:43:46 13,824 ----a-w C:\WINDOWS\system32\savedump.exe + 2008-04-13 15:34:22 13,824 ----a-w C:\WINDOWS\system32\savedump.exe - 2004-06-11 16:43:32 269,312 ----a-w C:\WINDOWS\system32\sbe.dll + 2008-04-13 15:33:40 270,848 ----a-w C:\WINDOWS\system32\sbe.dll - 2004-06-11 16:43:32 159,232 ----a-w C:\WINDOWS\system32\sbeio.dll + 2008-04-13 15:33:40 159,232 ----a-w C:\WINDOWS\system32\sbeio.dll - 2004-06-11 16:43:32 71,168 ----a-w C:\WINDOWS\system32\scarddlg.dll + 2008-04-13 15:33:42 71,168 ----a-w C:\WINDOWS\system32\scarddlg.dll - 2004-06-11 16:43:46 100,352 ----a-w C:\WINDOWS\system32\scardsvr.exe + 2008-04-13 15:34:22 100,352 ----a-w C:\WINDOWS\system32\scardsvr.exe - 2004-06-11 16:43:32 171,520 ----a-w C:\WINDOWS\system32\sccsccp.dll + 2008-04-13 15:33:42 171,520 ----a-w C:\WINDOWS\system32\sccsccp.dll - 2004-06-11 16:43:32 186,368 ----a-w C:\WINDOWS\system32\scecli.dll + 2008-04-13 15:33:42 187,392 ----a-w C:\WINDOWS\system32\scecli.dll - 2004-06-11 16:43:34 328,704 ----a-w C:\WINDOWS\system32\scesrv.dll + 2008-04-13 15:33:42 329,728 ----a-w C:\WINDOWS\system32\scesrv.dll - 2004-06-11 16:43:34 151,040 ----a-w C:\WINDOWS\system32\schannel.dll + 2008-04-13 15:33:42 144,384 ----a-w C:\WINDOWS\system32\schannel.dll - 2004-06-11 16:43:34 193,024 ----a-w C:\WINDOWS\system32\schedsvc.dll + 2008-04-13 15:33:42 194,560 ----a-w C:\WINDOWS\system32\schedsvc.dll - 2004-06-11 16:43:46 130,560 ----a-w C:\WINDOWS\system32\schtasks.exe + 2008-04-13 15:34:22 130,560 ----a-w C:\WINDOWS\system32\schtasks.exe - 2004-06-11 16:43:34 22,016 ----a-w C:\WINDOWS\system32\sclgntfy.dll + 2008-04-13 15:33:42 22,016 ----a-w C:\WINDOWS\system32\sclgntfy.dll - 2004-06-11 16:43:48 9,216 ----a-w C:\WINDOWS\system32\scrnsave.scr + 2008-04-13 15:34:34 9,216 ----a-w C:\WINDOWS\system32\scrnsave.scr - 2004-06-11 16:43:34 159,744 ----a-w C:\WINDOWS\system32\scrobj.dll + 2008-05-09 10:55:00 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll - 2004-06-11 16:43:34 151,552 ----a-w C:\WINDOWS\system32\scrrun.dll + 2008-05-09 10:55:00 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll - 2004-06-11 16:43:46 78,848 ----a-w C:\WINDOWS\system32\sdbinst.exe + 2008-04-13 15:34:22 78,848 ----a-w C:\WINDOWS\system32\sdbinst.exe - 2004-06-11 16:43:34 29,184 ----a-w C:\WINDOWS\system32\sdhcinst.dll + 2008-04-13 15:33:42 29,184 ----a-w C:\WINDOWS\system32\sdhcinst.dll - 2004-06-11 16:43:46 19,456 ----a-w C:\WINDOWS\system32\secedit.exe + 2008-04-13 15:34:22 19,968 ----a-w C:\WINDOWS\system32\secedit.exe - 2004-06-11 16:43:34 18,944 ----a-w C:\WINDOWS\system32\seclogon.dll + 2008-04-13 15:33:42 18,944 ----a-w C:\WINDOWS\system32\seclogon.dll - 2004-06-01 15:40:12 6,848 ----a-w C:\WINDOWS\system32\secupd.dat + 2006-12-30 15:27:08 4,569 ------w C:\WINDOWS\system32\secupd.dat - 2004-06-11 16:43:34 56,832 ----a-w C:\WINDOWS\system32\secur32.dll + 2008-04-13 15:33:42 56,320 ----a-w C:\WINDOWS\system32\secur32.dll - 2004-06-11 16:43:34 5,632 ----a-w C:\WINDOWS\system32\security.dll + 2008-04-13 15:33:42 5,632 ----a-w C:\WINDOWS\system32\security.dll - 2004-06-11 16:43:34 29,696 ----a-w C:\WINDOWS\system32\sendcmsg.dll + 2008-04-13 15:33:42 29,696 ----a-w C:\WINDOWS\system32\sendcmsg.dll - 2004-06-11 16:43:34 55,296 ----a-w C:\WINDOWS\system32\sendmail.dll + 2008-04-13 15:33:42 55,296 ----a-w C:\WINDOWS\system32\sendmail.dll - 2004-06-11 16:43:34 38,400 ----a-w C:\WINDOWS\system32\sens.dll + 2008-04-13 15:33:42 39,424 ----a-w C:\WINDOWS\system32\sens.dll - 2004-06-11 16:43:34 6,144 ----a-w C:\WINDOWS\system32\sensapi.dll + 2008-04-13 15:33:42 7,168 ----a-w C:\WINDOWS\system32\sensapi.dll - 2004-06-11 16:43:34 56,320 ----a-w C:\WINDOWS\system32\servdeps.dll + 2008-04-13 15:33:42 56,320 ----a-w C:\WINDOWS\system32\servdeps.dll - 2004-06-11 16:43:46 109,056 ----a-w C:\WINDOWS\system32\services.exe + 2008-04-13 15:34:22 109,056 ----a-w C:\WINDOWS\system32\services.exe - 2004-06-11 16:43:46 142,336 ----a-w C:\WINDOWS\system32\sessmgr.exe + 2008-04-13 15:34:22 142,848 ----a-w C:\WINDOWS\system32\sessmgr.exe - 2004-06-11 16:43:46 32,768 ----a-w C:\WINDOWS\system32\sethc.exe + 2008-04-13 15:34:22 32,768 ----a-w C:\WINDOWS\system32\sethc.exe - 2004-06-11 16:43:46 23,040 ----a-w C:\WINDOWS\system32\setup.exe + 2008-04-13 15:34:22 23,040 ----a-w C:\WINDOWS\system32\setup.exe - 2001-08-28 13:00:00 259,584 ----a-w C:\WINDOWS\system32\Setup\comsetup.dll + 2008-04-13 15:33:22 274,944 ----a-w C:\WINDOWS\system32\Setup\comsetup.dll - 2004-06-11 16:43:22 32,828 ----a-w C:\WINDOWS\system32\Setup\fp40ext.dll + 2008-04-13 15:33:26 32,828 ----a-w C:\WINDOWS\system32\Setup\fp40ext.dll - 2004-06-11 16:43:22 132,608 ----a-w C:\WINDOWS\system32\Setup\fxsocm.dll + 2008-04-13 15:33:26 132,608 ----a-w C:\WINDOWS\system32\Setup\fxsocm.dll - 2004-06-11 16:43:24 508,928 ----a-w C:\WINDOWS\system32\Setup\iis.dll + 2008-04-13 15:31:34 508,416 ----a-w C:\WINDOWS\system32\Setup\iis.dll - 2001-08-28 13:00:00 118,784 ----a-w C:\WINDOWS\system32\Setup\imsinsnt.dll + 2008-04-13 15:33:28 126,464 ----a-w C:\WINDOWS\system32\Setup\imsinsnt.dll + 2008-04-13 15:33:30 8,192 ----a-w C:\WINDOWS\system32\Setup\koc.dll - 2004-06-11 16:43:26 16,896 ----a-w C:\WINDOWS\system32\Setup\medctroc.dll + 2008-04-13 15:33:30 16,896 ----a-w C:\WINDOWS\system32\Setup\medctroc.dll - 2001-08-28 13:00:00 82,432 ----a-w C:\WINDOWS\system32\Setup\msdtcstp.dll + 2008-04-13 15:33:32 90,112 ----a-w C:\WINDOWS\system32\Setup\msdtcstp.dll - 2004-06-11 16:43:28 15,360 ----a-w C:\WINDOWS\system32\Setup\msgrocm.dll + 2008-04-13 15:33:32 15,360 ----a-w C:\WINDOWS\system32\Setup\msgrocm.dll - 2004-06-11 16:43:30 169,984 ----a-w C:\WINDOWS\system32\Setup\msmqocm.dll + 2008-04-13 15:33:34 170,496 ----a-w C:\WINDOWS\system32\Setup\msmqocm.dll - 2004-06-11 16:43:30 78,848 ----a-w C:\WINDOWS\system32\Setup\netoc.dll + 2008-04-13 15:33:36 78,336 ----a-w C:\WINDOWS\system32\Setup\netoc.dll - 2004-06-11 16:43:30 63,488 ----a-w C:\WINDOWS\system32\Setup\ntoc.dll + 2008-04-13 15:33:38 63,488 ----a-w C:\WINDOWS\system32\Setup\ntoc.dll - 2004-06-11 16:43:30 15,360 ----a-w C:\WINDOWS\system32\Setup\ocgen.dll + 2008-04-13 15:33:40 15,872 ----a-w C:\WINDOWS\system32\Setup\ocgen.dll - 2004-06-11 16:43:30 17,408 ----a-w C:\WINDOWS\system32\Setup\ocmsn.dll + 2008-04-13 15:33:40 17,408 ----a-w C:\WINDOWS\system32\Setup\ocmsn.dll - 2004-06-11 16:43:34 101,888 ----a-w C:\WINDOWS\system32\Setup\setupqry.dll + 2008-04-13 15:33:42 101,888 ----a-w C:\WINDOWS\system32\Setup\setupqry.dll - 2004-06-11 16:43:36 34,304 ----a-w C:\WINDOWS\system32\Setup\tabletoc.dll + 2008-04-13 15:33:48 34,304 ----a-w C:\WINDOWS\system32\Setup\tabletoc.dll - 2004-06-11 16:43:36 123,904 ----a-w C:\WINDOWS\system32\Setup\tsoc.dll + 2008-04-13 15:33:48 132,096 ----a-w C:\WINDOWS\system32\Setup\tsoc.dll - 2004-06-11 16:43:34 1,004,032 ----a-w C:\WINDOWS\system32\setupapi.dll + 2008-04-13 15:33:42 1,005,056 ----a-w C:\WINDOWS\system32\setupapi.dll + 2008-04-13 15:34:22 32,768 ------w C:\WINDOWS\system32\setupn.exe - 2004-06-11 16:43:34 5,120 ----a-w C:\WINDOWS\system32\sfc.dll + 2008-04-13 15:33:42 5,120 ----a-w C:\WINDOWS\system32\sfc.dll - 2004-06-11 16:43:34 142,336 ----a-w C:\WINDOWS\system32\sfc_os.dll + 2008-04-13 15:33:42 142,336 ----a-w C:\WINDOWS\system32\sfc_os.dll - 2004-06-11 16:43:34 1,256,960 ----a-w C:\WINDOWS\system32\sfcfiles.dll + 2008-04-13 15:33:42 1,571,840 ----a-w C:\WINDOWS\system32\sfcfiles.dll - 2004-06-11 16:35:40 572,416 ----a-w C:\WINDOWS\system32\shdoclc.dll + 2008-04-13 15:01:00 572,416 ----a-w C:\WINDOWS\system32\shdoclc.dll - 2004-06-11 16:43:34 1,464,320 ----a-w C:\WINDOWS\system32\shdocvw.dll + 2008-04-13 15:33:42 1,499,136 ----a-w C:\WINDOWS\system32\shdocvw.dll - 2004-06-11 16:43:34 8,438,784 ----a-w C:\WINDOWS\system32\shell32.dll + 2008-04-13 15:33:42 8,517,632 ----a-w C:\WINDOWS\system32\shell32.dll - 2004-06-11 16:43:34 25,088 ----a-w C:\WINDOWS\system32\shfolder.dll + 2008-04-13 15:33:42 25,088 ----a-w C:\WINDOWS\system32\shfolder.dll - 2004-06-11 16:43:34 68,096 ----a-w C:\WINDOWS\system32\shgina.dll + 2008-04-13 15:33:42 68,096 ----a-w C:\WINDOWS\system32\shgina.dll - 2004-06-11 16:43:34 65,536 ----a-w C:\WINDOWS\system32\shimeng.dll + 2008-04-13 15:33:42 65,024 ----a-w C:\WINDOWS\system32\shimeng.dll - 2004-06-11 16:43:34 440,320 ----a-w C:\WINDOWS\system32\shimgvw.dll + 2008-04-13 15:33:42 440,320 ----a-w C:\WINDOWS\system32\shimgvw.dll - 2004-06-11 16:43:34 474,112 ------w C:\WINDOWS\system32\shlwapi.dll + 2008-04-13 15:33:42 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll - 2004-06-11 16:43:34 153,088 ----a-w C:\WINDOWS\system32\shmedia.dll + 2008-04-13 15:33:42 153,600 ----a-w C:\WINDOWS\system32\shmedia.dll - 2004-06-11 16:43:46 42,496 ----a-w C:\WINDOWS\system32\shmgrate.exe + 2008-04-13 15:34:22 45,056 ----a-w C:\WINDOWS\system32\shmgrate.exe - 2004-06-11 16:43:46 78,848 ----a-w C:\WINDOWS\system32\shrpubw.exe + 2008-04-13 15:34:22 78,848 ----a-w C:\WINDOWS\system32\shrpubw.exe - 2004-06-11 16:43:34 27,648 ----a-w C:\WINDOWS\system32\shscrap.dll + 2008-04-13 15:33:42 28,160 ----a-w C:\WINDOWS\system32\shscrap.dll - 2004-06-11 16:43:34 135,168 ----a-w C:\WINDOWS\system32\shsvcs.dll + 2008-04-13 15:33:42 135,680 ----a-w C:\WINDOWS\system32\shsvcs.dll - 2004-06-11 16:43:46 20,480 ----a-w C:\WINDOWS\system32\shutdown.exe + 2008-04-13 15:34:22 20,480 ----a-w C:\WINDOWS\system32\shutdown.exe - 2004-06-11 16:43:34 13,312 ----a-w C:\WINDOWS\system32\sigtab.dll + 2008-04-13 15:33:42 13,824 ----a-w C:\WINDOWS\system32\sigtab.dll - 2004-06-11 16:43:46 71,168 ----a-w C:\WINDOWS\system32\sigverif.exe + 2008-04-13 15:34:22 71,168 ----a-w C:\WINDOWS\system32\sigverif.exe - 2004-06-11 16:43:46 26,112 ----a-w C:\WINDOWS\system32\skeys.exe + 2008-04-13 15:34:22 26,112 ----a-w C:\WINDOWS\system32\skeys.exe - 2004-06-11 16:43:34 25,600 ----a-w C:\WINDOWS\system32\slayerxp.dll + 2008-04-13 15:33:42 25,600 ----a-w C:\WINDOWS\system32\slayerxp.dll - 2004-06-11 16:43:34 98,304 ----a-w C:\WINDOWS\system32\slbiop.dll + 2008-04-13 15:33:42 98,304 ----a-w C:\WINDOWS\system32\slbiop.dll + 2008-04-13 15:33:42 73,832 ------w C:\WINDOWS\system32\slcoinst.dll + 2008-04-13 15:33:42 286,792 ------w C:\WINDOWS\system32\slextspk.dll + 2008-04-13 15:33:42 188,508 ------w C:\WINDOWS\system32\slgen.dll + 2008-04-13 15:34:24 32,866 ------w C:\WINDOWS\system32\slrundll.exe + 2008-04-13 15:34:24 73,796 ------w C:\WINDOWS\system32\slserv.exe - 2004-06-11 16:43:46 8,192 ----a-w C:\WINDOWS\system32\smbinst.exe + 2008-04-13 15:34:24 8,192 ----a-w C:\WINDOWS\system32\smbinst.exe - 2004-06-11 16:43:34 369,664 ----a-w C:\WINDOWS\system32\smlogcfg.dll + 2008-04-13 15:33:42 370,176 ----a-w C:\WINDOWS\system32\smlogcfg.dll - 2004-06-11 16:43:46 92,672 ----a-w C:\WINDOWS\system32\smlogsvc.exe + 2008-04-13 15:34:24 93,184 ----a-w C:\WINDOWS\system32\smlogsvc.exe - 2004-06-11 16:43:46 50,688 ----a-w C:\WINDOWS\system32\smss.exe + 2008-04-13 15:34:24 50,688 ----a-w C:\WINDOWS\system32\smss.exe + 2008-04-13 15:33:42 10,752 ------w C:\WINDOWS\system32\smtpapi.dll - 2004-06-11 16:43:46 133,120 ----a-w C:\WINDOWS\system32\sndrec32.exe + 2008-04-13 15:34:24 133,120 ----a-w C:\WINDOWS\system32\sndrec32.exe - 2004-06-11 16:43:34 18,432 ----a-w C:\WINDOWS\system32\snmpapi.dll + 2008-04-13 15:33:42 18,944 ----a-w C:\WINDOWS\system32\snmpapi.dll - 2004-06-11 16:43:34 184,320 ----a-w C:\WINDOWS\system32\snmpsnap.dll + 2008-04-13 15:33:42 184,320 ----a-w C:\WINDOWS\system32\snmpsnap.dll + 2007-07-30 15:18:40 33,624 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381\wups.dll + 2007-07-30 15:19:12 43,352 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.0.6000.381\wups2.dll - 2001-08-28 13:00:00 25,088 ----a-w C:\WINDOWS\system32\sort.exe + 2008-04-13 15:34:24 26,112 ----a-w C:\WINDOWS\system32\sort.exe + 2008-04-13 15:34:24 7,680 ----a-w C:\WINDOWS\system32\spdwnwxp.exe - 2004-06-11 16:43:46 539,136 ----a-w C:\WINDOWS\system32\spider.exe + 2008-04-13 15:34:24 539,136 ----a-w C:\WINDOWS\system32\spider.exe - 2004-06-10 16:18:16 12,800 ----a-w C:\WINDOWS\system32\spiisupd.exe + 2008-04-13 07:43:32 12,800 ----a-w C:\WINDOWS\system32\spiisupd.exe - 2006-10-16 12:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll + 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll - 2004-06-11 16:43:46 11,776 ----a-w C:\WINDOWS\system32\spnpinst.exe + 2008-04-13 15:34:24 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe - 2005-06-25 10:16:48 138,240 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\PS5UI.DLL + 2008-04-13 15:33:40 728,576 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\ps5ui.dll - 2005-06-25 10:16:50 480,256 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\PSCRIPT5.DLL + 2008-04-13 15:33:40 543,232 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\pscript5.dll - 2004-06-11 16:43:34 73,216 ----a-w C:\WINDOWS\system32\spoolss.dll + 2008-04-13 15:33:42 75,264 ----a-w C:\WINDOWS\system32\spoolss.dll - 2004-06-11 16:43:46 56,832 ----a-w C:\WINDOWS\system32\spoolsv.exe + 2008-04-13 15:34:24 57,856 ----a-w C:\WINDOWS\system32\spoolsv.exe - 2006-10-16 12:10:58 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe + 2007-08-10 04:18:14 26,488 ----a-w C:\WINDOWS\system32\spupdsvc.exe + 2008-04-13 15:34:24 20,992 ------w C:\WINDOWS\system32\spupdwxp.exe - 2004-06-11 16:43:34 442,368 ----a-w C:\WINDOWS\system32\sqlsrv32.dll + 2008-04-13 15:33:48 442,368 ----a-w C:\WINDOWS\system32\sqlsrv32.dll - 2004-06-11 16:43:34 180,800 ----a-w C:\WINDOWS\system32\sqlunirl.dll + 2008-04-13 15:33:48 180,800 ----a-w C:\WINDOWS\system32\sqlunirl.dll - 2004-06-11 16:43:36 67,584 ----a-w C:\WINDOWS\system32\srclient.dll + 2008-04-13 15:33:48 67,584 ----a-w C:\WINDOWS\system32\srclient.dll - 2004-06-11 16:43:36 241,664 ----a-w C:\WINDOWS\system32\srrstr.dll + 2008-04-13 15:33:48 241,664 ----a-w C:\WINDOWS\system32\srrstr.dll - 2004-06-11 16:43:36 171,008 ----a-w C:\WINDOWS\system32\srsvc.dll + 2008-04-13 15:33:48 171,520 ----a-w C:\WINDOWS\system32\srsvc.dll - 2004-06-11 16:43:36 95,744 ----a-w C:\WINDOWS\system32\srvsvc.dll + 2008-04-13 15:33:48 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll - 2004-06-11 16:43:48 708,608 ----a-w C:\WINDOWS\system32\ss3dfo.scr + 2008-04-13 15:34:34 708,608 ----a-w C:\WINDOWS\system32\ss3dfo.scr - 2004-06-11 16:43:48 19,968 ----a-w C:\WINDOWS\system32\ssbezier.scr + 2008-04-13 15:34:34 19,968 ----a-w C:\WINDOWS\system32\ssbezier.scr - 2004-06-11 16:43:36 34,816 ----a-w C:\WINDOWS\system32\ssdpapi.dll + 2008-04-13 15:33:48 34,816 ----a-w C:\WINDOWS\system32\ssdpapi.dll - 2004-06-11 16:43:36 71,680 ----a-w C:\WINDOWS\system32\ssdpsrv.dll + 2008-04-13 15:33:48 71,680 ----a-w C:\WINDOWS\system32\ssdpsrv.dll - 2004-06-11 16:43:48 393,216 ----a-w C:\WINDOWS\system32\ssflwbox.scr + 2008-04-13 15:34:34 393,216 ----a-w C:\WINDOWS\system32\ssflwbox.scr - 2004-06-11 16:43:48 20,992 ----a-w C:\WINDOWS\system32\ssmarque.scr + 2008-04-13 15:34:34 20,992 ----a-w C:\WINDOWS\system32\ssmarque.scr - 2004-06-11 16:43:48 47,104 ----a-w C:\WINDOWS\system32\ssmypics.scr + 2008-04-13 15:34:34 47,104 ----a-w C:\WINDOWS\system32\ssmypics.scr - 2004-06-11 16:43:48 18,944 ----a-w C:\WINDOWS\system32\ssmyst.scr + 2008-04-13 15:34:34 18,944 ----a-w C:\WINDOWS\system32\ssmyst.scr - 2004-06-11 16:43:48 610,304 ----a-w C:\WINDOWS\system32\sspipes.scr + 2008-04-13 15:34:34 610,304 ----a-w C:\WINDOWS\system32\sspipes.scr - 2004-06-11 16:43:48 14,336 ----a-w C:\WINDOWS\system32\ssstars.scr + 2008-04-13 15:34:34 14,336 ----a-w C:\WINDOWS\system32\ssstars.scr - 2004-06-11 16:43:48 684,032 ----a-w C:\WINDOWS\system32\sstext3d.scr + 2008-04-13 15:34:34 684,032 ----a-w C:\WINDOWS\system32\sstext3d.scr - 2001-08-28 13:00:00 54,272 ----a-w C:\WINDOWS\system32\stclient.dll + 2008-04-13 15:33:48 59,392 ----a-w C:\WINDOWS\system32\stclient.dll - 2004-06-11 16:43:36 68,096 ----a-w C:\WINDOWS\system32\sti.dll + 2008-04-13 15:33:48 68,608 ----a-w C:\WINDOWS\system32\sti.dll - 2004-06-11 16:43:36 138,240 ----a-w C:\WINDOWS\system32\sti_ci.dll + 2008-04-13 15:33:48 138,240 ----a-w C:\WINDOWS\system32\sti_ci.dll - 2001-08-28 13:00:00 20,992 ----a-w C:\WINDOWS\system32\stimon.exe + 2008-04-13 15:34:24 14,848 ----a-w C:\WINDOWS\system32\stimon.exe - 2004-06-11 16:43:36 122,368 ----a-w C:\WINDOWS\system32\stobject.dll + 2008-04-13 15:33:48 122,368 ----a-w C:\WINDOWS\system32\stobject.dll - 2004-06-11 16:43:36 76,800 ----a-w C:\WINDOWS\system32\storprop.dll + 2008-04-13 15:33:48 76,800 ----a-w C:\WINDOWS\system32\storprop.dll - 2004-06-11 16:43:36 246,302 ----a-w C:\WINDOWS\system32\strmdll.dll + 2008-04-13 15:33:48 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll - 2004-06-11 16:43:36 75,776 ----a-w C:\WINDOWS\system32\strmfilt.dll + 2008-04-13 15:33:48 75,776 ----a-w C:\WINDOWS\system32\strmfilt.dll - 2004-06-11 16:43:46 14,336 ----a-w C:\WINDOWS\system32\svchost.exe + 2008-04-13 15:34:24 14,336 ----a-w C:\WINDOWS\system32\svchost.exe - 2004-06-11 16:43:36 711,680 ----a-w C:\WINDOWS\system32\sxs.dll + 2008-04-13 15:33:48 716,800 ----a-w C:\WINDOWS\system32\sxs.dll - 2004-06-11 16:43:36 57,856 ----a-w C:\WINDOWS\system32\synceng.dll + 2008-04-13 15:33:48 57,856 ----a-w C:\WINDOWS\system32\synceng.dll - 2004-06-11 16:43:36 197,120 ----a-w C:\WINDOWS\system32\syncui.dll + 2008-04-13 15:33:48 197,120 ----a-w C:\WINDOWS\system32\syncui.dll - 2004-06-11 16:43:46 107,520 ----a-w C:\WINDOWS\system32\sysocmgr.exe + 2008-04-13 15:34:26 107,520 ----a-w C:\WINDOWS\system32\sysocmgr.exe - 2004-06-11 16:43:36 1,006,080 ----a-w C:\WINDOWS\system32\syssetup.dll + 2008-04-13 15:33:48 1,013,248 ----a-w C:\WINDOWS\system32\syssetup.dll - 2001-08-28 13:00:00 70,656 ----a-w C:\WINDOWS\system32\systeminfo.exe + 2008-04-13 15:34:24 74,240 ----a-w C:\WINDOWS\system32\systeminfo.exe - 2004-06-11 16:43:36 210,432 ----a-w C:\WINDOWS\system32\t2embed.dll + 2008-04-13 15:33:48 117,760 ----a-w C:\WINDOWS\system32\t2embed.dll - 2004-06-11 16:43:36 860,160 ----a-w C:\WINDOWS\system32\tapi3.dll + 2008-04-13 15:33:48 860,160 ----a-w C:\WINDOWS\system32\tapi3.dll - 2004-06-11 16:43:36 181,760 ----a-w C:\WINDOWS\system32\tapi32.dll + 2008-04-13 15:33:48 181,760 ----a-w C:\WINDOWS\system32\tapi32.dll - 2004-06-11 16:43:36 246,272 ----a-w C:\WINDOWS\system32\tapisrv.dll + 2008-04-13 15:33:48 249,856 ----a-w C:\WINDOWS\system32\tapisrv.dll - 2001-08-28 13:00:00 74,240 ----a-w C:\WINDOWS\system32\taskkill.exe + 2008-04-13 15:34:26 78,336 ----a-w C:\WINDOWS\system32\taskkill.exe - 2001-08-28 13:00:00 74,240 ----a-w C:\WINDOWS\system32\tasklist.exe + 2008-04-13 15:34:26 79,872 ----a-w C:\WINDOWS\system32\tasklist.exe - 2004-06-11 16:43:46 143,360 ----a-w C:\WINDOWS\system32\taskmgr.exe + 2008-04-13 15:34:26 143,360 ----a-w C:\WINDOWS\system32\taskmgr.exe - 2004-06-11 16:43:36 14,848 ----a-w C:\WINDOWS\system32\tcpmib.dll + 2008-04-13 15:33:48 14,848 ----a-w C:\WINDOWS\system32\tcpmib.dll - 2004-06-11 16:43:36 46,592 ----a-w C:\WINDOWS\system32\tcpmon.dll + 2008-04-13 15:33:48 46,592 ----a-w C:\WINDOWS\system32\tcpmon.dll - 2004-06-11 16:43:36 47,104 ----a-w C:\WINDOWS\system32\tcpmonui.dll + 2008-04-13 15:33:48 47,104 ----a-w C:\WINDOWS\system32\tcpmonui.dll - 2004-06-11 16:43:46 77,824 ----a-w C:\WINDOWS\system32\telnet.exe + 2008-04-13 15:34:26 78,336 ----a-w C:\WINDOWS\system32\telnet.exe - 2004-06-11 16:43:36 358,912 ----a-w C:\WINDOWS\system32\termmgr.dll + 2008-04-13 15:33:48 358,912 ----a-w C:\WINDOWS\system32\termmgr.dll - 2004-06-11 16:43:36 297,472 ----a-w C:\WINDOWS\system32\termsrv.dll + 2008-04-13 15:33:48 297,984 ----a-w C:\WINDOWS\system32\termsrv.dll - 2004-06-11 16:43:36 391,168 ----a-w C:\WINDOWS\system32\themeui.dll + 2008-04-13 15:33:48 391,168 ----a-w C:\WINDOWS\system32\themeui.dll - 2004-06-11 16:43:46 63,488 ----a-w C:\WINDOWS\system32\tlntadmn.exe + 2008-04-13 15:34:26 63,488 ----a-w C:\WINDOWS\system32\tlntadmn.exe - 2004-06-11 16:43:46 80,384 ----a-w C:\WINDOWS\system32\tlntsess.exe + 2008-04-13 15:34:26 80,384 ----a-w C:\WINDOWS\system32\tlntsess.exe - 2004-06-11 16:43:46 75,264 ----a-w C:\WINDOWS\system32\tlntsvr.exe + 2008-04-13 15:34:26 75,264 ----a-w C:\WINDOWS\system32\tlntsvr.exe - 2004-06-11 16:43:36 7,168 ----a-w C:\WINDOWS\system32\tlntsvrp.dll + 2008-04-13 15:33:48 7,168 ----a-w C:\WINDOWS\system32\tlntsvrp.dll - 2004-06-11 16:43:46 346,624 ----a-w C:\WINDOWS\system32\tourstart.exe + 2008-04-13 15:34:26 347,136 ----a-w C:\WINDOWS\system32\tourstart.exe - 2004-06-11 16:43:46 260,096 ----a-w C:\WINDOWS\system32\tracerpt.exe + 2008-04-13 15:34:26 260,096 ----a-w C:\WINDOWS\system32\tracerpt.exe - 2004-06-11 16:43:46 13,312 ----a-w C:\WINDOWS\system32\tracert.exe + 2008-04-13 15:34:26 13,312 ----a-w C:\WINDOWS\system32\tracert.exe - 2001-08-28 13:00:00 11,264 ----a-w C:\WINDOWS\system32\tree.com + 2008-04-13 15:34:32 12,800 ----a-w C:\WINDOWS\system32\tree.com - 2004-06-11 16:43:36 90,624 ----a-w C:\WINDOWS\system32\trkwks.dll + 2008-04-13 15:33:48 90,112 ----a-w C:\WINDOWS\system32\trkwks.dll - 2004-06-11 16:43:36 94,208 ----a-w C:\WINDOWS\system32\tscfgwmi.dll + 2008-04-13 15:33:48 94,208 ----a-w C:\WINDOWS\system32\tscfgwmi.dll - 2004-06-11 16:43:58 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll + 2008-04-13 15:34:54 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll + 2008-04-13 15:33:48 53,248 ------w C:\WINDOWS\system32\tsgqec.dll + 2008-04-13 15:33:48 50,688 ------w C:\WINDOWS\system32\tspkg.dll - 2004-06-11 16:43:36 44,032 ----a-w C:\WINDOWS\system32\twext.dll + 2008-04-13 15:33:48 57,856 ----a-w C:\WINDOWS\system32\twext.dll - 2004-06-11 16:43:36 142,848 ----a-w C:\WINDOWS\system32\txflog.dll + 2008-04-13 15:33:48 101,376 ----a-w C:\WINDOWS\system32\txflog.dll + 2008-03-27 10:40:24 60,416 ------w C:\WINDOWS\system32\tzchange.exe - 2004-06-11 16:43:36 25,600 ----a-w C:\WINDOWS\system32\udhisapi.dll + 2008-04-13 15:33:48 26,624 ----a-w C:\WINDOWS\system32\udhisapi.dll - 2004-06-11 16:43:36 311,808 ----a-w C:\WINDOWS\system32\ulib.dll + 2008-04-13 15:33:48 311,808 ----a-w C:\WINDOWS\system32\ulib.dll - 2004-06-11 16:43:36 36,864 ----a-w C:\WINDOWS\system32\umandlg.dll + 2008-04-13 15:33:48 36,864 ----a-w C:\WINDOWS\system32\umandlg.dll - 2004-06-11 16:43:36 119,808 ----a-w C:\WINDOWS\system32\umpnpmgr.dll + 2008-04-13 15:33:48 124,928 ----a-w C:\WINDOWS\system32\umpnpmgr.dll - 2004-06-11 16:43:36 78,848 ----a-w C:\WINDOWS\system32\unimdmat.dll + 2008-04-13 15:33:48 78,848 ----a-w C:\WINDOWS\system32\unimdmat.dll - 2004-06-11 16:43:36 13,824 ----a-w C:\WINDOWS\system32\uniplat.dll + 2008-04-13 15:33:48 13,824 ----a-w C:\WINDOWS\system32\uniplat.dll - 2004-06-11 16:43:36 316,416 ----a-w C:\WINDOWS\system32\untfs.dll + 2008-04-13 15:33:48 316,416 ----a-w C:\WINDOWS\system32\untfs.dll - 2004-06-11 16:43:36 132,608 ----a-w C:\WINDOWS\system32\upnp.dll + 2008-04-13 15:33:48 133,632 ----a-w C:\WINDOWS\system32\upnp.dll - 2004-06-11 16:43:46 16,896 ----a-w C:\WINDOWS\system32\upnpcont.exe + 2008-04-13 15:34:28 16,896 ----a-w C:\WINDOWS\system32\upnpcont.exe - 2004-06-11 16:43:36 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll + 2008-04-13 15:33:50 186,368 ----a-w C:\WINDOWS\system32\upnphost.dll - 2004-06-11 16:43:36 240,128 ----a-w C:\WINDOWS\system32\upnpui.dll + 2008-04-13 15:33:50 240,128 ----a-w C:\WINDOWS\system32\upnpui.dll - 2004-06-11 16:43:46 18,432 ----a-w C:\WINDOWS\system32\ups.exe + 2008-04-13 15:34:28 18,432 ----a-w C:\WINDOWS\system32\ups.exe - 2004-06-11 16:43:36 37,376 ----a-w C:\WINDOWS\system32\url.dll + 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\url.dll - 2004-06-11 16:43:36 599,552 ------w C:\WINDOWS\system32\urlmon.dll + 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll - 2004-06-11 16:43:36 16,896 ----a-w C:\WINDOWS\system32\usbmon.dll + 2008-04-13 15:33:50 16,896 ----a-w C:\WINDOWS\system32\usbmon.dll - 2004-06-11 16:43:36 77,312 ----a-w C:\WINDOWS\system32\usbui.dll + 2008-04-13 15:33:50 77,312 ----a-w C:\WINDOWS\system32\usbui.dll - 2004-06-11 16:43:36 579,072 ----a-w C:\WINDOWS\system32\user32.dll + 2008-04-13 15:33:50 579,584 ----a-w C:\WINDOWS\system32\user32.dll - 2004-06-11 16:43:36 730,112 ----a-w C:\WINDOWS\system32\userenv.dll + 2008-04-13 15:33:50 734,720 ----a-w C:\WINDOWS\system32\userenv.dll - 2004-06-11 16:43:46 25,088 ----a-w C:\WINDOWS\system32\userinit.exe + 2008-04-13 15:34:28 26,624 ----a-w C:\WINDOWS\system32\userinit.exe + 2008-04-13 05:44:18 17,920 ------w C:\WINDOWS\system32\usmt\cobramsg.dll - 2004-06-11 16:43:22 125,440 ----a-w C:\WINDOWS\system32\usmt\guitrn.dll + 2008-04-13 15:33:28 134,656 ----a-w C:\WINDOWS\system32\usmt\guitrn.dll + 2008-04-13 15:33:28 115,712 ------w C:\WINDOWS\system32\usmt\guitrna.dll - 2004-06-11 16:43:24 4,096 ----a-w C:\WINDOWS\system32\usmt\iconlib.dll + 2008-04-13 05:44:30 2,560 ----a-w C:\WINDOWS\system32\usmt\iconlib.dll - 2004-06-11 16:43:26 19,968 ----a-w C:\WINDOWS\system32\usmt\log.dll + 2008-04-13 15:33:30 19,968 ----a-w C:\WINDOWS\system32\usmt\log.dll - 2004-06-11 16:43:26 201,216 ----a-w C:\WINDOWS\system32\usmt\migism.dll + 2008-04-13 15:33:30 274,432 ----a-w C:\WINDOWS\system32\usmt\migism.dll + 2008-04-13 15:33:30 261,120 ------w C:\WINDOWS\system32\usmt\migisma.dll - 2004-06-11 16:43:42 103,936 ----a-w C:\WINDOWS\system32\usmt\migload.exe + 2008-04-13 15:34:12 104,448 ----a-w C:\WINDOWS\system32\usmt\migload.exe - 2004-06-11 16:43:42 246,784 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe + 2008-04-13 15:34:12 251,904 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe + 2008-04-13 15:34:12 247,808 ------w C:\WINDOWS\system32\usmt\migwiza.exe - 2004-06-11 16:43:34 204,800 ----a-w C:\WINDOWS\system32\usmt\script.dll + 2008-04-13 15:33:42 217,600 ----a-w C:\WINDOWS\system32\usmt\script.dll + 2008-04-13 15:33:42 201,216 ------w C:\WINDOWS\system32\usmt\scripta.dll - 2004-06-11 16:43:36 169,472 ----a-w C:\WINDOWS\system32\usmt\sysmod.dll + 2008-04-13 15:33:48 193,536 ----a-w C:\WINDOWS\system32\usmt\sysmod.dll + 2008-04-13 15:33:48 173,568 ------w C:\WINDOWS\system32\usmt\sysmoda.dll - 2004-06-11 16:43:36 406,016 ----a-w C:\WINDOWS\system32\usp10.dll + 2008-04-13 15:33:50 406,016 ----a-w C:\WINDOWS\system32\usp10.dll - 2004-06-11 16:43:46 50,176 ----a-w C:\WINDOWS\system32\utilman.exe + 2008-04-13 15:34:28 50,176 ----a-w C:\WINDOWS\system32\utilman.exe - 2004-06-11 16:43:36 219,136 ----a-w C:\WINDOWS\system32\uxtheme.dll + 2008-04-13 15:33:50 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll - 2004-06-11 16:43:36 30,749 ----a-w C:\WINDOWS\system32\vbajet32.dll + 2008-04-13 15:33:50 30,749 ----a-w C:\WINDOWS\system32\vbajet32.dll - 2004-06-11 16:43:36 421,888 ----a-w C:\WINDOWS\system32\vbscript.dll + 2008-05-09 10:55:00 430,080 ----a-w C:\WINDOWS\system32\vbscript.dll - 2004-06-11 16:43:36 26,112 ----a-w C:\WINDOWS\system32\vdmdbg.dll + 2008-04-13 15:33:50 26,112 ----a-w C:\WINDOWS\system32\vdmdbg.dll - 2004-06-11 16:43:36 51,712 ----a-w C:\WINDOWS\system32\vdmredir.dll + 2008-04-13 15:33:50 51,712 ----a-w C:\WINDOWS\system32\vdmredir.dll + 2008-04-13 15:34:28 28,672 ------w C:\WINDOWS\system32\verclsid.exe - 2001-08-28 13:00:00 13,312 ----a-w C:\WINDOWS\system32\verifier.dll + 2008-04-13 15:33:50 26,624 ----a-w C:\WINDOWS\system32\verifier.dll - 2004-06-11 16:43:36 18,944 ----a-w C:\WINDOWS\system32\version.dll + 2008-04-13 15:33:50 18,944 ----a-w C:\WINDOWS\system32\version.dll - 2004-06-11 16:43:36 430,592 ----a-w C:\WINDOWS\system32\vssapi.dll + 2008-04-13 15:33:50 430,592 ----a-w C:\WINDOWS\system32\vssapi.dll - 2004-06-11 16:43:46 295,424 ----a-w C:\WINDOWS\system32\vssvc.exe + 2008-04-13 15:34:28 295,424 ----a-w C:\WINDOWS\system32\vssvc.exe - 2004-06-11 16:43:36 178,688 ----a-w C:\WINDOWS\system32\w32time.dll + 2008-04-13 15:33:50 178,176 ----a-w C:\WINDOWS\system32\w32time.dll - 2004-06-11 16:43:36 15,872 ----a-w C:\WINDOWS\system32\w3ssl.dll + 2008-04-13 15:33:50 15,872 ----a-w C:\WINDOWS\system32\w3ssl.dll - 2004-06-10 16:24:10 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys + 2008-04-13 07:45:00 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys - 2001-08-28 13:00:00 208,896 ----a-w C:\WINDOWS\system32\wavemsp.dll + 2008-04-13 15:33:50 215,552 ----a-w C:\WINDOWS\system32\wavemsp.dll - 2004-06-11 16:43:20 1,352,704 ----a-w C:\WINDOWS\system32\wbem\cimwin32.dll + 2008-04-13 15:33:22 1,359,360 ----a-w C:\WINDOWS\system32\wbem\cimwin32.dll - 2004-06-11 16:43:22 45,568 ----a-w C:\WINDOWS\system32\wbem\CmdEvTgProv.dll + 2008-04-13 15:33:26 45,056 ----a-w C:\WINDOWS\system32\wbem\cmdevtgprov.dll - 2004-06-11 16:43:22 247,808 ----a-w C:\WINDOWS\system32\wbem\esscli.dll + 2008-04-13 15:33:26 247,808 ----a-w C:\WINDOWS\system32\wbem\esscli.dll - 2004-06-11 16:43:22 22,016 ----a-w C:\WINDOWS\system32\wbem\evntrprv.dll + 2008-04-13 15:33:26 21,504 ----a-w C:\WINDOWS\system32\wbem\evntrprv.dll - 2004-06-11 16:43:22 472,064 ----a-w C:\WINDOWS\system32\wbem\fastprox.dll + 2008-04-13 15:33:26 472,064 ----a-w C:\WINDOWS\system32\wbem\fastprox.dll - 2004-06-11 16:43:22 185,856 ----a-w C:\WINDOWS\system32\wbem\framedyn.dll + 2008-04-13 15:33:26 185,344 ----a-w C:\WINDOWS\system32\wbem\framedyn.dll - 2004-06-11 16:43:26 24,576 ----a-w C:\WINDOWS\system32\wbem\krnlprov.dll + 2008-04-13 15:33:30 24,576 ----a-w C:\WINDOWS\system32\wbem\krnlprov.dll - 2004-06-11 16:43:42 16,896 ----a-w C:\WINDOWS\system32\wbem\mofcomp.exe + 2008-04-13 15:34:12 16,896 ----a-w C:\WINDOWS\system32\wbem\mofcomp.exe - 2004-06-11 16:43:26 124,928 ----a-w C:\WINDOWS\system32\wbem\mofd.dll + 2008-04-13 15:33:32 124,928 ----a-w C:\WINDOWS\system32\wbem\mofd.dll - 2004-06-11 16:43:30 47,104 ----a-w C:\WINDOWS\system32\wbem\ncprov.dll + 2008-04-13 15:33:36 47,104 ----a-w C:\WINDOWS\system32\wbem\ncprov.dll - 2004-06-11 16:43:30 212,992 ----a-w C:\WINDOWS\system32\wbem\ntevt.dll + 2008-04-13 15:33:38 212,992 ----a-w C:\WINDOWS\system32\wbem\ntevt.dll - 2004-06-11 16:43:32 92,672 ----a-w C:\WINDOWS\system32\wbem\policman.dll + 2008-04-13 15:33:40 92,672 ----a-w C:\WINDOWS\system32\wbem\policman.dll - 2004-06-11 16:43:32 237,056 ----a-w C:\WINDOWS\system32\wbem\provthrd.dll + 2008-04-13 15:33:40 237,056 ----a-w C:\WINDOWS\system32\wbem\provthrd.dll - 2004-06-11 16:43:32 177,152 ----a-w C:\WINDOWS\system32\wbem\repdrvfs.dll + 2008-04-13 15:33:40 178,176 ----a-w C:\WINDOWS\system32\wbem\repdrvfs.dll - 2004-06-11 16:43:46 36,864 ----a-w C:\WINDOWS\system32\wbem\scrcons.exe + 2008-04-13 15:34:22 36,352 ----a-w C:\WINDOWS\system32\wbem\scrcons.exe - 2004-06-11 16:43:36 86,528 ----a-w C:\WINDOWS\system32\wbem\stdprov.dll + 2008-04-13 15:33:48 86,528 ----a-w C:\WINDOWS\system32\wbem\stdprov.dll - 2004-06-11 16:43:36 131,584 ----a-w C:\WINDOWS\system32\wbem\viewprov.dll + 2008-04-13 15:33:50 131,584 ----a-w C:\WINDOWS\system32\wbem\viewprov.dll - 2004-06-11 16:43:36 200,704 ----a-w C:\WINDOWS\system32\wbem\wbemcntl.dll + 2008-04-13 15:33:50 201,216 ----a-w C:\WINDOWS\system32\wbem\wbemcntl.dll - 2004-06-11 16:43:36 215,040 ----a-w C:\WINDOWS\system32\wbem\wbemcomn.dll + 2008-04-13 15:33:50 214,528 ----a-w C:\WINDOWS\system32\wbem\wbemcomn.dll - 2004-06-11 16:43:36 71,680 ----a-w C:\WINDOWS\system32\wbem\wbemcons.dll + 2008-04-13 15:33:50 71,680 ----a-w C:\WINDOWS\system32\wbem\wbemcons.dll - 2004-06-11 16:43:36 530,944 ----a-w C:\WINDOWS\system32\wbem\wbemcore.dll + 2008-04-13 15:33:50 531,456 ----a-w C:\WINDOWS\system32\wbem\wbemcore.dll - 2004-06-11 16:43:36 178,176 ----a-w C:\WINDOWS\system32\wbem\wbemdisp.dll + 2008-04-13 15:33:50 178,176 ----a-w C:\WINDOWS\system32\wbem\wbemdisp.dll - 2004-06-11 16:43:38 273,920 ----a-w C:\WINDOWS\system32\wbem\wbemess.dll + 2008-04-13 15:33:50 273,920 ----a-w C:\WINDOWS\system32\wbem\wbemess.dll - 2004-06-11 16:43:38 44,544 ----a-w C:\WINDOWS\system32\wbem\wbemperf.dll + 2008-04-13 15:33:50 44,544 ----a-w C:\WINDOWS\system32\wbem\wbemperf.dll - 2004-06-11 16:43:38 18,944 ----a-w C:\WINDOWS\system32\wbem\wbemprox.dll + 2008-04-13 15:33:50 18,944 ----a-w C:\WINDOWS\system32\wbem\wbemprox.dll - 2004-06-11 16:43:38 43,520 ----a-w C:\WINDOWS\system32\wbem\wbemsvc.dll + 2008-04-13 15:33:50 43,520 ----a-w C:\WINDOWS\system32\wbem\wbemsvc.dll - 2004-06-11 16:43:46 119,808 ----a-w C:\WINDOWS\system32\wbem\wbemtest.exe + 2008-04-13 15:34:28 119,808 ----a-w C:\WINDOWS\system32\wbem\wbemtest.exe - 2004-06-11 16:43:38 197,120 ----a-w C:\WINDOWS\system32\wbem\wbemupgd.dll + 2008-04-13 15:33:50 197,120 ----a-w C:\WINDOWS\system32\wbem\wbemupgd.dll - 2004-06-11 16:43:46 196,608 ----a-w C:\WINDOWS\system32\wbem\wmiadap.exe + 2008-04-13 15:34:30 196,608 ----a-w C:\WINDOWS\system32\wbem\wmiadap.exe - 2004-06-11 16:32:18 7,680 ----a-w C:\WINDOWS\system32\wbem\wmiapres.dll + 2008-04-13 14:59:40 7,680 ----a-w C:\WINDOWS\system32\wbem\wmiapres.dll - 2004-06-11 16:43:38 89,088 ----a-w C:\WINDOWS\system32\wbem\wmiaprpl.dll + 2008-04-13 15:33:50 88,576 ----a-w C:\WINDOWS\system32\wbem\wmiaprpl.dll - 2004-06-11 16:43:46 126,464 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe + 2008-04-13 15:34:30 126,464 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe - 2004-06-11 16:43:46 369,152 ----a-w C:\WINDOWS\system32\wbem\wmic.exe + 2008-04-13 15:34:30 369,664 ----a-w C:\WINDOWS\system32\wbem\wmic.exe - 2004-06-11 16:43:38 60,416 ----a-w C:\WINDOWS\system32\wbem\wmicookr.dll + 2008-04-13 15:33:50 60,928 ----a-w C:\WINDOWS\system32\wbem\wmicookr.dll - 2004-06-11 16:43:38 140,800 ----a-w C:\WINDOWS\system32\wbem\wmidcprv.dll + 2008-04-13 15:33:50 140,800 ----a-w C:\WINDOWS\system32\wbem\wmidcprv.dll - 2004-06-11 16:43:38 156,672 ----a-w C:\WINDOWS\system32\wbem\wmipcima.dll + 2008-04-13 15:33:50 156,672 ----a-w C:\WINDOWS\system32\wbem\wmipcima.dll - 2004-06-11 16:43:38 132,096 ----a-w C:\WINDOWS\system32\wbem\wmipdskq.dll + 2008-04-13 15:33:50 132,096 ----a-w C:\WINDOWS\system32\wbem\wmipdskq.dll - 2004-06-11 16:43:38 62,464 ----a-w C:\WINDOWS\system32\wbem\wmipiprt.dll + 2008-04-13 15:33:50 61,952 ----a-w C:\WINDOWS\system32\wbem\wmipiprt.dll - 2004-06-11 16:43:38 62,976 ----a-w C:\WINDOWS\system32\wbem\wmipjobj.dll + 2008-04-13 15:33:50 62,464 ----a-w C:\WINDOWS\system32\wbem\wmipjobj.dll - 2004-06-11 16:43:38 144,896 ----a-w C:\WINDOWS\system32\wbem\wmiprov.dll + 2008-04-13 15:33:50 144,896 ----a-w C:\WINDOWS\system32\wbem\wmiprov.dll - 2004-06-11 16:43:38 437,248 ----a-w C:\WINDOWS\system32\wbem\wmiprvsd.dll + 2008-04-13 15:33:50 437,248 ----a-w C:\WINDOWS\system32\wbem\wmiprvsd.dll - 2004-06-11 16:43:46 218,112 ----a-w C:\WINDOWS\system32\wbem\wmiprvse.exe + 2008-04-13 15:34:30 218,112 ----a-w C:\WINDOWS\system32\wbem\wmiprvse.exe - 2004-06-11 16:43:38 41,472 ----a-w C:\WINDOWS\system32\wbem\wmipsess.dll + 2008-04-13 15:33:50 41,472 ----a-w C:\WINDOWS\system32\wbem\wmipsess.dll - 2004-06-11 16:43:38 145,408 ----a-w C:\WINDOWS\system32\wbem\wmisvc.dll + 2008-04-13 15:33:50 145,408 ----a-w C:\WINDOWS\system32\wbem\wmisvc.dll - 2004-06-11 16:43:38 99,328 ----a-w C:\WINDOWS\system32\wbem\wmiutils.dll + 2008-04-13 15:33:50 99,328 ----a-w C:\WINDOWS\system32\wbem\wmiutils.dll - 2004-06-11 16:43:38 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll + 2008-04-13 15:33:50 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll - 2004-06-11 12:43:48 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv + 2008-04-13 15:34:36 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv - 2004-06-11 16:43:38 281,600 ----a-w C:\WINDOWS\system32\webcheck.dll + 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll - 2004-06-11 16:43:38 67,584 ----a-w C:\WINDOWS\system32\webclnt.dll + 2008-04-13 15:33:50 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll - 2004-06-11 16:43:38 136,192 ----a-w C:\WINDOWS\system32\webvw.dll + 2008-04-13 15:33:50 136,192 ----a-w C:\WINDOWS\system32\webvw.dll - 2004-06-11 16:43:46 66,560 ----a-w C:\WINDOWS\system32\wextract.exe + 2008-04-13 15:34:28 66,560 ----a-w C:\WINDOWS\system32\wextract.exe - 2004-06-11 16:43:46 438,784 ----a-w C:\WINDOWS\system32\wiaacmgr.exe + 2008-04-13 15:34:28 438,784 ----a-w C:\WINDOWS\system32\wiaacmgr.exe - 2004-06-11 16:43:38 465,920 ----a-w C:\WINDOWS\system32\wiadefui.dll + 2008-04-13 15:33:50 465,920 ----a-w C:\WINDOWS\system32\wiadefui.dll - 2004-06-11 16:43:38 124,416 ----a-w C:\WINDOWS\system32\wiadss.dll + 2008-04-13 15:33:50 124,928 ----a-w C:\WINDOWS\system32\wiadss.dll - 2004-06-11 16:43:38 75,264 ----a-w C:\WINDOWS\system32\wiascr.dll + 2008-04-13 15:33:50 75,776 ----a-w C:\WINDOWS\system32\wiascr.dll - 2004-06-11 16:43:38 333,312 ----a-w C:\WINDOWS\system32\wiaservc.dll + 2008-04-13 15:33:50 334,336 ----a-w C:\WINDOWS\system32\wiaservc.dll - 2004-06-11 16:43:38 594,432 ----a-w C:\WINDOWS\system32\wiashext.dll + 2008-04-13 15:33:50 594,432 ----a-w C:\WINDOWS\system32\wiashext.dll - 2004-06-11 16:43:38 110,592 ----a-w C:\WINDOWS\system32\wiavideo.dll + 2008-04-13 15:33:50 111,104 ----a-w C:\WINDOWS\system32\wiavideo.dll - 2004-06-11 16:39:46 1,830,144 ----a-w C:\WINDOWS\system32\win32k.sys + 2008-04-13 14:58:08 1,845,760 ----a-w C:\WINDOWS\system32\win32k.sys - 2004-06-11 16:43:38 101,888 ----a-w C:\WINDOWS\system32\win32spl.dll + 2008-04-13 15:33:50 102,912 ----a-w C:\WINDOWS\system32\win32spl.dll - 2004-06-11 16:39:46 784,384 ----a-w C:\WINDOWS\system32\winbrand.dll + 2008-04-13 14:58:14 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll - 2006-10-24 08:30:06 716,288 ------w C:\WINDOWS\system32\WindowsCodecs.dll + 2008-04-13 15:33:50 712,704 ------w C:\WINDOWS\system32\windowscodecs.dll - 2006-10-24 08:29:50 352,256 ------w C:\WINDOWS\system32\WindowsCodecsExt.dll + 2008-04-13 15:33:50 346,112 ------w C:\WINDOWS\system32\windowscodecsext.dll + 2007-08-13 14:45:16 206,336 ------w C:\WINDOWS\system32\WinFXDocObj.exe - 2004-06-11 16:43:38 351,232 ----a-w C:\WINDOWS\system32\winhttp.dll + 2008-04-13 15:33:50 354,304 ----a-w C:\WINDOWS\system32\winhttp.dll - 2004-06-11 16:43:38 652,800 ------w C:\WINDOWS\system32\wininet.dll + 2008-04-23 04:16:40 826,368 ----a-w C:\WINDOWS\system32\wininet.dll - 2004-06-11 16:43:38 32,768 ----a-w C:\WINDOWS\system32\winipsec.dll + 2008-04-13 15:33:50 32,256 ----a-w C:\WINDOWS\system32\winipsec.dll - 2004-06-11 16:43:46 512,000 ----a-w C:\WINDOWS\system32\winlogon.exe + 2008-04-13 15:34:30 512,000 ----a-w C:\WINDOWS\system32\winlogon.exe - 2004-06-11 16:43:38 180,736 ----a-w C:\WINDOWS\system32\winmm.dll + 2008-04-13 15:33:50 180,736 ----a-w C:\WINDOWS\system32\winmm.dll - 2004-06-11 16:42:36 773,632 ----a-w C:\WINDOWS\system32\winntbbu.dll + 2008-04-13 15:32:54 764,416 ----a-w C:\WINDOWS\system32\winntbbu.dll - 2004-06-11 16:43:38 16,896 ----a-w C:\WINDOWS\system32\winrnr.dll + 2008-04-13 15:33:50 16,896 ----a-w C:\WINDOWS\system32\winrnr.dll - 2004-06-11 16:43:38 100,352 ----a-w C:\WINDOWS\system32\winscard.dll + 2008-04-13 15:33:50 100,352 ----a-w C:\WINDOWS\system32\winscard.dll - 2004-06-11 16:43:38 17,408 ----a-w C:\WINDOWS\system32\winshfhc.dll + 2008-04-13 15:33:50 17,408 ----a-w C:\WINDOWS\system32\winshfhc.dll - 2004-06-11 16:43:48 145,408 ----a-w C:\WINDOWS\system32\winspool.drv + 2008-04-13 15:34:36 146,944 ----a-w C:\WINDOWS\system32\winspool.drv - 2004-06-11 16:43:38 292,352 ----a-w C:\WINDOWS\system32\winsrv.dll + 2008-04-13 15:33:50 293,888 ----a-w C:\WINDOWS\system32\winsrv.dll - 2004-06-11 16:43:38 53,760 ----a-w C:\WINDOWS\system32\winsta.dll + 2008-04-13 15:33:50 53,760 ----a-w C:\WINDOWS\system32\winsta.dll - 2004-06-11 16:43:38 177,152 ----a-w C:\WINDOWS\system32\wintrust.dll + 2008-04-13 15:33:50 176,640 ----a-w C:\WINDOWS\system32\wintrust.dll - 2004-06-11 16:43:46 5,632 ----a-w C:\WINDOWS\system32\winver.exe + 2008-04-13 15:34:30 5,632 ----a-w C:\WINDOWS\system32\winver.exe - 2004-06-11 16:43:38 131,072 ----a-w C:\WINDOWS\system32\wkssvc.dll + 2008-04-13 15:33:50 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll + 2008-04-13 15:33:50 69,120 ------w C:\WINDOWS\system32\wlanapi.dll - 2004-06-11 16:43:38 175,616 ----a-w C:\WINDOWS\system32\wldap32.dll + 2008-04-13 15:33:50 172,544 ----a-w C:\WINDOWS\system32\wldap32.dll - 2004-06-11 16:43:38 94,208 ----a-w C:\WINDOWS\system32\wlnotify.dll + 2008-04-13 15:33:50 94,208 ----a-w C:\WINDOWS\system32\wlnotify.dll - 2004-06-11 16:43:38 408,064 ----a-w C:\WINDOWS\system32\wmadmod.dll + 2008-04-13 15:33:50 408,064 ----a-w C:\WINDOWS\system32\wmadmod.dll - 2004-06-11 16:43:38 670,720 ----a-w C:\WINDOWS\system32\wmadmoe.dll + 2008-04-13 15:33:50 670,720 ----a-w C:\WINDOWS\system32\wmadmoe.dll - 2004-06-11 16:43:38 230,400 ----a-w C:\WINDOWS\system32\wmasf.dll + 2008-04-13 15:33:50 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll - 2004-06-11 16:43:38 27,136 ----a-w C:\WINDOWS\system32\wmdmlog.dll + 2008-04-13 15:33:50 27,136 ----a-w C:\WINDOWS\system32\wmdmlog.dll - 2004-06-11 16:43:38 23,552 ----a-w C:\WINDOWS\system32\wmdmps.dll + 2008-04-13 15:33:50 23,552 ----a-w C:\WINDOWS\system32\wmdmps.dll - 2004-06-11 16:39:52 200,704 ----a-w C:\WINDOWS\system32\wmerror.dll + 2008-04-13 14:59:36 200,704 ----a-w C:\WINDOWS\system32\wmerror.dll - 2004-06-11 16:42:36 5,632 ----a-w C:\WINDOWS\system32\wmi.dll + 2008-04-13 15:32:56 5,632 ----a-w C:\WINDOWS\system32\wmi.dll - 2004-06-11 16:43:38 151,552 ----a-w C:\WINDOWS\system32\wmidx.dll + 2008-04-13 15:33:50 151,552 ----a-w C:\WINDOWS\system32\wmidx.dll - 2004-06-11 16:43:38 1,050,624 ----a-w C:\WINDOWS\system32\wmnetmgr.dll + 2008-04-13 15:33:50 1,053,184 ----a-w C:\WINDOWS\system32\wmnetmgr.dll - 2004-06-11 16:43:38 4,874,240 ----a-w C:\WINDOWS\system32\wmp.dll + 2008-04-13 15:33:50 4,874,240 ----a-w C:\WINDOWS\system32\wmp.dll - 2004-06-11 16:43:38 114,688 ----a-w C:\WINDOWS\system32\wmpasf.dll + 2008-04-13 15:33:50 114,688 ----a-w C:\WINDOWS\system32\wmpasf.dll - 2004-06-11 16:43:38 20,480 ----a-w C:\WINDOWS\system32\wmpcd.dll + 2008-04-13 15:33:50 20,480 ----a-w C:\WINDOWS\system32\wmpcd.dll - 2004-06-11 16:43:38 20,480 ----a-w C:\WINDOWS\system32\wmpcore.dll + 2008-04-13 15:33:50 20,480 ----a-w C:\WINDOWS\system32\wmpcore.dll - 2004-06-11 16:43:38 233,472 ----a-w C:\WINDOWS\system32\wmpdxm.dll + 2008-04-13 15:33:50 233,472 ----a-w C:\WINDOWS\system32\wmpdxm.dll - 2006-10-24 08:30:00 276,992 ------w C:\WINDOWS\system32\WMPhoto.dll + 2008-04-13 15:33:50 276,992 ------w C:\WINDOWS\system32\wmphoto.dll - 2004-06-11 16:33:50 2,985,984 ----a-w C:\WINDOWS\system32\wmploc.dll + 2008-04-13 15:02:18 2,985,984 ----a-w C:\WINDOWS\system32\wmploc.dll - 2004-06-11 16:43:38 221,184 ----a-w C:\WINDOWS\system32\wmpns.dll + 2008-04-13 15:33:50 221,184 ----a-w C:\WINDOWS\system32\wmpns.dll - 2004-06-11 16:43:38 102,400 ----a-w C:\WINDOWS\system32\wmpshell.dll + 2008-04-13 15:33:50 102,400 ----a-w C:\WINDOWS\system32\wmpshell.dll - 2004-06-11 16:43:38 20,480 ----a-w C:\WINDOWS\system32\wmpui.dll + 2008-04-13 15:33:50 20,480 ----a-w C:\WINDOWS\system32\wmpui.dll - 2004-06-11 16:43:38 759,296 ----a-w C:\WINDOWS\system32\wmsdmod.dll + 2008-04-13 15:33:50 759,296 ----a-w C:\WINDOWS\system32\wmsdmod.dll - 2004-06-11 16:43:38 115,200 ----a-w C:\WINDOWS\system32\wmsdmoe.dll + 2008-04-13 15:33:50 115,200 ----a-w C:\WINDOWS\system32\wmsdmoe.dll - 2004-06-11 16:43:38 1,119,744 ----a-w C:\WINDOWS\system32\wmsdmoe2.dll + 2008-04-13 15:33:50 1,119,744 ----a-w C:\WINDOWS\system32\wmsdmoe2.dll - 2004-06-11 16:43:38 484,864 ----a-w C:\WINDOWS\system32\wmspdmod.dll + 2008-04-13 15:33:50 485,376 ----a-w C:\WINDOWS\system32\wmspdmod.dll - 2004-06-11 16:43:38 896,512 ----a-w C:\WINDOWS\system32\wmspdmoe.dll + 2008-04-13 15:33:50 897,024 ----a-w C:\WINDOWS\system32\wmspdmoe.dll - 2004-06-11 16:43:38 303,616 ----a-w C:\WINDOWS\system32\wmstream.dll + 2008-04-13 15:33:50 303,616 ----a-w C:\WINDOWS\system32\wmstream.dll - 2004-06-11 16:43:52 2,105,344 ----a-w C:\WINDOWS\system32\wmvcore.dll + 2008-04-13 15:34:40 2,109,440 ----a-w C:\WINDOWS\system32\wmvcore.dll - 2004-06-11 16:43:38 809,984 ----a-w C:\WINDOWS\system32\wmvdmod.dll + 2008-04-13 15:33:50 809,984 ----a-w C:\WINDOWS\system32\wmvdmod.dll - 2004-06-11 16:43:38 1,001,472 ----a-w C:\WINDOWS\system32\wmvdmoe2.dll + 2008-04-13 15:33:50 1,001,472 ----a-w C:\WINDOWS\system32\wmvdmoe2.dll - 2004-06-11 16:43:38 265,216 ----a-w C:\WINDOWS\system32\wow32.dll + 2008-04-13 15:33:50 265,216 ----a-w C:\WINDOWS\system32\wow32.dll - 2004-06-11 16:43:46 32,256 ----a-w C:\WINDOWS\system32\wpabaln.exe + 2008-04-13 15:34:30 32,256 ----a-w C:\WINDOWS\system32\wpabaln.exe - 2004-06-11 16:43:46 32,768 ----a-w C:\WINDOWS\system32\wpnpinst.exe + 2008-04-13 15:34:30 11,776 ----a-w C:\WINDOWS\system32\wpnpinst.exe - 2004-06-11 16:43:38 82,944 ----a-w C:\WINDOWS\system32\ws2_32.dll + 2008-04-13 15:33:50 82,432 ----a-w C:\WINDOWS\system32\ws2_32.dll - 2004-06-11 16:43:38 19,968 ----a-w C:\WINDOWS\system32\ws2help.dll + 2008-04-13 15:33:50 19,968 ----a-w C:\WINDOWS\system32\ws2help.dll - 2004-06-11 16:43:46 13,824 ----a-w C:\WINDOWS\system32\wscntfy.exe + 2008-04-13 15:34:30 13,824 ----a-w C:\WINDOWS\system32\wscntfy.exe - 2004-06-11 16:43:46 114,688 ----a-w C:\WINDOWS\system32\wscript.exe + 2008-05-08 11:24:44 155,648 ----a-w C:\WINDOWS\system32\wscript.exe - 2004-06-11 16:43:38 80,384 ----a-w C:\WINDOWS\system32\wscsvc.dll + 2008-04-13 15:33:52 80,896 ----a-w C:\WINDOWS\system32\wscsvc.dll - 2004-06-11 16:43:38 614,400 ----a-w C:\WINDOWS\system32\wsecedit.dll + 2008-04-13 15:33:52 621,568 ----a-w C:\WINDOWS\system32\wsecedit.dll - 2004-06-11 16:43:38 108,032 ----a-w C:\WINDOWS\system32\wshbth.dll + 2008-04-13 15:33:52 108,032 ----a-w C:\WINDOWS\system32\wshbth.dll - 2004-06-11 16:43:38 28,672 ----a-w C:\WINDOWS\system32\wshcon.dll + 2008-04-13 15:33:52 36,864 ----a-w C:\WINDOWS\system32\wshcon.dll - 2004-06-11 16:43:38 65,536 ----a-w C:\WINDOWS\system32\wshext.dll + 2008-05-09 10:55:00 90,112 ----a-w C:\WINDOWS\system32\wshext.dll - 2004-06-11 16:43:38 14,336 ----a-w C:\WINDOWS\system32\wship6.dll + 2008-04-13 15:33:52 14,336 ----a-w C:\WINDOWS\system32\wship6.dll - 2004-06-11 16:43:38 11,776 ----a-w C:\WINDOWS\system32\WshRm.dll + 2008-04-13 15:33:52 11,264 ----a-w C:\WINDOWS\system32\wshrm.dll - 2004-06-11 16:43:38 19,968 ----a-w C:\WINDOWS\system32\wshtcpip.dll + 2008-04-13 15:33:52 19,456 ----a-w C:\WINDOWS\system32\wshtcpip.dll - 2004-06-11 16:43:38 42,496 ----a-w C:\WINDOWS\system32\wsnmp32.dll + 2008-04-13 15:33:52 41,984 ----a-w C:\WINDOWS\system32\wsnmp32.dll - 2004-06-11 16:43:38 25,088 ----a-w C:\WINDOWS\system32\wsock32.dll + 2008-04-13 15:33:52 25,088 ----a-w C:\WINDOWS\system32\wsock32.dll - 2004-06-11 16:43:38 51,200 ----a-w C:\WINDOWS\system32\wstdecod.dll + 2008-04-13 15:33:52 51,200 ----a-w C:\WINDOWS\system32\wstdecod.dll - 2004-06-11 16:43:38 18,432 ----a-w C:\WINDOWS\system32\wtsapi32.dll + 2008-04-13 15:33:52 18,432 ----a-w C:\WINDOWS\system32\wtsapi32.dll - 2005-05-26 00:16:30 467,224 ----a-w C:\WINDOWS\system32\wuapi.dll + 2007-07-30 15:19:36 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll - 2005-05-26 00:16:30 125,720 ----a-w C:\WINDOWS\system32\wuauclt.exe + 2007-07-30 15:19:16 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe - 2005-05-26 00:16:30 1,343,768 ----a-w C:\WINDOWS\system32\wuaueng.dll + 2007-07-30 15:19:42 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll - 2004-06-11 16:43:38 6,656 ----a-w C:\WINDOWS\system32\wuauserv.dll + 2008-04-13 15:33:52 6,656 ----a-w C:\WINDOWS\system32\wuauserv.dll - 2005-05-26 00:16:32 128,792 ----a-w C:\WINDOWS\system32\wucltui.dll + 2007-07-30 15:19:32 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll - 2005-05-26 00:16:30 41,240 ----a-w C:\WINDOWS\system32\wups.dll + 2007-07-30 15:18:40 33,624 ----a-w C:\WINDOWS\system32\wups.dll - 2005-05-26 00:16:30 18,200 ----a-w C:\WINDOWS\system32\wups2.dll + 2007-07-30 15:19:12 43,352 ----a-w C:\WINDOWS\system32\wups2.dll - 2005-05-26 00:16:30 173,536 ----a-w C:\WINDOWS\system32\wuweb.dll + 2007-07-30 15:19:28 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll - 2004-06-11 16:43:38 368,640 ----a-w C:\WINDOWS\system32\wzcdlg.dll + 2008-04-13 15:33:52 384,000 ----a-w C:\WINDOWS\system32\wzcdlg.dll - 2004-06-11 16:53:30 48,640 ----a-w C:\WINDOWS\system32\wzcsapi.dll + 2008-04-13 15:33:52 52,736 ----a-w C:\WINDOWS\system32\wzcsapi.dll - 2004-06-11 16:53:30 356,864 ----a-w C:\WINDOWS\system32\wzcsvc.dll + 2008-04-13 15:33:54 483,840 ----a-w C:\WINDOWS\system32\wzcsvc.dll - 2004-06-11 16:43:40 91,648 ----a-w C:\WINDOWS\system32\xactsrv.dll + 2008-04-13 15:33:54 91,648 ----a-w C:\WINDOWS\system32\xactsrv.dll - 2004-06-11 16:43:46 30,720 ----a-w C:\WINDOWS\system32\xcopy.exe + 2008-04-13 15:34:30 30,720 ----a-w C:\WINDOWS\system32\xcopy.exe + 2008-04-13 15:33:54 121,856 ------w C:\WINDOWS\system32\xmllite.dll - 2004-06-11 16:43:40 121,856 ----a-w C:\WINDOWS\system32\xmlprov.dll + 2008-04-13 15:33:54 129,024 ----a-w C:\WINDOWS\system32\xmlprov.dll - 2004-06-11 16:43:40 50,176 ----a-w C:\WINDOWS\system32\xmlprovi.dll + 2008-04-13 15:33:54 50,176 ----a-w C:\WINDOWS\system32\xmlprovi.dll - 2004-06-11 16:43:40 13,312 ----a-w C:\WINDOWS\system32\xolehlp.dll + 2008-04-13 15:33:54 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll - 2004-06-10 16:29:54 446,976 ----a-w C:\WINDOWS\system32\xpob2res.dll + 2008-04-13 07:40:34 445,440 ----a-w C:\WINDOWS\system32\xpob2res.dll - 2004-06-10 16:28:00 198,656 ----a-w C:\WINDOWS\system32\xpsp1res.dll + 2008-04-13 07:35:22 197,632 ----a-w C:\WINDOWS\system32\xpsp1res.dll - 2004-06-10 16:28:46 2,841,600 ----a-w C:\WINDOWS\system32\xpsp2res.dll + 2008-04-13 07:36:48 2,986,496 ----a-w C:\WINDOWS\system32\xpsp2res.dll + 2008-04-13 07:39:18 778,752 ------w C:\WINDOWS\system32\xpsp3res.dll - 2004-06-11 16:43:40 340,992 ----a-w C:\WINDOWS\system32\zipfldr.dll + 2008-04-13 15:33:54 340,992 ----a-w C:\WINDOWS\system32\zipfldr.dll - 2004-06-11 16:43:36 50,176 ----a-w C:\WINDOWS\twain_32.dll + 2008-04-13 15:33:48 50,688 ----a-w C:\WINDOWS\twain_32.dll - 2004-06-11 16:43:46 288,256 ----a-w C:\WINDOWS\winhlp32.exe + 2008-04-13 15:34:28 288,256 ----a-w C:\WINDOWS\winhlp32.exe + 2007-05-08 11:06:44 1,275,392 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9848.0_x-ww_1b897e9a\msxml4.dll + 2008-04-13 15:30:56 74,802 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll + 2008-04-13 15:30:56 995,383 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll + 2008-04-13 15:30:56 1,011,774 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll + 2008-04-13 15:30:56 401,462 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll + 2006-12-01 18:54:32 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll + 2006-12-01 18:54:34 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll + 2006-12-01 18:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll + 2008-04-13 15:30:56 1,054,208 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll + 2008-04-13 15:30:56 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll + 2008-04-13 15:30:56 343,040 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll + 2008-04-13 15:30:54 1,724,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll - 2004-06-11 16:42:18 852,992 ----a-r C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll + 2008-04-13 15:30:56 852,992 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll - 2004-06-11 16:42:18 994,816 ----a-r C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll + 2008-04-13 15:30:56 994,816 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll - 2004-06-11 16:36:12 137,728 ----a-r C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_fr_457ebf3 d\rtcres.dll + 2008-04-13 15:05:54 137,728 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_fr_457ebf3 d\rtcres.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:34 15360] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 19:34 1695232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "RaidTool"="C:\Program Files\VIA\RAID\raid_tool.exe" [2005-04-26 11:22 589824] "CnxDslTaskBar"="C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe" [2002-04-04 13:33 397312] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 08:22 7700480] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 08:22 86016] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38 34672] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] "COMODO SafeSurf"="C:\Program Files\COMODO\SafeSurf\cssurf.exe" [2008-08-10 14:26 278264] "COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-08-10 14:25 1655552] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784] "nwiz"="nwiz.exe" [2006-10-22 08:22 1622016 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 19:34 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "UseDesktopIniCache"= 1 (0x1) "AllowLegacyWebView"= 1 (0x1) "AllowUnhashedWebView"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-07-07 17:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.I420"= i420vfw.dll "vidc.yv12"= yv12vfw.dll "vidc.I263"= i263_32.drv [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-08-10 14:25] R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-08-10 14:25] R3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2002-04-01 15:39] R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2002-04-01 15:39] R3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgN.sys [2002-04-04 13:31] S3 ASPI;Advanced SCSI Programming Interface Driver;C:\WINDOWS\System32\DRIVERS\ASPI32.sys [2002-07-17 09:05] S3 DAEDriver54;DAEDriver54;C:\DOCUME~1\Karnik\LOCALS~1\Temp\Rar$EX02.094\DAEng5.4.3\dak32.sys [] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\k510bus.sys [2007-07-05 13:03] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2007-07-05 13:03] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2007-07-05 13:03] S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;C:\WINDOWS\system32\DRIVERS\libusb0.sys [2006-04-22 22:34] S3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 12:31] S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 11:45] S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 11:45] S3 z530bus;Sony Ericsson Z530 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\z530bus.sys [2007-07-05 13:03] S3 z530mdfl;Sony Ericsson Z530 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\z530mdfl.sys [2007-07-05 13:03] S3 z530mdm;Sony Ericsson Z530 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\z530mdm.sys [2007-07-05 13:03] S3 z530obex;Sony Ericsson Z530 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\z530obex.sys [2007-07-05 13:03] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56136216-321f-11dd-9ed5-d8171836e77e}] \Shell\AutoRun\command - SETUP.EXE -0 \Shell\Explore\Command - SETUP.EXE -E \Shell\Open\Command - SETUP.EXE -O [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56136217-321f-11dd-9ed5-d8171836e77e}] \Shell\AutoRun\command - SETUP.EXE -0 \Shell\Explore\Command - SETUP.EXE -E \Shell\Open\Command - SETUP.EXE -O . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' 2008-08-10 C:\WINDOWS\Tasks\SpyHunter Scanner.job - C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe [] . - - - - ORPHANS REMOVED - - - - HKLM-Run-Adobe Photo Downloader - C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Karnik\Application Data\Mozilla\Firefox\Profiles\min3pyxh.default\ ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-11 21:59:34 Windows 5.1.2600 Service Pack 3 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\imapi.exe . ************************************************************************** . Temps d'accomplissement: 2008-08-11 22:04:11 - machine was rebooted ComboFix-quarantined-files.txt 2008-08-11 18:03:58 ComboFix2.txt 2008-07-28 19:30:20 Pre-Run: 23,038,484,480 octets libres Post-Run: 22,960,791,552 octets libres 5258 --- E O F --- 2008-08-10 00:49:58
  13. Kryx
    Merci! Je croyais que mon cas était hors du commun. Voici donc les rapports de DSS. Main: Deckard's System Scanner v20071014.68 Run by Karnik on 2008-08-11 21:04:32 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 20: 2008-08-11 17:04:41 UTC - RP530 - Deckard's System Scanner Restore Point 19: 2008-08-11 13:59:11 UTC - RP529 - Installé OpenOffice.org 2.4 18: 2008-08-11 13:55:37 UTC - RP528 - Supprimé OpenOffice.org 2.3 17: 2008-08-11 13:51:58 UTC - RP527 - Installé Java 6 Update 4 16: 2008-08-11 12:53:10 UTC - RP526 - Supprimé Splinter Cell Pandora Tomorrow -- First Restore Point -- 1: 2008-08-09 08:15:28 UTC - RP511 - Point de vérification système Backed up registry hives. Performed disk cleanup. Total Physical Memory: 511 MiB (512 MiB recommended). -- HijackThis (run as Karnik.exe) ---------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:05:53, on 11/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\COMODO\SafeSurf\cssurf.exe C:\Program Files\COMODO\Firewall\cfp.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Secunia\PSI (RC3)\psi.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Documents and Settings\Karnik\Bureau\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Karnik.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - https://download.macromedia.com/pub/shockwa...ash/swflash.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6192 bytes -- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) ----------- backup-20080809-223421-418 O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdfcs.exe] C:\WINDOWS\system32\kdfcs.exe -- File Associations ----------------------------------------------------------- .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%* .cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%* .reg - regfile - shell\open\command - regedit.exe "%1" %* .scr - scrfile - shell\open\command - "%1" %* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 BANTExt (Belarc SMBios Access) - c:\windows\system32\drivers\bantext.sys R3 CnxEtP (Conexant AccessRunner USB ADSL WAN Adapter Filter Driver) - c:\windows\system32\drivers\cnxetp.sys <Not Verified; Conexant; Conexant USB ADSL Modem> R3 CnxEtU (Conexant AccessRunner USB ADSL Interface Device Driver) - c:\windows\system32\drivers\cnxetu.sys <Not Verified; Conexant; Conexant USB ADSL Modem> R3 CnxTgN (Conexant AccessRunner USB ADSL WAN Adapter Driver) - c:\windows\system32\drivers\cnxtgn.sys <Not Verified; Conexant Systems Inc.; Conexant AccessRunner ADSL> R3 PSI - c:\windows\system32\drivers\psi_mf.sys <Not Verified; Secunia; Secunia Personal Software Inspector> S3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys (file missing) S3 Ad-Watch Real-Time Scanner (AW Real-Time Scanner) - c:\windows\system32\drivers\awrtpd.sys (file missing) S3 Ad-Watch Registry Filter (Ad-Watch Registry Kernel Filter) - c:\windows\system32\drivers\awrtrd.sys (file missing) S3 ASPI (Advanced SCSI Programming Interface Driver) - c:\windows\system32\drivers\aspi32.sys <Not Verified; Adaptec; Adaptec's ASPI Layer> S3 catchme - c:\docume~1\karnik\locals~1\temp\catchme.sys (file missing) S3 DAEDriver54 - c:\docume~1\karnik\locals~1\temp\rar$ex02.094\daeng5.4.3\dak32.sys (file missing) S3 GMSIPCI - e:\install\gmsipci.sys (file missing) S3 libusb0 (LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120) - c:\windows\system32\drivers\libusb0.sys <Not Verified; http://libusb-win32.sourceforge.net; LibUSB-Win32 - Kernel Driver> S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware> S3 TIEHDUSB - c:\windows\system32\drivers\tiehdusb.sys <Not Verified; Texas Instruments Incorporated; Texas Instruments Incorporated Educational Handheld Device> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AntiVirScheduler (Avira AntiVir Personal – Free Antivirus Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation> -- Device Manager: Disabled ---------------------------------------------------- Class GUID: Description: Contrôleur audio multimédia Device ID: PCI\VEN_1106&DEV_3059&SUBSYS_04701462&REV_60\3&267A616A&0&8D Manufacturer: Name: Contrôleur audio multimédia PNP Device ID: PCI\VEN_1106&DEV_3059&SUBSYS_04701462&REV_60\3&267A616A&0&8D Service: -- Scheduled Tasks ------------------------------------------------------------- 2008-08-11 02:15:00 444 --a------ C:\WINDOWS\Tasks\SpyHunter Scanner.job -- Files created between 2008-07-11 and 2008-08-11 ----------------------------- 2008-08-11 18:45:10 0 dr-h----- C:\Documents and Settings\matthias\Recent 2008-08-11 17:59:19 0 d-------- C:\Program Files\OpenOffice.org 2.4 2008-08-10 20:26:06 0 d-------- C:\Program Files\a-squared Free 2008-08-10 17:33:59 0 d-------- C:\Documents and Settings\matthias\Application Data\Comodo 2008-08-10 14:25:31 0 d-------- C:\Documents and Settings\Karnik\Application Data\Comodo 2008-08-10 14:25:28 0 d-------- C:\Documents and Settings\All Users\Application Data\comodo 2008-08-10 14:25:24 0 d-------- C:\Program Files\COMODO 2008-08-10 14:15:52 0 d-------- C:\Program Files\Avira 2008-08-10 14:15:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-08-10 12:46:11 0 d-------- C:\Program Files\Secunia 2008-08-10 12:23:05 0 d-------- C:\Documents and Settings\Karnik\Application Data\.purple 2008-08-10 12:22:34 0 d-------- C:\Program Files\Pidgin 2008-08-10 04:47:48 0 d-------- C:\Program Files\MSXML 4.0 2008-08-10 04:38:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-08-10 04:30:08 0 d-------- C:\WINDOWS\system32\PreInstall 2008-08-10 04:15:43 0 d-------- C:\WINDOWS\Prefetch 2008-08-10 04:04:29 0 d-------- C:\WINDOWS\system32\fr 2008-08-10 04:04:29 0 d-------- C:\WINDOWS\l2schemas 2008-08-10 04:04:28 0 d-------- C:\WINDOWS\system32\bits 2008-08-10 03:59:23 0 d-------- C:\WINDOWS\ServicePackFiles 2008-08-10 01:04:58 0 d-------- C:\Documents and Settings\All Users\Start Menu 2008-08-10 00:34:42 0 d-------- C:\WINDOWS\system32\fr-fr 2008-08-10 00:28:30 0 d-------- C:\WINDOWS\network diagnostic 2008-08-10 00:28:19 0 d--h----- C:\WINDOWS\$hf_mig$ 2008-08-09 20:10:48 0 d-------- C:\Documents and Settings\Karnik\Application Data\Malwarebytes 2008-08-09 20:10:41 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-09 20:10:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-09 19:25:03 0 d-------- C:\WINDOWS\ERUNT 2008-08-09 14:18:01 2952 --a------ C:\WINDOWS\system32\tmp.reg 2008-08-09 14:16:56 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-08-09 14:16:55 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; > 2008-08-09 14:16:55 51200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-08-09 14:16:54 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS> 2008-08-09 13:10:37 0 d-------- C:\Program Files\Trend Micro 2008-07-30 14:19:57 0 d-------- C:\Program Files\GOA 2008-07-29 22:08:04 0 d---s---- C:\Documents and Settings\guilli\UserData 2008-07-28 23:21:12 0 d-------- C:\Documents and Settings\Karnik\Start Menu 2008-07-28 23:20:43 0 d-------- C:\cmdcons 2008-07-11 13:51:03 0 d-------- C:\Documents and Settings\All Users\Application Data\CopyTransControlCenter -- Find3M Report --------------------------------------------------------------- 2060-08-18 18:40:44 909824 --a------ C:\WINDOWS\system32\cp3245mt.dll <Not Verified; Inprise Corporation; Borland C++ Builder 4.0> 2008-08-11 17:58:01 0 d-------- C:\Program Files\OpenOffice.org 2.3 2008-08-11 17:53:27 0 d-------- C:\Program Files\Java 2008-08-11 17:49:04 0 d-------- C:\Documents and Settings\Karnik\Application Data\OpenOffice.org2 2008-08-10 16:20:53 0 d-------- C:\Documents and Settings\Karnik\Application Data\gtk-2.0 2008-08-10 14:05:11 0 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-08-10 08:32:50 0 d-------- C:\Program Files\MSN Messenger 2008-08-10 04:17:52 368036 --a------ C:\WINDOWS\system32\perfh00C.dat 2008-08-10 04:17:52 48764 --a------ C:\WINDOWS\system32\perfc00C.dat 2008-08-10 04:14:49 0 d-------- C:\Program Files\Messenger 2008-08-10 04:04:28 0 d-------- C:\Program Files\Movie Maker 2008-08-10 03:58:33 0 d-------- C:\Program Files\Windows NT 2008-08-10 03:58:33 0 d-------- C:\Program Files\windows nt 2008-08-10 01:06:31 0 d-------- C:\Program Files\Fichiers communs\Adobe 2008-08-10 00:49:54 0 d-------- C:\Documents and Settings\Karnik\Application Data\AdobeUM 2008-07-30 16:22:01 0 d-------- C:\Program Files\Common Files 2008-07-30 14:13:08 0 d-------- C:\Program Files\Fichiers communs\InstallShield 2008-07-30 14:13:02 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-07-28 16:59:27 0 d-------- C:\Program Files\Slayers Online 2008-07-10 07:56:12 0 d-------- C:\Program Files\eRightSoft 2008-07-09 23:50:53 0 d-------- C:\Documents and Settings\Karnik\Application Data\Xilisoft Corporation 2008-07-09 23:22:20 73 --a------ C:\WINDOWS\system32\ssprs.dll 2008-07-09 23:22:20 335 --a------ C:\WINDOWS\system32\lsprst7.dll 2008-07-07 17:55:10 0 d-------- C:\Program Files\SUPERAntiSpyware 2008-07-07 15:28:18 0 d-------- C:\Documents and Settings\Karnik\Application Data\ESET 2008-07-06 03:31:28 0 d-------- C:\Program Files\KeeBoo 2008-07-06 02:56:07 0 d-------- C:\Program Files\MidiNotate 2008-07-06 02:54:04 0 d-------- C:\Program Files\Klondike WAP Browser 2008-07-06 02:14:31 0 d-------- C:\Documents and Settings\Karnik\Application Data\Lavasoft 2008-07-04 12:32:48 0 d-------- C:\Program Files\Yacc Yet Another CSO Compressor 2008-06-30 17:44:25 3847 --ahs---- C:\WINDOWS\system32\DgPqsvut.ini2 2008-06-30 17:44:24 479148 --ahs---- C:\WINDOWS\system32\MlmTEfhk.ini2 2008-06-29 17:29:27 0 d-------- C:\Program Files\WinAVI MP4 Converter 2008-06-29 12:25:30 0 d-------- C:\Program Files\PhotoFiltre 2008-06-25 17:41:20 0 d-------- C:\Documents and Settings\Karnik\Application Data\CopyTrans 2008-06-25 14:28:47 0 d-------- C:\Documents and Settings\Karnik\Application Data\CopyTransControlCenter 2008-06-11 15:35:38 0 d-------- C:\Program Files\Apollo PSP Video Converter -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] 11/06/2008 22:33 75128 --a------ C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 11:50] "RaidTool"="C:\Program Files\VIA\RAID\raid_tool.exe" [26/04/2005 11:22] "CnxDslTaskBar"="C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe" [04/04/2002 13:33] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [22/10/2006 08:22] "nwiz"="nwiz.exe" [22/10/2006 08:22 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [22/10/2006 08:22] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [12/06/2008 02:38] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [12/02/2008 10:06] "COMODO SafeSurf"="C:\Program Files\COMODO\SafeSurf\cssurf.exe" [10/08/2008 14:26] "COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [10/08/2008 14:25] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10/06/2008 04:27] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [13/04/2008 19:34] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/04/2008 19:34] C:\Documents and Settings\Karnik\Start Menu\Programs\Startup\ Secunia PSI (RC3).lnk - C:\Program Files\Secunia\PSI (RC3)\psi.exe [16/06/2008 13:03:08] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=0 (0x0) "HideStartupScripts"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=0 (0x0) "HideStartupScripts"=0 (0x0) "NoDispBackgroundPage"=0 (0x0) "NoDispScrSavPage"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "UseDesktopIniCache"=1 (0x1) "AllowLegacyWebView"=1 (0x1) "AllowUnhashedWebView"=1 (0x1) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [07/07/2008 17:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy] C:\WINDOWS\System32\dimsntfy.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"= C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] eapsvcs eaphost dot3svc dot3svc HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs napagent hkmsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c3702c4-fb2a-11db-9941-a5ef45852704}] Auto\command- G:\AdobeR.exe e AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c3702c5-fb2a-11db-9941-a5ef45852704}] Auto\command- H:\AdobeR.exe e AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56136216-321f-11dd-9ed5-d8171836e77e}] AutoRun\command- SETUP.EXE -0 Explore\Command- SETUP.EXE -E Open\Command- SETUP.EXE -O [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56136217-321f-11dd-9ed5-d8171836e77e}] AutoRun\command- SETUP.EXE -0 Explore\Command- SETUP.EXE -E Open\Command- SETUP.EXE -O [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6dde103d-f35a-11db-991f-8a9bb287f646}] Auto\command- F:\AdobeR.exe e AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db05958e-5667-11dc-9bb5-8e0df9a3b8ec}] Auto\command- AdobeR.exe e AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e -- End of Deckard's System Scanner: finished at 2008-08-11 21:07:20 ------------ Extra: Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professionnel (build 2600) SP 3.0 Architecture: X86; Language: French CPU 0: AMD Sempron Percentage of Memory in Use: 59% Physical Memory (total/avail): 510.8 MiB / 209.35 MiB Pagefile Memory (total/avail): 670.75 MiB / 319.75 MiB Virtual Memory (total/avail): 2047.88 MiB / 1933.93 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 111.79 GiB total, 21.5 GiB free. D: is CDROM (No Media) E: is CDROM (No Media) \\.\PHYSICALDRIVE0 - WDC WD1200JB-00EVA0 - 111.79 GiB - 1 partition \PARTITION0 (bootable) - Système de fichiers installable - 111.79 GiB - C: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Karnik\Application Data CommonProgramFiles=C:\Program Files\Fichiers communs COMPUTERNAME=MICHEL ComSpec=C:\WINDOWS\system32\cmd.exe DEFAULT_CA_NR=CA6 FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Karnik LANG=fr LOGONSERVER=\\MICHEL NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\Fichiers communs\GTK\2.0\bin PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0801 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Karnik\LOCALS~1\Temp TMP=C:\DOCUME~1\Karnik\LOCALS~1\Temp USERDOMAIN=MICHEL USERNAME=Karnik USERPROFILE=C:\Documents and Settings\Karnik windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- matthias (admin) Karnik (admin) guilli (admin) -- Add/Remove Programs --------------------------------------------------------- --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf a-squared Free 3.5 --> "C:\Program Files\a-squared Free\unins000.exe" Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} Adobe Shockwave Player --> C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log Adobe® Photoshop® Album Edition Découverte 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B} Anvil Studio --> C:\WINDOWS\system32\AsUninst.exe AoA Audio Extractor 1.0 --> "C:\Program Files\AoA Audio Extractor\unins000.exe" Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe Audacity 1.2.6 --> "C:\Program Files\Audacity\unins000.exe" Avira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE Belarc Advisor 6.0 --> C:\PROGRA~1\Belarc\Advisor\Uninstall.exe C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG Bibliothèques GTK+ 2.12.8 rev a (supprimer uniquement) --> C:\Program Files\Fichiers communs\GTK\2.0\uninst.exe CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe" Collection Microsoft Encarta 2001 --> MsiExec.exe /I{04020801-5D65-445A-B3B4-3DCE72BA0C6C} COMODO Firewall Pro --> C:\Program Files\COMODO\Firewall\cfpconfg.exe -u COMODO SafeSurf --> C:\Program Files\COMODO\SafeSurf\cssconfg.exe -u Coolexon 1.2.0006 --> "C:\Program Files\Coolsoft\Coolexon Dictionary\unins000.exe" CSO-DAX COMPILATOR --> "C:\WINDOWS\CSO-DAX COMPILATOR\uninstall.exe" "/U:C:\Program Files\CSO-DAX COMPILATOR\Uninstall\uninstall.xml" Data Access Objects (DAO) 3.5 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Common Files\Microsoft Shared\DAO\Uninst.isu" Dev-C++ 5 beta 9 release (4.9.9.2) --> "C:\Dev-Cpp\uninstall.exe" Digital Video Converter v1.3.0.17 --> "C:\Program Files\Digital Video Converter\Uninstall.exe" "C:\Program Files\Digital Video Converter\install.log" -u Disc2Phone --> MsiExec.exe /I{6E65247F-58F9-41CA-BE69-0316F7907170} DivX Player --> C:\WINDOWS\unvise32.exe C:\Program Files\DivX\DivX Player\uninstal.log Easy-WebPrint --> C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu" EPSON Logiciel imprimante --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R FMS --> C:\Program Files\FMS\Uninstall.exe Freez FLV to AVI/MPEG/WMV Converter --> "C:\Program Files\Smallvideosoft\Freez FLV to AVI MPEG WMV Converter\unins000.exe" GoldWave v5.17 --> "C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.17" "C:\Program Files\GoldWave\unstall.log" Google SketchUp 6 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x9 -removeonly Google SketchUp 6 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x9 -removeonly Google Video Player --> "C:\Program Files\Google\Google Video Player\Uninstall.exe" GTK+ 2.10.13 runtime environment --> "C:\Program Files\Fichiers communs\GTK\2.0\setup\unins000.exe" Gunbound --> "C:\Program Files\GOA\unins000.exe" Hackman Suite --> "C:\Program Files\TechnoLogismiki\Hackman\Uninstall.exe" "C:\Program Files\TechnoLogismiki\Hackman\install.log" -u HarmoTab 2.2 --> C:\WINDOWS\st6unst.exe -n "c:\ST6UNST.LOG" High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe HijackThis 2.0.2 --> "C:\Download\HijackThis.exe" /uninstall HTML Créateur --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\HTML Créateur\ST6UNST.LOG" Jargon Informatique --> C:\Program Files\Jargon Informatique\uninstall.exe Java 6 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040} Java 6 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Micro Application - Votre Professeur d'Anglais --> C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Votre Professeur d Anglais\Uninst.isu" Microsoft Midtown Madness 2 --> "C:\Program Files\Microsoft Games\Midtown Madness 2\UNINSTAL.EXE" /runtemp /addremove Microsoft Motocross Madness 2 --> "C:\Program Files\Microsoft Games\Motocross Madness 2\Uninstal.exe" /runtemp /addremove Microsoft Office 2000 CD-ROM 2 --> MsiExec.exe /I{0004040C-78E1-11D2-B60F-006097C998E7} Microsoft Office 2000 Professional --> MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7} MidiNotate Player --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{882AB1AC-2859-4747-B13A-72EE343A9CD2}\Setup.exe" -l0x9 Mise à jour de sécurité pour Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748) --> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978) --> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mozilla Firefox (2.0.0.16) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP Nero 6 Ultra Edition --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI Olitec Adaptateur USB ADSL WAN --> C:\Program Files\Olitec\ADSL Olitec\CnxUnist.exe -w7 AccessRunner ADSL OpenOffice.org 2.4 --> MsiExec.exe /I{A122962F-331A-4C2E-93DB-AD92D8A4FB14} PhotoFiltre --> "C:\Program Files\PhotoFiltre\Uninst.exe" Pidgin --> C:\Program Files\Pidgin\pidgin-uninst.exe Pixia --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0BCF90F-B4E4-435C-A48D-8FAAE10554F9}\Setup.exe" -l0x9 UNINSTALL Power Tab Editor 1.7 --> MsiExec.exe /I{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3} Protected Music Converter 0.99.23b --> "C:\Program Files\WMA-MP3.com\Protected Music Converter\unins000.exe" pvAuthor v3.3.1 --> C:\PROGRA~1\PACKET~1\PVAuthor\UNWISE.EXE C:\PROGRA~1\PACKET~1\PVAuthor\INSTALL.LOG Secunia PSI (RC3) --> "C:\Program Files\Secunia\PSI (RC3)\uninstall.exe" Shockwave --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\INSTALL.LOG Slayers Online --> "C:\Program Files\Slayers Online\unins000.exe" Sony Ericsson PC Suite 1.20.173 --> MsiExec.exe /I{C5ADA65A-7828-4D85-B071-ECC52B51F794} Star Downloader Free --> C:\PROGRA~1\STARDO~1\UNWISE.EXE C:\PROGRA~1\STARDO~1\INSTALL.LOG SUPER © Version 2008.bld.30 (Mar 22, 2008) --> C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0 SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} The GIMP 2.2.17 --> "C:\Program Files\GIMP-2.0\unins000.exe" TheSage --> "C:\Program Files\TheSage\uninstall.exe" TI Connect 1.6 --> MsiExec.exe /I{A8B94669-8654-4126-BD28-D0D2412CDED6} Uninstall Super Guitar Chord Finder --> C:\WINDOWS\iun3404.exe C:\sgcfinder20 VIA Gestionnaire de périphériques de plate-forme --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411} Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Yacc 0.4.0.3 --> C:\Program Files\Yacc Yet Another CSO Compressor\uninst.exe -- Application Event Log ------------------------------------------------------- Event Record #/Type3131 / Success Event Submitted/Written: 08/11/2008 07:50:33 PM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type3130 / Error Event Submitted/Written: 08/11/2008 06:14:46 PM Event ID/Source: 4118 / Avira AntiVir Event Description: C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xmlUNKNOWN20598784 Event Record #/Type3125 / Error Event Submitted/Written: 08/11/2008 04:47:38 PM Event ID/Source: 4118 / Avira AntiVir Event Description: C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xmlUNKNOWN20598784 Event Record #/Type3124 / Error Event Submitted/Written: 08/11/2008 04:34:37 PM Event ID/Source: 4118 / Avira AntiVir Event Description: C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xmlUNKNOWN20598784 Event Record #/Type3118 / Warning Event Submitted/Written: 08/10/2008 11:58:09 PM Event ID/Source: 4113 / Avira AntiVir Event Description: TR/Vundo.GenC:\WINDOWS\system32\yvrgme.dll -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type7433 / Warning Event Submitted/Written: 08/11/2008 04:54:19 PM Event ID/Source: 3 / Print Event Description: L'imprimante PDFCreator a été supprimée. Event Record #/Type7432 / Warning Event Submitted/Written: 08/11/2008 04:54:15 PM Event ID/Source: 4 / Print Event Description: L'imprimante PDFCreator est en attente de suppression. Event Record #/Type7414 / Error Event Submitted/Written: 08/11/2008 04:32:53 PM Event ID/Source: 7034 / Service Control Manager Event Description: Le service NVIDIA Display Driver Service s'est terminé de façon inattendue pour la 1ème fois. Event Record #/Type6887 / Error Event Submitted/Written: 08/09/2008 08:04:13 PM Event ID/Source: 1003 / System Error Event Description: Code erreur 1000008e, paramètre 1 c0000005, paramètre 2 804e3e23, paramètre 3 b98af7d4, paramètre 4 00000000. Event Record #/Type6873 / Error Event Submitted/Written: 08/09/2008 07:23:26 PM Event ID/Source: 10005 / DCOM Event Description: DCOM a reçu l'erreur "%%1084" lors de la mise en route du service netman avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E} -- End of Deckard's System Scanner: finished at 2008-08-11 21:07:20 ------------ P.s: J'aurais une p'tite question: le "systeme volume information" est-il important? J'ai remarqué que la plupart des trojans et worms se logeaient ds ces dossiers ( Rapport de Avira ). @bientôt
  14. Kryx
    Bonjour je suis vraiment navré de vous embêter avec mes infections. Mais à nouveau sorti d'une cure de désinfection, explorer.exe s'emballe et m'offre un bureau vide d'icones. Ma conexion est devenue super lente et mon system 32 est infecté de trojans. Je m'en remets donc à vos soyeuses analyses. Ainsi qu'un log de HiJackThis.: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:11:18, on 10/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\COMODO\SafeSurf\cssurf.exe C:\Program Files\COMODO\Firewall\cfp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Secunia\PSI (RC3)\psi.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Star Downloader\stardown.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwa...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E112D0B4-9BCE-4A5E-B251-65F50979E8BA}: NameServer = 80.10.246.130 80.10.246.3 O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6109 bytes
  15. Kryx
    Merci beaucoup de m'avoir aidé. Je lirai attentivement les conseils. Merci encore! A bientôt, vous félicitant du beau boulot que vous faites. Ps: j'ai vérifié la somme .md5 du module résident de windows et il se trouve que le clé d'activation ait été généré par un keygen. Mais l'essentiel est que les MAJ se font tout de même. Si celà pose un problème n'hésitez pas à me le dire.
  16. Kryx
    Bonjour Falkra. J'ai suivi votre tuto à la lettre: j'ai supprimé l'essentiel. SDFix n'était pas ds la liste des programmes; je l'ai effacé à la main seulement. J'ai effectué toutes les MAJ mentionnées. J'attends mtn votre réponse. p.s: mon processeur est un AMD
  17. Kryx
    De rien pour ma contribution, j'espère que celà servira. Cà fonctionne nickel; prêt pour la sécurisation( çà sonne plutôt bien). Je rappelle juste que je ne l'ai jamais installé, il s'est incrusté^^. Pour me protéger d'avantage, il va me falloir de la vrai armada. Je n'oublierai pas les 3 fameuses familles d'infection...
  18. Kryx
    Oui vous avez raison, j'y ai songé au moment même ou j'ai posté^^. L'archive y était dans l'un de mes hidden files. Alors l'archive sous RAR pèse 16mo, soit 16.453Ko.
  19. Kryx
    Re j'ai suivi l'arborescence, et je ne tombe pas sur le dossier de quarantaine ni même sur le dossier de Malwarebytes auparavant. J'ai même vérifié dans program files. Et pourtant je n'ai rien effacé.
  20. Kryx
    P'tite erreur: je voulais dire fond d'écran et dsl pour le double affichage(freeze du navigateur).
  21. Kryx
    Coché et vérifié. Je confirme; plus aucun symptômes infectieux. Dans propirétés d'affiche l'onglet écran de veille est réapparu donc écran de veille réparé. Et oui je sais faire des zpi ou rar^^ J'attends la suite! Merci encore Falkra. Coché et vérifié. Je confirme; plus aucun symptômes infectieux. Dans propirétés d'affiche l'onglet écran de veille est réapparu donc écran de veille réparé. Et oui je sais faire des zpi ou rar^^ J'attends la suite! Merci encore Falkra.
  22. Kryx
    Me re voilà. Bonne digestion en passant. Voici donc le log HiJackThis après redémarrage du système: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:55:57, on 09/08/2008 Platform: Windows XP SP2, v.2149 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2149) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\ESET\ESET Smart Security\egui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdfcs.exe] C:\WINDOWS\system32\kdfcs.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwa...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E112D0B4-9BCE-4A5E-B251-65F50979E8BA}: NameServer = 80.10.246.130 80.10.246.3 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 4527 bytes Ps: N'ai rien viré de la quarantaine, je ne pense pas le viré de sitôt. Merci! de l'aide au trackage.
  23. Kryx
    Me re voici en compagnie du log MBAM après les MAJ: Malwarebytes' Anti-Malware 1.24 Version de la base de données: 1035 Windows 5.1.2600 Service Pack 2, v.2149 20:21:04 09/08/2008 mbam-log-8-9-2008 (20-21-04).txt Type de recherche: Examen rapide Eléments examinés: 45100 Temps écoulé: 5 minute(s), 44 second(s) Processus mémoire infecté(s): 3 Module(s) mémoire infecté(s): 5 Clé(s) du Registre infectée(s): 6 Valeur(s) du Registre infectée(s): 7 Elément(s) de données du Registre infecté(s): 3 Dossier(s) infecté(s): 23 Fichier(s) infecté(s): 34 Processus mémoire infecté(s): C:\Program Files\rhc5bcj0e12p\rhc5bcj0e12p.exe (Rogue.Multiple) -> Unloaded process successfully. C:\WINDOWS\system32\lphc1bcj0e12p.exe (Trojan.FakeAlert) -> Unloaded process successfully. C:\WINDOWS\system32\pphc1bcj0e12p.exe (Trojan.FakeAlert) -> Unloaded process successfully. Module(s) mémoire infecté(s): C:\WINDOWS\system32\lswjxvsc.dll (Trojan.Vundo) -> Delete on reboot. C:\Program Files\rhc5bcj0e12p\MFC71.dll (Rogue.Multiple) -> Delete on reboot. C:\Program Files\rhc5bcj0e12p\msvcp71.dll (Rogue.Multiple) -> Delete on reboot. C:\Program Files\rhc5bcj0e12p\msvcr71.dll (Rogue.Multiple) -> Delete on reboot. C:\WINDOWS\system32\blphc1bcj0e12p.scr (Trojan.FakeAlert) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhc5bcj0e12p (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\rhc5bcj0e12p (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\f010981e (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhc5bcj0e12p (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphc1bcj0e12p (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggvvsqp Pour un envoie de fichier pas de probs; je pourrai le rarer ou le zipper comme tu préfères*wink* Juste au cas où, MBAM m'affiche HKEY_CURRENT_USER\SOFTWARE\Microsoft\Contim C:WINDOWS\system32\lswjxvsc.dll comme étant un fichier insupprimable mais on me dit aussi qu'au redémarrage le fichier pouvait être supprimé cad mtn. Pas de prob apparent et pas de ré-installation de antivirus xp 2008( mais je reste en alerte). Merci encore Falkra!
  24. Kryx
    Re! Sdfix n'a pas eu de mal à se lancer. J'ai suivi le protocole à la lettre et voici donc le log de SDFix + un log apparu au même moment (au cas où) appelé catch me ainsi qu'un nouveau log de HiJackThis comme demandé. Rapport sdfix: SDFix: Version 1.214 Run by Karnik on 09/08/2008 at 19:28 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Restoring Default Desktop Wallpaper Restoring Default ScreenSaver value Rebooting Checking Files : Trojan Files Found: C:\WINDOWS\SYSTEM32\PPHC1B~1.EXE - Deleted C:\WINDOWS\SYSTEM32\PHC1BC~1.BMP - Deleted C:\WINDOWS\SYSTEM32\BLPHC1~1.SCR - Deleted C:\DOCUME~1\Karnik\LOCALS~1\Temp\.tt1.tmp - Deleted C:\DOCUME~1\Karnik\LOCALS~1\Temp\.tt19.tmp - Deleted C:\DOCUME~1\Karnik\LOCALS~1\Temp\.tt2.tmp - Deleted C:\DOCUME~1\Karnik\LOCALS~1\Temp\.tt7.tmp - Deleted C:\DOCUME~1\Karnik\LOCALS~1\Temp\.tt9.tmp - Deleted C:\DOCUME~1\Karnik\LOCALS~1\Temp\.ttB1.tmp - Deleted C:\Documents and Settings\Karnik\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk - Deleted Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-09 19:35:49 Windows 5.1.2600 Service Pack 2, v.2149 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_01#355407016282400_0_01#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_01\355407016282400_0_01" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_01#355407016282400_0_01#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_01#355407016282400_0_01#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_03#355407016282400_0_03#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_03\355407016282400_0_03" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_03#355407016282400_0_03#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_03#355407016282400_0_03#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_05#355407016282400_0_05#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_05\355407016282400_0_05" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_05#355407016282400_0_05#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_05#355407016282400_0_05#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_07#355407016282400_0_07#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_07\355407016282400_0_07" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_07#355407016282400_0_07#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_07#355407016282400_0_07#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_01#355407016282400_0_01#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_01\355407016282400_0_01" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_01#355407016282400_0_01#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_01#355407016282400_0_01#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_03#355407016282400_0_03#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_03\355407016282400_0_03" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_03#355407016282400_0_03#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_03#355407016282400_0_03#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_05#355407016282400_0_05#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_05\355407016282400_0_05" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_05#355407016282400_0_05#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_05#355407016282400_0_05#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_07#355407016282400_0_07#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_07\355407016282400_0_07" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_07#355407016282400_0_07#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_07#355407016282400_0_07#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" scanning hidden registry entries ... [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects\CroSao] "DefaultApplied"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4D6E842C-BFCA-EDBD-06AA-E5A4A81822EC}] "oademfaonaklieedmpkcflochjcdce"=hex:64,61,64,67,66,64,62,70,00,f0 "oapoegnhbofkkogodbagdcdlkcmgfe"=hex:6a,61,64,67,64,64,61,66,69,68,61,6e,70,67,6e,61,69,6e,6a,70,00,.. "nafekdmhfkpbhpaaomekfkanaabg"=hex:6b,61,65,67,6a,64,6e,69,68,65,6e,6f,68,6d,6d,70,64,62,6c,6f,68,.. scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\softnyx\\GunboundWC\\GunBound.gme"="C:\\Program Files\\softnyx\\GunboundWC\\GunBound.gme:*:Enabled:GunBound" "C:\\Program Files\\Ubisoft\\SPPT\\Splinter Cell Pandora Tomorrow\\pandora.exe"="C:\\Program Files\\Ubisoft\\SPPT\\Splinter Cell Pandora Tomorrow\\pandora.exe:*:Enabled:pandora" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Fri 11 Jun 2004 60,416 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe" Thu 14 Jul 2005 27,648 A.SHR --- "C:\WINDOWS\system32\AVSredirect.dll" Sun 26 Jun 2005 616,448 A.SHR --- "C:\WINDOWS\system32\cygwin1.dll" Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll" Sun 25 Jan 2004 70,656 A.SHR --- "C:\WINDOWS\system32\i420vfw.dll" Wed 21 Feb 2007 31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll" Mon 17 Dec 2007 27,648 ..SH. --- "C:\WINDOWS\system32\Smab0.dll" Mon 28 Feb 2005 240,128 A.SHR --- "C:\WINDOWS\system32\x.264.exe" Sun 25 Jan 2004 70,656 A.SHR --- "C:\WINDOWS\system32\yv12vfw.dll" Sun 18 Jun 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Sun 23 Sep 2007 23,552 ...H. --- "C:\Documents and Settings\guilli\Mes documents\~WRL0867.tmp" Sun 23 Sep 2007 26,624 ...H. --- "C:\Documents and Settings\guilli\Mes documents\~WRL0996.tmp" Sun 23 Sep 2007 23,552 ...H. --- "C:\Documents and Settings\guilli\Mes documents\~WRL2641.tmp" Sun 23 Sep 2007 28,672 ...H. --- "C:\Documents and Settings\guilli\Mes documents\~WRL3735.tmp" Thu 10 Jul 2008 20,992 ...H. --- "C:\Documents and Settings\matthias\Mes documents\~WRL0005.tmp" Thu 10 Jul 2008 61,952 ...H. --- "C:\Documents and Settings\matthias\Mes documents\~WRL1043.tmp" Thu 10 Jul 2008 60,416 ...H. --- "C:\Documents and Settings\matthias\Mes documents\~WRL4018.tmp" Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll" Wed 22 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll" Fri 14 Mar 2008 13,824 A.SHR --- "C:\Program Files\eRightSoft\SUPER\DXdump.exe" Thu 10 Jul 2008 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe" Tue 2 Oct 2007 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll" Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll" Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll" Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll" Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll" Sun 9 Jun 2002 36,864 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll" Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll" Tue 10 Dec 2002 102,437 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll" Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll" Tue 10 Dec 2002 208,935 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll" Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll" Sun 9 Jun 2002 40,448 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll" Sun 4 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll" Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll" Fri 20 Feb 2004 232,960 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll" Sun 9 Jun 2002 525,824 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll" Tue 10 Dec 2002 245,805 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll" Tue 10 Dec 2002 45,093 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll" Tue 10 Dec 2002 98,341 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll" Tue 10 Dec 2002 94,247 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll" Tue 10 Dec 2002 90,151 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll" Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll" Sun 9 Jun 2002 49,152 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll" Thu 20 Mar 2008 5,632 ..SHR --- "C:\Program Files\eRightSoft\SUPER\spk\1stRun.exe" Wed 16 Jan 2008 19,456 ...H. --- "C:\Documents and Settings\Karnik\Application Data\Microsoft\Word\~WRL0003.tmp" Wed 16 Jan 2008 19,456 ...H. --- "C:\Documents and Settings\Karnik\Application Data\Microsoft\Word\~WRL0005.tmp" Sun 18 Jun 2006 4,348 ...H. --- "C:\Documents and Settings\Karnik\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak" Sat 23 Dec 2006 20 A..H. --- "C:\Documents and Settings\Karnik\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak" Sun 18 Jun 2006 312 ...H. --- "C:\Documents and Settings\Karnik\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak" Sat 23 Dec 2006 1,536 A..H. --- "C:\Documents and Settings\Karnik\Mes documents\Ma musique\Sauvegarde de la licence\drmv2lic.bak" Sun 28 Oct 2007 19,456 ...H. --- "C:\Documents and Settings\matthias\Application Data\Microsoft\Word\~WRL0003.tmp" Sun 23 Sep 2007 19,456 ...H. --- "C:\Documents and Settings\matthias\Application Data\Microsoft\Word\~WRL0004.tmp" Sun 28 Oct 2007 19,456 ...H. --- "C:\Documents and Settings\matthias\Application Data\Microsoft\Word\~WRL0005.tmp" Sun 23 Sep 2007 29,696 ...H. --- "C:\Documents and Settings\matthias\Application Data\Microsoft\Word\~WRL3067.tmp" Sun 23 Sep 2007 22,016 ...H. --- "C:\Documents and Settings\matthias\Application Data\Microsoft\Word\~WRL3332.tmp" Sun 23 Sep 2007 19,968 ...H. --- "C:\Documents and Settings\matthias\Application Data\Microsoft\Word\~WRL3661.tmp" Sun 18 Jun 2006 4,348 ...H. --- "C:\Documents and Settings\matthias\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak" Sat 5 Aug 2006 20 A..H. --- "C:\Documents and Settings\matthias\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak" Sun 18 Jun 2006 312 ...H. --- "C:\Documents and Settings\matthias\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak" Sat 5 Aug 2006 1,536 A..H. --- "C:\Documents and Settings\matthias\Mes documents\Ma musique\Sauvegarde de la licence\drmv2lic.bak" Finished! Rapport optionnel catch me : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-09 19:35:49 Windows 5.1.2600 Service Pack 2, v.2149 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_01#355407016282400_0_01#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_01\355407016282400_0_01" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_01#355407016282400_0_01#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_01#355407016282400_0_01#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_03#355407016282400_0_03#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_03\355407016282400_0_03" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_03#355407016282400_0_03#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_03#355407016282400_0_03#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_05#355407016282400_0_05#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_05\355407016282400_0_05" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_05#355407016282400_0_05#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_05#355407016282400_0_05#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_07#355407016282400_0_07#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_07\355407016282400_0_07" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_07#355407016282400_0_07#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_07#355407016282400_0_07#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_01#355407016282400_0_01#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_01\355407016282400_0_01" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_01#355407016282400_0_01#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_01#355407016282400_0_01#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_03#355407016282400_0_03#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_03\355407016282400_0_03" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_03#355407016282400_0_03#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_03#355407016282400_0_03#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_05#355407016282400_0_05#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_05\355407016282400_0_05" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_05#355407016282400_0_05#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_05#355407016282400_0_05#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_07#355407016282400_0_07#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}] "DeviceInstance"="USB\Vid_0fce&Pid_d042&Mi_07\355407016282400_0_07" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\DeviceClasses\{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\##?#USB#Vid_0fce&Pid_d042&Mi_07#355407016282400_0_07#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}\#] "SymbolicLink"="\\?\USB#Vid_0fce&Pid_d042&Mi_07#355407016282400_0_07#{6bafc5d1-edf0-417e-8e85-ea89d17f14cb}" scanning hidden registry entries ... [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects\CroSao] "DefaultApplied"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4D6E842C-BFCA-EDBD-06AA-E5A4A81822EC}] "oademfaonaklieedmpkcflochjcdce"=hex:64,61,64,67,66,64,62,70,00,f0 "oapoegnhbofkkogodbagdcdlkcmgfe"=hex:6a,61,64,67,64,64,61,66,69,68,61,6e,70,67,6e,61,69,6e,6a,70,00,.. "nafekdmhfkpbhpaaomekfkanaabg"=hex:6b,61,65,67,6a,64,6e,69,68,65,6e,6f,68,6d,6d,70,64,62,6c,6f,68,.. scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Le new rapport de hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:41:14, on 09/08/2008 Platform: Windows XP SP2, v.2149 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2149) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\WINDOWS\system32\lphc1bcj0e12p.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\pphc1bcj0e12p.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [f010981e] rundll32.exe "C:\WINDOWS\system32\lswjxvsc.dll",b O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [lphc1bcj0e12p] C:\WINDOWS\system32\lphc1bcj0e12p.exe O4 - HKLM\..\Run: [sMrhc5bcj0e12p] C:\Program Files\rhc5bcj0e12p\rhc5bcj0e12p.exe O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdfcs.exe] C:\WINDOWS\system32\kdfcs.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwa...ash/swflash.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 4722 bytes Pour info, antivirus xp 2008 s'est à nouveau installé puis lancé au moment même ou j'écrivais ces mots. Il y avait aussi des messages d'erreurs qd les icones de mon bureau s'est chargées. Je vous les enverrai dans mon prochain post. Merci encore de prendre de votre temps Kalfra.
  25. Kryx
    Ok! j'ai eu peur.Merci beaucoup. Le voici: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:51:08, on 09/08/2008 Platform: Windows XP SP2, v.2149 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2149) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\WINDOWS\system32\lphc1bcj0e12p.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\pphc1bcj0e12p.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\Olitec\ADSL Olitec\CnxDslTb.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [f010981e] rundll32.exe "C:\WINDOWS\system32\lswjxvsc.dll",b O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [lphc1bcj0e12p] C:\WINDOWS\system32\lphc1bcj0e12p.exe O4 - HKLM\..\Run: [sMrhc5bcj0e12p] C:\Program Files\rhc5bcj0e12p\rhc5bcj0e12p.exe O4 - HKLM\..\Run: [C:\WINDOWS\system32\kdfcs.exe] C:\WINDOWS\system32\kdfcs.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [sVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwa...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E112D0B4-9BCE-4A5E-B251-65F50979E8BA}: NameServer = 80.10.246.130 80.10.246.3 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 4949 bytes
×
×
  • Créer...