Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

rapport hijackthis aide merci

Drog-

Par Drog-
dans Analyses et éradication malwares

 Partager

Messages recommandés

Drog- Member

Drog-

Posté(e)
  • Auteur
Posté(e)

voila mon rapport combifix :

 

ComboFix 08-07-17.4 - benoit pellissier 2008-07-18 14:28:52.2 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.399 [GMT 2:00]

Endroit: I:\Documents and Settings\benoit pellissier\Bureau\Combo-Fix.exe

* Resident AV is active

 

 

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

I:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML

I:\install.exe

I:\WINDOWS\Downloaded Program Files\setup.inf

I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll

 

.

((((((((((((((((((((((((((((( Fichiers créés 2008-06-18 to 2008-07-18 ))))))))))))))))))))))))))))))))))))

.

 

2008-07-17 23:13 . 2008-07-17 23:13 35,842 --a------ I:\WINDOWS\system32\C3DL15v4.exe

2008-07-17 20:50 . 2008-07-17 20:51 1,442,142 --a------ I:\SDFix.exe

2008-07-17 18:36 . 2008-07-17 18:36 <REP> d-------- I:\VundoFix Backups

2008-07-17 18:30 . 2008-07-17 20:25 <REP> d-------- I:\Program Files\Malwarebytes' Anti-Malware

2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Malwarebytes

2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-07-17 18:30 . 2008-07-07 17:35 34,296 --a------ I:\WINDOWS\system32\drivers\mbamcatchme.sys

2008-07-17 18:30 . 2008-07-07 17:35 17,144 --a------ I:\WINDOWS\system32\drivers\mbam.sys

2008-07-17 12:46 . 2007-07-30 19:19 271,224 --a------ I:\WINDOWS\system32\mucltui.dll

2008-07-17 12:46 . 2007-07-30 19:19 207,736 --a------ I:\WINDOWS\system32\muweb.dll

2008-07-17 12:46 . 2007-07-30 19:18 30,072 --a------ I:\WINDOWS\system32\mucltui.dll.mui

2008-07-17 12:42 . 2008-07-17 12:42 <REP> d-------- I:\37697b738c9b3c8639754acaec909457

2008-07-17 12:41 . 2008-07-17 12:41 <REP> d-------- I:\3226aa2ad68ffcc930ef58

2008-07-17 10:35 . 2008-07-17 12:41 <REP> d----c--- I:\Program Files\Fichiers communs\WindowsLiveInstaller

2008-07-17 10:35 . 2008-07-17 10:54 <REP> d-------- I:\Documents and Settings\All Users\Application Data\WLInstaller

2008-07-15 17:05 . 2006-06-29 13:07 14,048 --------- I:\WINDOWS\system32\spmsg2.dll

2008-07-15 08:08 . 2008-07-15 08:08 <REP> d-------- I:\Program Files\TomTom DesktopSuite

2008-07-14 18:47 . 2008-07-17 13:07 <REP> d-------- I:\Program Files\a-squared Anti-Malware

2008-07-14 18:37 . 2008-07-14 18:37 <REP> d-------- I:\WINDOWS\type

2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\InstantTimeZone

2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Documents and Settings\All Users\Application Data\HiYo

2008-07-13 12:26 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\BigFix

2008-07-13 12:10 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\Realtek AC97

2008-07-13 12:10 . 2002-02-05 13:54 141,016 --a------ I:\WINDOWS\system32\alsndmgr.wav

2008-07-13 12:08 . 2008-07-13 12:49 <REP> d-------- I:\WINDOWS\NV35763580.TMP

2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Program Files\ma-config.com

2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Documents and Settings\All Users\Application Data\ma-config.com

2008-07-12 19:17 . 2008-07-15 17:17 <REP> d-------- I:\WINDOWS\system32\XPSViewer

2008-07-12 19:17 . 2008-07-12 19:17 <REP> d-------- I:\Program Files\MSBuild

2008-07-12 19:16 . 2008-07-12 19:16 <REP> d-------- I:\Program Files\Reference Assemblies

2008-07-12 18:02 . 2008-07-12 18:02 <REP> d-------- I:\Program Files\MSXML 6.0

2008-07-12 15:20 . 2008-07-12 19:31 1,374 --a------ I:\WINDOWS\imsins.BAK

2008-07-12 15:04 . 2008-07-12 15:04 0 --a------ I:\WINDOWS\system32\tOgc374C.exe.a_a

2008-07-11 20:33 . 2008-07-11 20:33 3,468,904 --a------ I:\WINDOWS\system32\drivers\appdrv01.sys

2008-07-11 20:33 . 2008-07-11 20:33 304,528 --a------ I:\WINDOWS\system32\appdrvrem01.exe

2008-07-11 18:50 . 2008-07-11 18:55 <REP> d-------- I:\Program Files\BHODemon 2

2008-07-11 17:48 . 2008-07-11 17:48 999 --a------ I:\WINDOWS\unins000.dat

2008-07-11 17:23 . 2008-07-11 18:03 <REP> d-------- I:\54f2d04aeca8b46f3adb319aae

2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Microsoft Visual Studio 8

2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Fichiers communs\Merge Modules

2008-07-11 17:16 . 2008-07-11 18:03 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Microsoft Help

2008-07-11 12:31 . 2008-07-11 18:05 <REP> d-------- I:\Program Files\SpywareGuard

2008-07-11 10:56 . 2008-07-11 10:56 0 --a------ I:\WINDOWS\system32\NW1iG6cU.exe.a_a

2008-07-10 19:32 . 2008-07-10 19:32 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Sandlot Games

2008-07-10 19:31 . 2008-07-10 19:31 <REP> d-------- I:\Program Files\ReflexiveArcade

2008-07-10 19:31 . 2008-07-11 18:04 <REP> d-------- I:\Program Files\Cake Mania

2008-07-07 16:10 . 2008-07-07 16:10 64,846 --a------ I:\WINDOWS\system32\kkkcccypnwb.exe

2008-07-06 12:20 . 2008-07-15 18:06 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Pro Cycling Manager 2008

2008-07-06 07:05 . 2008-07-06 07:25 <REP> d-------- I:\Program Files\Star Downloader

2008-07-03 23:11 . 2008-07-03 23:11 0 --a------ I:\WINDOWS\system32\HJO0GNU5.exe.a_a

2008-07-03 22:03 . 2008-07-03 22:03 <REP> dr------- I:\Documents and Settings\NetworkService\Favoris

2008-07-02 17:10 . 2008-07-02 17:10 0 --a------ I:\WINDOWS\system32\C3DL15v4.exe.a_a

2008-06-30 20:29 . 2006-10-04 16:06 1,197,294 -----c--- I:\WINDOWS\system32\dllcache\sysmain.sdb

2008-06-30 20:29 . 2006-10-04 16:06 764,868 -----c--- I:\WINDOWS\system32\dllcache\apph_sp.sdb

2008-06-30 20:29 . 2006-10-04 16:06 217,118 -----c--- I:\WINDOWS\system32\dllcache\apphelp.sdb

2008-06-30 20:27 . 2008-06-30 20:27 <REP> d-------- I:\Program Files\Windows Media Connect 2

2008-06-30 20:25 . 2008-06-30 20:26 <REP> d-------- I:\WINDOWS\system32\drivers\UMDF

2008-06-28 18:12 . 2008-06-28 18:23 <REP> d-------- I:\Program Files\Yahoo!

2008-06-28 07:37 . 2008-07-18 14:17 107,373 --a------ I:\WINDOWS\system32\oodbs.lor

2008-06-27 20:35 . 2008-06-27 20:35 0 --a------ I:\WINDOWS\oodcnt.INI

2008-06-27 16:04 . 2008-07-16 19:21 <REP> d-------- I:\WINDOWS\system32\oodag

2008-06-27 15:52 . 2008-06-27 15:52 <REP> d-------- I:\Program Files\OO Software

2008-06-27 15:45 . 2008-07-16 20:10 <REP> d-------- I:\Program Files\RamBoost XP

2008-06-27 15:32 . 2008-06-27 15:36 <REP> d-------- I:\Program Files\RegCleaner

2008-06-23 15:21 . 2008-06-23 15:21 0 --a------ I:\WINDOWS\nsreg.dat

2008-06-18 15:44 . 2008-06-18 15:44 <REP> d-------- I:\UDA051_build01(Logo51.3_Standard)

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-07-18 11:58 --------- d-----w I:\Documents and Settings\All Users\Application Data\Google Updater

2008-07-18 11:49 --------- d-----w I:\Program Files\Wanadoo

2008-07-17 17:03 --------- d-----w I:\Program Files\Google

2008-07-17 14:37 --------- d-----w I:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic

2008-07-17 11:04 --------- d-----w I:\Program Files\MSN Messenger

2008-07-17 08:35 --------- d-----w I:\Program Files\Windows Live

2008-07-16 15:53 --------- d-----w I:\Program Files\mIRC

2008-07-15 14:10 --------- d-----w I:\Program Files\TomTom HOME

2008-07-14 18:27 --------- d-----w I:\Program Files\PKR

2008-07-14 18:27 --------- d-----w I:\Program Files\GaNja`Script

2008-07-13 10:10 --------- d--h--w I:\Program Files\InstallShield Installation Information

2008-07-11 17:19 --------- d-----w I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-07-11 16:16 --------- d-----w I:\Program Files\Cyanide

2008-07-11 15:07 --------- d-----w I:\Program Files\Java

2008-07-09 14:02 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\LimeWire

2008-07-09 13:54 --------- d-----w I:\Program Files\eMule

2008-07-07 19:12 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\teamspeak2

2008-06-29 15:14 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\FileZilla

2008-06-28 16:23 --------- d-----w I:\Program Files\Ludiclub

2008-06-27 13:15 --------- d-----w I:\Program Files\RSS Xpress

2008-06-18 16:24 --------- d-----w I:\Program Files\LimeWire

2008-06-18 13:33 --------- d-----w I:\Program Files\Lavalys

2008-06-14 18:33 --------- d-----w I:\Documents and Settings\All Users\Application Data\TomTom

2008-06-14 18:31 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\InstallShield

2008-06-11 18:01 --------- d-----w I:\Program Files\Messenger Plus! Live

2008-06-07 17:45 --------- d-----w I:\Program Files\C-Media 3D Audio

2008-06-07 14:56 --------- d-----w I:\Program Files\Valve

2008-06-07 13:34 43,520 ----a-w I:\WINDOWS\system32\CmdLineExt03.dll

2008-05-22 13:42 107,888 ----a-w I:\WINDOWS\system32\CmdLineExt.dll

2008-05-19 17:04 --------- d-----w I:\Program Files\EA Sports

1999-06-30 13:06 151,552 ----a-r I:\WINDOWS\inf\AGFA\Message.exe

.

<pre>
----a-w         5,109,800 2002-12-07 06:27:30  I:\Program Files\XARA\Xara Menu Maker 1.0 .exe
</pre>

 

 

((((((((((((((((((((((((((((( snapshot@2008-01-20_21.42.48.18 )))))))))))))))))))))))))))))))))))))))))

.

+ 2003-04-24 12:00:00 1,740 -c----w I:\WINDOWS\$NtServicePackUninstall$\dcache.bin

+ 2002-08-29 00:32:34 2,816 -c----w I:\WINDOWS\$NtServicePackUninstall$\drmkaud.sys

+ 2003-04-24 12:00:00 184,320 -c----w I:\WINDOWS\$NtServicePackUninstall$\msh261.drv

+ 2002-08-29 09:45:20 286,720 -c----w I:\WINDOWS\$NtServicePackUninstall$\msh263.drv

+ 2003-04-24 12:00:00 22,016 -c----w I:\WINDOWS\$NtServicePackUninstall$\wdmaud.drv

+ 2003-04-24 12:00:00 132,608 -c----w I:\WINDOWS\$NtServicePackUninstall$\winspool.drv

+ 2006-10-04 14:05:26 39,424 ------w I:\WINDOWS\AppPatch\acadproc.dll

+ 2008-04-14 15:08:31 53,248 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

+ 2008-04-14 15:08:32 12,800 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll

+ 2008-04-14 15:08:32 473,600 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

+ 2008-04-14 15:08:24 2,676,224 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:26 2,846,720 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:27 563,712 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:27 567,296 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:28 576,000 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:28 577,024 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:29 577,536 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:29 577,536 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:30 578,560 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:32 578,560 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:33 145,920 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

+ 2008-04-14 15:08:33 159,232 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

+ 2008-04-14 15:08:34 364,544 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

+ 2008-04-14 15:08:34 178,176 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

+ 2008-04-14 15:08:31 223,232 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

+ 2008-07-15 15:02:47 69,120 ----a-w I:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2008-07-15 15:02:53 72,192 ----a-w I:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2008-07-15 15:02:34 4,444,160 ----a-w I:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2008-07-15 15:02:55 483,840 ----a-w I:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

+ 2008-07-15 15:02:41 3,036,160 ----a-w I:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

+ 2008-07-15 15:02:57 258,048 ----a-w I:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

+ 2008-07-15 15:02:57 113,664 ----a-w I:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2008-07-15 15:02:53 261,120 ----a-w I:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2008-07-15 15:02:39 5,431,296 ----a-w I:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2008-07-15 15:02:45 10,752 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

+ 2008-07-15 15:02:40 507,904 ----a-w I:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

+ 2008-07-15 15:02:47 13,312 ----a-w I:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2008-07-15 15:02:50 8,192 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2008-07-15 15:02:51 77,824 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

+ 2008-07-15 15:02:51 6,656 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2008-07-15 15:02:58 348,160 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

+ 2008-07-15 15:02:58 36,864 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

+ 2008-07-15 15:02:59 655,360 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

+ 2008-07-15 15:03:00 77,824 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

+ 2008-07-15 15:02:52 749,568 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2008-07-15 15:02:50 110,592 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2008-07-15 15:02:49 372,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2008-07-15 15:02:55 28,672 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2008-07-15 15:02:48 671,744 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2008-07-15 15:02:37 5,632 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2008-07-15 15:02:56 12,800 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2008-07-15 15:02:48 32,768 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

+ 2008-07-15 15:02:47 7,168 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

+ 2008-07-15 15:02:52 110,592 ----a-w I:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

+ 2008-07-15 15:02:53 81,920 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2008-07-15 15:02:40 425,984 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

+ 2008-07-15 15:02:42 741,376 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2008-07-15 15:02:42 933,888 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2008-07-15 15:03:01 5,070,848 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

+ 2008-07-15 15:02:59 188,416 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

+ 2008-07-15 15:02:45 401,408 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2008-07-15 15:02:56 81,920 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

+ 2008-07-15 15:02:37 630,784 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2008-07-15 15:02:57 372,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2008-07-15 15:02:56 258,048 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

+ 2008-07-15 15:02:54 299,008 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2008-07-15 15:02:54 131,072 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2008-07-15 15:02:38 258,048 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2008-07-15 15:02:38 114,688 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2008-07-15 15:02:44 884,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

+ 2008-07-15 15:02:44 90,112 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2008-07-15 15:02:44 839,680 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

+ 2008-07-15 15:02:46 5,013,504 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2008-07-15 15:02:39 2,068,480 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

+ 2008-07-15 15:02:43 3,076,096 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

+ 2008-07-17 11:24:49 27,136 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll

+ 2008-07-17 11:24:53 884,736 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\a1d353edc300e3aff0784202f68a657b\AspNetMMCExt.ni.dll

+ 2008-07-17 11:24:53 237,568 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c10ec9b4de2b366236ec83237dc31281\CustomMarshalers.ni.dll

+ 2008-07-17 11:24:54 15,360 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\837fe02bdcf637d5bf1e5ffb935ebb80\dfsvc.ni.exe

+ 2008-07-17 11:24:56 876,544 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9710a3c0d11dd264c3a6b88977699e9b\Microsoft.Build.Engine.ni.dll

+ 2008-07-17 11:24:56 81,920 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e2858a45971fb30b0c0523dbb52c1d4e\Microsoft.Build.Framework.ni.dll

+ 2008-07-17 11:25:00 1,695,744 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\63d69ffdf3c640d2d104a4b74e8115f8\Microsoft.Build.Tasks.ni.dll

+ 2008-07-17 11:25:00 167,936 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\11cb5418c06e30100616fbf205588489\Microsoft.Build.Utilities.ni.dll

+ 2008-07-17 11:25:03 1,740,800 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll

+ 2008-07-17 10:43:45 11,722,752 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll

+ 2008-07-17 11:25:05 1,011,712 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll

+ 2008-07-17 10:44:26 7,049,216 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5f669e819da7010c1dca347a25597c42\System.Data.ni.dll

+ 2008-07-17 11:25:06 1,798,144 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll

+ 2008-07-17 10:45:04 10,969,088 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\c1e16b40e30a05c39be8aee46311841c\System.Design.ni.dll

+ 2008-07-17 11:25:08 1,224,704 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll

+ 2008-07-17 11:25:09 512,000 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll

+ 2008-07-17 10:45:23 229,376 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b974f6c17d17a533adf6e7710c5a62fa\System.Drawing.Design.ni.dll

+ 2008-07-17 10:45:22 1,667,072 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll

+ 2008-07-17 11:25:10 659,456 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll

+ 2008-07-17 11:25:10 294,912 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll

+ 2008-07-17 11:25:11 733,184 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll

+ 2008-07-17 11:25:12 233,472 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll

+ 2008-07-17 11:25:12 679,936 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll

+ 2008-07-17 11:25:29 2,342,912 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\37d87b3cab1c66ec4430ebb2abeaa570\System.Web.Mobile.ni.dll

+ 2008-07-17 11:25:29 237,568 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll

+ 2008-07-17 11:25:31 1,986,560 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll

+ 2008-07-17 11:25:26 12,509,184 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll

+ 2008-07-17 10:46:11 13,193,216 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll

+ 2008-07-17 10:46:29 5,771,264 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll

+ 2008-07-17 10:44:07 8,265,728 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll

- 2007-10-05 13:20:36 181,760 ----a-w I:\WINDOWS\BDOSCAN8\bdcore.dll

+ 2008-02-25 20:52:07 181,760 ----a-w I:\WINDOWS\BDOSCAN8\bdcore.dll

- 2006-05-24 23:21:00 118,784 ----a-w I:\WINDOWS\BDOSCAN8\bdupd.dll

+ 2006-05-25 00:21:00 118,784 ----a-w I:\WINDOWS\BDOSCAN8\bdupd.dll

- 2006-05-24 23:21:14 53,248 ----a-w I:\WINDOWS\BDOSCAN8\ipsupd.dll

+ 2006-05-25 00:21:14 53,248 ----a-w I:\WINDOWS\BDOSCAN8\ipsupd.dll

- 2007-10-05 13:20:39 142,848 ----a-w I:\WINDOWS\BDOSCAN8\libfn.dll

+ 2008-02-25 20:52:08 142,848 ----a-w I:\WINDOWS\BDOSCAN8\libfn.dll

+ 2002-10-18 13:56:06 28,672 ----a-w I:\WINDOWS\CMIRmDriver.dll

+ 2003-07-22 09:15:24 225,280 ----a-w I:\WINDOWS\CmiRmRedundDir.exe

+ 2003-08-05 12:23:24 266,240 ----a-w I:\WINDOWS\CMIUninstall.exe

+ 2006-05-25 00:21:00 118,784 ----a-w I:\WINDOWS\Downloaded Program Files\CONFLICT.1\bdupd.dll

+ 2006-05-25 00:21:14 53,248 ----a-w I:\WINDOWS\Downloaded Program Files\CONFLICT.1\ipsupd.dll

+ 2008-03-24 17:33:02 1,527,056 ----a-w I:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe

+ 2002-01-03 13:54:36 96,768 ----a-w I:\WINDOWS\DRIVER\Sound\C-Media 5.12.01.0036\C-Media 5.12.01.0036\Driver\Win_95\CM9738.DRV

+ 2002-01-03 14:54:36 96,768 ----a-w I:\WINDOWS\DRIVER\Sound\C-Media 5.12.01.0040\C-Media 5.12.01.0040\Driver\Win_95\CM9738.DRV

+ 2005-10-20 18:02:28 163,328 ----a-w I:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE

- 2007-08-23 00:15:50 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE

+ 2008-07-17 10:57:06 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE

- 2007-08-23 21:20:07 2,334,720 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT

+ 2008-07-18 12:11:15 16,211,968 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000001\ntuser.dat

- 2007-08-23 21:20:07 8,192 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat

+ 2008-07-18 12:11:15 548,864 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat

+ 2008-07-17 10:57:06 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE

+ 2008-07-18 12:11:12 16,211,968 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\ntuser.dat

+ 2008-07-18 12:11:13 548,864 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat

+ 2000-08-31 06:00:00 89,504 ----a-w I:\WINDOWS\fdsv.exe

+ 2000-08-31 06:00:00 80,412 ----a-w I:\WINDOWS\grep.exe

- 2004-08-19 23:10:03 208,896 ----a-w I:\WINDOWS\inf\unregmp2.exe

+ 2006-11-03 07:58:34 317,440 ----a-w I:\WINDOWS\inf\unregmp2.exe

+ 2008-04-18 18:00:41 98,304 ----a-r I:\WINDOWS\Installer\{1EC73FB6-97FD-48EE-8100-CA969A56E727}\ARPPRODUCTICON.exe

+ 2008-04-18 18:00:41 98,304 ----a-r I:\WINDOWS\Installer\{1EC73FB6-97FD-48EE-8100-CA969A56E727}\NewShortcut1_1EC73FB697FD48EE8100CA969A56E727.exe

+ 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\ARPPRODUCTICON.exe

+ 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_ds.53480420_ED54_41F1_B802_5A3B83DAF067.exe

+ 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_exe.53480420_ED54_41F1_B802_5A3B83DAF067.exe

+ 2008-06-04 12:31:43 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\ARPPRODUCTICON.exe

+ 2008-06-04 12:31:43 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut1_644D622AEF3D40E290EE92523E2DA87A.exe

+ 2008-06-04 12:31:44 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut2_569C74F853D147C0802E971DD74EC31B.exe

+ 2008-06-04 12:31:44 8,854 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut3_661346DFE29D45B2AB0F791526D873EC.exe

+ 2008-05-19 16:59:17 32,038 ----a-r I:\WINDOWS\Installer\{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}\nhl08.exe

+ 2005-03-18 14:23:10 53,248 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll

+ 2005-03-18 14:23:10 12,800 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll

+ 2005-03-18 14:23:14 473,600 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll

+ 2004-09-29 10:38:58 2,676,224 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-03-18 14:23:10 145,920 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll

+ 2005-03-18 14:23:10 159,232 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll

+ 2005-03-18 14:23:14 364,544 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll

+ 2005-03-18 14:23:12 178,176 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll

+ 2005-03-18 14:23:14 223,232 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll

+ 2004-12-01 13:53:06 2,846,720 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-02-05 17:32:54 563,712 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-03-18 15:23:14 567,296 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-05-26 13:15:56 576,000 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-07-22 15:21:34 577,024 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-09-28 12:11:52 577,536 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-12-05 15:20:50 577,536 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll

+ 2006-02-03 05:40:48 578,560 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll

+ 2006-03-31 09:27:50 578,560 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll

+ 2007-10-23 23:47:38 82,944 ----a-w I:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_diasymreader.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_iehost.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.jscript.dll

+ 2005-09-23 05:29:04 5,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscordbi.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscorrc.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscorsec.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.configuration.install.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.data.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_VsaVb7rt.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_wminet_utils.dll

+ 2007-10-23 23:47:38 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll

+ 2007-10-23 23:47:40 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll

+ 2007-10-23 23:47:42 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll

+ 2007-10-23 23:47:40 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll

+ 2007-10-23 23:47:38 97,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll

+ 2007-10-23 23:47:26 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll

+ 2007-10-23 23:47:30 145,408 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll

+ 2007-10-23 23:47:32 13,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll

+ 2007-10-23 23:47:48 193,016 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll

+ 2007-10-23 23:47:20 218,112 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll

+ 2007-10-23 23:47:40 10,752 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll

+ 2007-10-23 23:47:42 147,968 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll

+ 2007-10-23 23:47:26 99,320 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll

+ 2007-10-23 23:47:42 59,392 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe

+ 2007-10-23 23:47:22 36,864 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe

+ 2007-10-23 23:47:22 22,024 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll

+ 2007-10-23 23:47:22 17,928 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll

+ 2007-10-23 23:47:22 33,288 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll

+ 2007-10-23 23:47:22 84,480 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll

+ 2007-10-23 23:47:22 24,576 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe

+ 2007-10-23 23:47:22 32,776 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe

+ 2007-10-23 23:47:22 106,496 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe

+ 2007-10-23 23:47:22 33,800 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

+ 2007-10-23 23:47:22 33,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe

+ 2007-10-23 23:47:22 507,904 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll

+ 2007-10-23 23:47:40 106,496 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe

+ 2007-10-23 23:47:40 101,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll

+ 2007-10-23 23:47:30 80,376 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe

+ 2007-10-23 23:47:30 1,162,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll

+ 2007-10-23 23:47:30 13,312 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll

+ 2007-10-23 23:47:42 27,136 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll

+ 2007-10-23 23:47:40 69,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll

+ 2007-10-23 23:47:30 35,320 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe

+ 2007-10-23 23:47:28 66,552 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll

+ 2007-10-23 23:47:28 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe

+ 2007-10-23 23:47:54 572,936 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll

+ 2007-10-23 23:47:40 798,224 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll

+ 2007-10-23 23:47:36 18,936 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll

+ 2007-10-23 23:47:40 9,728 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe

+ 2007-10-23 23:47:40 8,192 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll

+ 2007-10-23 23:47:40 77,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll

+ 2007-10-23 23:47:40 6,656 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll

+ 2007-10-23 23:47:40 230,904 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe

+ 2007-10-23 23:47:40 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe

+ 2007-10-23 23:47:40 65,032 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll

+ 2007-10-23 23:47:40 72,192 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll

+ 2007-10-23 23:47:34 40,960 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe

+ 2007-10-23 23:47:36 348,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll

+ 2007-10-23 23:47:36 36,864 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll

+ 2007-10-23 23:47:36 655,360 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll

+ 2007-10-23 23:47:36 77,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll

+ 2007-10-23 23:47:34 749,568 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll

+ 2007-10-23 23:47:52 110,592 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2007-10-23 23:47:52 372,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll

+ 2007-10-23 23:47:50 671,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll

+ 2007-10-23 23:47:20 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll

+ 2007-10-23 23:47:52 5,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll

+ 2007-10-23 23:47:20 32,768 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll

+ 2007-10-23 23:47:20 12,800 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2007-10-23 23:47:20 7,168 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll

+ 2007-10-23 23:47:22 97,792 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll

+ 2007-10-23 23:47:36 69,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe

+ 2007-10-23 23:47:40 822,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll

+ 2007-10-23 23:47:40 83,456 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll

+ 2007-10-23 23:47:40 308,224 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll

+ 2007-10-23 23:47:40 47,104 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll

+ 2007-10-23 23:47:40 348,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

+ 2007-10-23 23:47:40 94,208 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll

+ 2007-10-23 23:47:40 4,444,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll

+ 2007-10-23 23:47:40 114,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll

+ 2007-10-23 23:47:44 340,992 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll

+ 2007-10-23 23:47:40 77,312 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll

+ 2007-10-23 23:47:36 18,944 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll

+ 2007-10-23 23:47:40 242,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll

+ 2007-10-23 23:47:40 70,144 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

+ 2007-10-23 23:47:40 19,456 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll

+ 2007-10-23 23:47:36 5,814,784 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

+ 2007-10-23 23:47:44 31,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll

+ 2007-10-23 23:47:40 101,880 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe

+ 2007-10-23 23:47:40 24,584 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll

+ 2007-10-23 23:47:40 89,096 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll

+ 2007-10-23 23:47:36 144,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll

+ 2007-10-23 23:47:40 53,248 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe

+ 2007-10-23 23:47:40 32,768 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe

+ 2007-10-23 23:47:46 61,952 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe

+ 2007-10-23 23:47:42 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll

+ 2007-10-23 23:47:40 119,296 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll

+ 2007-10-23 23:47:44 95,232 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll

+ 2007-10-23 23:47:40 392,696 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll

+ 2007-10-23 23:47:40 110,592 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll

+ 2007-10-23 23:47:42 425,984 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll

+ 2007-10-23 23:47:40 81,920 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll

+ 2007-10-23 23:47:40 3,036,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll

+ 2007-10-23 23:47:40 483,840 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll

+ 2007-10-23 23:47:40 741,376 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll

+ 2007-10-23 23:47:28 933,888 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll

+ 2007-10-23 23:47:40 5,070,848 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll

+ 2007-10-23 23:47:40 401,408 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll

+ 2007-10-23 23:47:40 188,416 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll

+ 2007-10-23 23:47:40 3,076,096 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll

+ 2007-10-23 23:47:40 81,920 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll

+ 2007-10-23 23:47:40 630,784 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll

+ 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll

+ 2007-10-23 23:47:40 57,392 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll

+ 2007-10-23 23:47:40 113,664 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll

+ 2007-10-23 23:47:40 372,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll

+ 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll

+ 2007-10-23 23:47:40 299,008 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll

+ 2007-10-23 23:47:40 131,072 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll

+ 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll

+ 2007-10-23 23:47:40 114,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll

+ 2007-10-23 23:47:40 261,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll

+ 2007-10-23 23:47:40 5,431,296 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll

+ 2007-10-23 23:47:40 884,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll

+ 2007-10-23 23:47:40 90,112 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll

+ 2007-10-23 23:47:40 839,680 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll

+ 2007-10-23 23:47:40 5,013,504 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll

+ 2007-10-23 23:47:40 2,068,480 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll

+ 2007-10-23 23:47:40 81,400 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL

+ 2007-10-23 23:47:48 1,172,472 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe

+ 2007-10-23 23:47:20 1,344,000 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll

+ 2007-10-23 23:47:22 434,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll

+ 2007-10-23 23:47:40 37,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll

+ 2008-01-16 23:28:20 28,306 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\baseline.dat

+ 2007-11-07 17:00:02 210,834 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\baseline.dat

- 2000-08-31 07:00:00 51,200 ----a-w I:\WINDOWS\NirCmd.exe

+ 2000-08-31 06:00:00 28,672 ----a-w I:\WINDOWS\NirCmd.exe

+ 2000-08-31 06:00:00 98,816 ----a-w I:\WINDOWS\sed.exe

+ 2004-08-19 23:23:25 1,788 ------w I:\WINDOWS\ServicePackFiles\i386\dcache.bin

+ 2004-08-04 06:07:57 2,944 ------w I:\WINDOWS\ServicePackFiles\i386\drmkaud.sys

+ 2004-08-19 23:10:08 188,416 ------w I:\WINDOWS\ServicePackFiles\i386\msh261.drv

+ 2004-08-19 23:10:08 294,912 ------w I:\WINDOWS\ServicePackFiles\i386\msh263.drv

+ 2004-08-19 23:10:08 23,552 ------w I:\WINDOWS\ServicePackFiles\i386\wdmaud.drv

+ 2004-08-19 23:10:08 146,944 ------w I:\WINDOWS\ServicePackFiles\i386\winspool.drv

+ 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\sntnlusb.sys

+ 1999-07-20 03:38:00 6,944 ----a-r I:\WINDOWS\sntusb95.sys

+ 2008-07-18 05:52:59 7,264 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{5AA70BE6-651E-439A-A4AF-17131AE5A542}.bin

+ 2008-07-17 05:27:06 10,308 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{6F89D190-5113-43C0-A793-8615836436EC}.bin

+ 2008-07-11 16:03:14 15,456 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{927826F8-F827-4CDC-8FB5-BBCF8C530A8F}.bin

+ 2008-07-13 10:41:59 5,892 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{A9BCB0E8-93DC-466D-85B5-6C6FED16BB40}.bin

+ 2008-07-17 09:01:17 4,196 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{DE3AC4AD-8570-4D00-8FBE-DC6CC0A5DC09}.bin

+ 2000-08-31 06:00:00 161,792 ----a-w I:\WINDOWS\swreg.exe

+ 2000-08-31 06:00:00 136,704 ----a-w I:\WINDOWS\swsc.exe

+ 2000-08-31 06:00:00 212,480 ----a-w I:\WINDOWS\swxcacls.exe

+ 2003-04-24 12:00:00 2,000 ----a-w I:\WINDOWS\system\KEYBOARD.DRV

+ 2003-04-24 12:00:00 73,680 ----a-w I:\WINDOWS\system\MCIAVI.DRV

+ 2003-04-24 12:00:00 25,280 ----a-w I:\WINDOWS\system\MCISEQ.DRV

+ 2003-04-24 12:00:00 28,160 ----a-w I:\WINDOWS\system\MCIWAVE.DRV

+ 2003-04-24 12:00:00 2,032 ----a-w I:\WINDOWS\system\MOUSE.DRV

+ 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\system\sntnlusb.sys

+ 1999-07-20 03:38:00 6,944 ----a-r I:\WINDOWS\system\sntusb95.sys

+ 2003-04-24 12:00:00 1,744 ----a-w I:\WINDOWS\system\SOUND.DRV

+ 2003-04-24 12:00:00 3,360 ----a-w I:\WINDOWS\system\SYSTEM.DRV

+ 2003-04-24 12:00:00 4,096 ----a-w I:\WINDOWS\system\TIMER.DRV

+ 2003-04-24 12:00:00 2,176 ----a-w I:\WINDOWS\system\VGA.DRV

+ 2003-04-24 12:00:00 13,600 ----a-w I:\WINDOWS\system\WFWNET.DRV

+ 2004-08-19 23:10:08 146,944 ----a-w I:\WINDOWS\system\winspool.drv

- 2004-08-19 23:08:00 8,704 ----a-w I:\WINDOWS\system32\asferror.dll

+ 2006-11-03 07:56:54 7,680 ----a-w I:\WINDOWS\system32\asferror.dll

+ 2006-10-18 19:47:08 276,992 ------w I:\WINDOWS\system32\audiodev.dll

- 2005-01-28 12:44:28 294,912 ----a-w I:\WINDOWS\system32\blackbox.dll

+ 2006-10-18 19:47:10 542,720 ----a-w I:\WINDOWS\system32\blackbox.dll

+ 2004-02-11 10:11:04 32,768 ----a-w I:\WINDOWS\system32\BlackKey.dll

- 2005-01-28 12:44:28 164,864 ----a-w I:\WINDOWS\system32\cewmdm.dll

+ 2006-10-18 19:47:10 229,376 ----a-w I:\WINDOWS\system32\cewmdm.dll

- 2005-12-15 16:48:20 172,032 ----a-w I:\WINDOWS\system32\cmuda.dll

+ 2006-06-15 16:03:48 172,032 ----a-w I:\WINDOWS\system32\cmuda.dll

+ 2003-04-24 12:00:00 10,544 ----a-w I:\WINDOWS\system32\comm.drv

+ 2008-07-14 18:36:05 262,144 ---ha-w I:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

+ 2004-08-19 23:23:25 1,788 ----a-w I:\WINDOWS\system32\dcache.bin

+ 2007-10-23 23:47:28 96,760 ----a-w I:\WINDOWS\system32\dfshim.dll

+ 2001-11-23 10:08:20 712,704 -c--a-w I:\WINDOWS\system32\dllcache\a3d.dll

- 2005-01-28 12:44:28 294,912 -c--a-w I:\WINDOWS\system32\dllcache\blackbox.dll

+ 2006-10-18 19:47:10 542,720 -c--a-w I:\WINDOWS\system32\dllcache\blackbox.dll

- 2005-01-28 12:44:28 164,864 -c--a-w I:\WINDOWS\system32\dllcache\cewmdm.dll

+ 2006-10-18 19:47:10 229,376 -c--a-w I:\WINDOWS\system32\dllcache\cewmdm.dll

+ 2004-08-04 06:07:58 60,288 -c--a-w I:\WINDOWS\system32\dllcache\drmk.sys

- 2005-01-28 12:44:28 502,272 -c--a-w I:\WINDOWS\system32\dllcache\drmv2clt.dll

+ 2006-10-18 19:47:10 991,744 -c--a-w I:\WINDOWS\system32\dllcache\drmv2clt.dll

+ 2007-03-22 18:24:58 28,160 -c----w I:\WINDOWS\system32\dllcache\FilterPipelinePrintProc.dll

+ 2004-08-19 23:09:28 21,504 -c--a-w I:\WINDOWS\system32\dllcache\hidserv.dll

+ 2004-08-19 23:00:36 14,848 -c--a-w I:\WINDOWS\system32\dllcache\kbdhid.sys

+ 2003-04-24 12:00:00 2,000 -c--a-w I:\WINDOWS\system32\dllcache\keyboard.drv

- 2004-08-04 07:15:22 140,928 -c--a-w I:\WINDOWS\system32\dllcache\ks.sys

+ 2004-08-04 06:15:22 140,928 -c--a-w I:\WINDOWS\system32\dllcache\ks.sys

- 2005-01-28 12:44:28 6,656 -c--a-w I:\WINDOWS\system32\dllcache\laprxy.dll

+ 2006-10-18 19:47:14 11,264 -c--a-w I:\WINDOWS\system32\dllcache\LAPRXY.dll

- 2005-01-28 12:44:28 96,768 -c--a-w I:\WINDOWS\system32\dllcache\logagent.exe

+ 2006-10-18 18:03:58 100,864 -c--a-w I:\WINDOWS\system32\dllcache\logagent.exe

+ 2003-04-24 12:00:00 2,560 -c--a-w I:\WINDOWS\system32\dllcache\lz32.dll

+ 2003-04-24 12:00:00 73,680 -c--a-w I:\WINDOWS\system32\dllcache\mciavi.drv

+ 2003-04-24 12:00:00 25,280 -c--a-w I:\WINDOWS\system32\dllcache\mciseq.drv

+ 2003-04-24 12:00:00 28,160 -c--a-w I:\WINDOWS\system32\dllcache\mciwave.drv

+ 2003-04-24 12:00:00 2,032 -c--a-w I:\WINDOWS\system32\dllcache\mouse.drv

- 2005-01-28 12:44:28 142,336 -c--a-w I:\WINDOWS\system32\dllcache\msnetobj.dll

+ 2006-10-18 19:47:16 179,712 -c--a-w I:\WINDOWS\system32\dllcache\msnetobj.dll

- 2005-01-28 12:44:28 25,088 -c--a-w I:\WINDOWS\system32\dllcache\mspmsnsv.dll

+ 2006-10-18 19:47:16 27,136 -c--a-w I:\WINDOWS\system32\dllcache\mspmsnsv.dll

- 2005-01-28 12:44:28 173,568 -c--a-w I:\WINDOWS\system32\dllcache\mspmsp.dll

+ 2006-10-18 19:47:16 175,616 -c--a-w I:\WINDOWS\system32\dllcache\mspmsp.dll

- 2005-01-28 12:44:28 364,784 -c--a-w I:\WINDOWS\system32\dllcache\msscp.dll

+ 2006-10-18 19:47:16 414,208 -c--a-w I:\WINDOWS\system32\dllcache\msscp.dll

- 2005-01-28 12:44:28 315,904 -c--a-w I:\WINDOWS\system32\dllcache\mswmdm.dll

+ 2006-10-18 19:47:16 321,536 -c--a-w I:\WINDOWS\system32\dllcache\mswmdm.dll

+ 2003-04-24 12:00:00 2,944 -c--a-w I:\WINDOWS\system32\dllcache\null.sys

+ 2004-08-04 06:15:50 145,792 -c--a-w I:\WINDOWS\system32\dllcache\portcls.sys

+ 2007-03-22 18:25:42 677,376 -c----w I:\WINDOWS\system32\dllcache\PrintFilterPipelineSvc.exe

- 2005-01-28 12:44:28 221,184 -c--a-w I:\WINDOWS\system32\dllcache\qasf.dll

+ 2006-10-18 19:47:18 211,456 -c--a-w I:\WINDOWS\system32\dllcache\qasf.dll

+ 2003-04-24 12:00:00 1,744 -c--a-w I:\WINDOWS\system32\dllcache\sound.drv

+ 2004-08-04 06:08:02 48,640 -c--a-w I:\WINDOWS\system32\dllcache\stream.sys

+ 2003-04-24 12:00:00 3,360 -c--a-w I:\WINDOWS\system32\dllcache\system.drv

+ 2003-04-24 12:00:00 4,096 -c--a-w I:\WINDOWS\system32\dllcache\timer.drv

+ 2003-04-24 12:00:00 2,176 -c--a-w I:\WINDOWS\system32\dllcache\vga.drv

+ 2003-04-24 12:00:00 13,600 -c--a-w I:\WINDOWS\system32\dllcache\wfwnet.drv

+ 2003-04-24 12:00:00 2,864 -c--a-w I:\WINDOWS\system32\dllcache\winsock.dll

+ 2003-04-24 12:00:00 2,112 -c--a-w I:\WINDOWS\system32\dllcache\winspool.exe

- 2005-01-28 12:44:28 396,528 -c--a-w I:\WINDOWS\system32\dllcache\wmadmod.dll

+ 2006-10-18 19:47:18 757,248 -c--a-w I:\WINDOWS\system32\dllcache\WMADMOD.dll

- 2005-01-28 12:44:28 716,288 -c--a-w I:\WINDOWS\system32\dllcache\wmadmoe.dll

+ 2006-10-18 19:47:18 1,117,696 -c--a-w I:\WINDOWS\system32\dllcache\WMADMOE.dll

- 2007-10-20 05:01:32 227,328 -c--a-w I:\WINDOWS\system32\dllcache\wmasf.dll

+ 2006-10-18 19:47:18 222,208 -c--a-w I:\WINDOWS\system32\dllcache\WMASF.dll

- 2005-01-28 12:44:28 28,160 -c--a-w I:\WINDOWS\system32\dllcache\wmdmlog.dll

+ 2006-10-18 19:47:18 33,792 -c--a-w I:\WINDOWS\system32\dllcache\wmdmlog.dll

- 2005-01-28 12:44:28 33,792 -c--a-w I:\WINDOWS\system32\dllcache\wmdmps.dll

+ 2006-10-18 19:47:18 37,376 -c--a-w I:\WINDOWS\system32\dllcache\wmdmps.dll

- 2005-01-28 12:44:28 150,016 -c--a-w I:\WINDOWS\system32\dllcache\wmidx.dll

+ 2006-10-18 19:47:20 157,184 -c--a-w I:\WINDOWS\system32\dllcache\wmidx.dll

- 2005-01-28 12:44:28 1,027,072 -c--a-w I:\WINDOWS\system32\dllcache\wmnetmgr.dll

+ 2006-10-18 19:47:20 937,984 -c--a-w I:\WINDOWS\system32\dllcache\WMNetMgr.dll

- 2004-08-19 23:10:05 73,728 -c--a-w I:\WINDOWS\system32\dllcache\wmplayer.exe

+ 2006-11-03 07:59:00 64,000 -c--a-w I:\WINDOWS\system32\dllcache\wmplayer.exe

- 2004-08-19 23:09:11 2,985,984 -c--a-w I:\WINDOWS\system32\dllcache\wmploc.dll

+ 2006-11-03 08:03:34 8,292,352 -c--a-w I:\WINDOWS\system32\dllcache\wmploc.dll

- 2005-01-28 12:44:28 774,904 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmod.dll

+ 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmod.dll

- 2005-01-28 12:44:28 1,119,744 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmoe2.dll

+ 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmoe2.dll

- 2005-01-28 12:44:28 413,944 -c--a-w I:\WINDOWS\system32\dllcache\wmspdmod.dll

+ 2006-10-18 19:47:22 603,648 -c--a-w I:\WINDOWS\system32\dllcache\WMSPDMOD.dll

- 2005-01-28 12:44:28 940,544 -c--a-w I:\WINDOWS\system32\dllcache\wmspdmoe.dll

+ 2006-10-18 19:47:22 1,329,152 -c--a-w I:\WINDOWS\system32\dllcache\WMSPDMOE.dll

- 2006-12-07 05:29:34 2,374,472 -c--a-w I:\WINDOWS\system32\dllcache\wmvcore.dll

+ 2006-10-18 19:47:22 2,450,944 -c--a-w I:\WINDOWS\system32\dllcache\wmvcore.dll

- 2005-01-28 12:44:28 895,736 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmod.dll

+ 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmod.dll

- 2005-01-28 12:44:28 1,003,008 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmoe2.dll

+ 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmoe2.dll

+ 2003-04-24 12:00:00 2,736 -c--a-w I:\WINDOWS\system32\dllcache\wowdeb.exe

- 2007-07-30 17:19:28 203,096 -c--a-w I:\WINDOWS\system32\dllcache\wuweb.dll

+ 2007-07-30 17:19:46 203,096 -c--a-w I:\WINDOWS\system32\dllcache\wuweb.dll

+ 2007-03-23 04:07:54 583,504 -c----w I:\WINDOWS\system32\dllcache\XPSSHHDR.dll

+ 2007-03-23 04:07:56 1,683,280 -c----w I:\WINDOWS\system32\dllcache\XpsSvcs.dll

- 2005-12-15 11:57:46 1,368,000 ----a-w I:\WINDOWS\system32\drivers\cmuda.sys

+ 2006-06-26 10:15:38 1,372,992 ----a-w I:\WINDOWS\system32\drivers\cmuda.sys

+ 2004-08-04 06:07:57 2,944 ----a-w I:\WINDOWS\system32\drivers\drmkaud.sys

+ 2004-08-19 23:00:36 14,848 ----a-w I:\WINDOWS\system32\drivers\kbdhid.sys

- 2004-08-04 07:15:22 140,928 ----a-w I:\WINDOWS\system32\drivers\ks.sys

+ 2004-08-04 06:15:22 140,928 ----a-w I:\WINDOWS\system32\drivers\ks.sys

+ 2001-08-17 21:00:04 2,944 ----a-w I:\WINDOWS\system32\drivers\msmpu401.sys

+ 2004-11-03 10:20:24 13,332 ----a-w I:\WINDOWS\system32\drivers\MWhid.sys

+ 2003-04-24 12:00:00 2,944 ----a-w I:\WINDOWS\system32\drivers\null.sys

+ 2007-06-28 18:20:42 37,896 ----a-w I:\WINDOWS\system32\drivers\oobctm.sys

+ 2008-03-29 11:46:24 22,328 ----a-w I:\WINDOWS\system32\drivers\PnkBstrK.sys

- 2004-08-04 06:15:49 145,792 ----a-w I:\WINDOWS\system32\drivers\portcls.sys

+ 2004-08-04 06:15:50 145,792 ----a-w I:\WINDOWS\system32\drivers\portcls.sys

+ 1999-07-20 03:38:00 73,216 ----a-w I:\WINDOWS\system32\drivers\SENTINEL.SYS

- 2007-08-29 19:24:03 685,816 ----a-w I:\WINDOWS\system32\drivers\sptd.sys

+ 2008-04-18 11:28:31 717,296 ----a-w I:\WINDOWS\system32\drivers\sptd.sys

+ 2008-02-25 18:50:37 102,664 ----a-w I:\WINDOWS\system32\drivers\tmcomm.sys

+ 2006-10-18 19:47:22 671,232 ------w I:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll

- 2005-01-28 12:44:28 18,944 ----a-w I:\WINDOWS\system32\drivers\wpdusb.sys

+ 2006-10-18 18:00:00 38,528 ----a-w I:\WINDOWS\system32\drivers\wpdusb.sys

+ 2006-09-28 16:55:50 77,568 ------w I:\WINDOWS\system32\drivers\WudfPf.sys

+ 2006-09-28 17:00:34 82,944 ------w I:\WINDOWS\system32\drivers\WudfRd.sys

+ 2006-10-18 18:00:46 249,856 ------w I:\WINDOWS\system32\drmupgds.exe

- 2005-01-28 12:44:28 502,272 ----a-w I:\WINDOWS\system32\drmv2clt.dll

+ 2006-10-18 19:47:10 991,744 ----a-w I:\WINDOWS\system32\drmv2clt.dll

- 2007-11-03 10:50:53 1,501,096 ----a-w I:\WINDOWS\system32\FNTCACHE.DAT

+ 2008-07-17 10:43:16 1,528,256 ----a-w I:\WINDOWS\system32\FNTCACHE.DAT

+ 2004-08-19 23:09:28 21,504 ----a-w I:\WINDOWS\system32\hidserv.dll

- 2007-09-24 20:30:28 135,168 ----a-w I:\WINDOWS\system32\java.exe

+ 2008-02-22 00:23:35 135,168 ----a-w I:\WINDOWS\system32\java.exe

- 2007-09-24 20:30:30 135,168 ----a-w I:\WINDOWS\system32\javaw.exe

+ 2008-02-22 00:23:39 135,168 ----a-w I:\WINDOWS\system32\javaw.exe

- 2007-09-24 21:31:42 139,264 ----a-w I:\WINDOWS\system32\javaws.exe

+ 2008-02-22 01:33:32 139,264 ----a-w I:\WINDOWS\system32\javaws.exe

+ 2003-04-24 12:00:00 2,000 ----a-w I:\WINDOWS\system32\keyboard.drv

+ 2004-08-19 23:09:30 4,096 ----a-w I:\WINDOWS\system32\ksuser(2).dll

+ 2003-04-24 12:00:00 224,448 ----a-w I:\WINDOWS\system32\lanman.drv

- 2005-01-28 12:44:28 6,656 ----a-w I:\WINDOWS\system32\laprxy.dll

+ 2006-10-18 19:47:14 11,264 ----a-w I:\WINDOWS\system32\LAPRXY.dll

- 2005-01-28 12:44:28 96,768 ----a-w I:\WINDOWS\system32\logagent.exe

+ 2006-10-18 18:03:58 100,864 ----a-w I:\WINDOWS\system32\logagent.exe

+ 2003-04-24 12:00:00 2,560 ----a-w I:\WINDOWS\system32\lz32.dll

+ 2008-03-25 02:32:44 218,496 ----a-r I:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe

- 2007-11-25 00:14:48 48,749 ----a-w I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

+ 2008-07-17 17:28:03 74,649 ----a-w I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

+ 2003-04-24 12:00:00 73,680 ----a-w I:\WINDOWS\system32\mciavi.drv

+ 2003-04-24 12:00:00 25,280 ----a-w I:\WINDOWS\system32\mciseq.drv

+ 2003-04-24 12:00:00 28,160 ----a-w I:\WINDOWS\system32\mciwave.drv

+ 2004-12-09 15:50:56 2,142,208 ----a-w I:\WINDOWS\system32\MegaStore.exe

+ 2006-10-18 19:47:14 212,992 ------w I:\WINDOWS\system32\MFPLAT.dll

+ 2003-04-24 12:00:00 2,032 ----a-w I:\WINDOWS\system32\mouse.drv

+ 2006-10-18 19:47:14 259,072 ------w I:\WINDOWS\system32\MP43DECD.dll

- 2004-08-19 23:09:31 310,272 ------w I:\WINDOWS\system32\mp43dmod.dll

+ 2006-10-18 19:47:14 4,096 ------w I:\WINDOWS\system32\MP43DMOD.dll

+ 2006-10-18 19:47:14 317,440 ------w I:\WINDOWS\system32\MP4SDECD.dll

- 2004-08-19 23:09:31 384,512 ------w I:\WINDOWS\system32\mp4sdmod.dll

+ 2006-10-18 19:47:14 4,096 ------w I:\WINDOWS\system32\MP4SDMOD.dll

+ 2006-10-18 19:47:14 259,072 ------w I:\WINDOWS\system32\MPG4DECD.dll

- 2004-08-19 23:09:31 240,640 ----a-w I:\WINDOWS\system32\mpg4dmod.dll

+ 2006-10-18 19:47:14 4,096 ----a-w I:\WINDOWS\system32\MPG4DMOD.dll

+ 2003-04-24 12:00:00 20,992 ----a-w I:\WINDOWS\system32\msacm32.drv

+ 2007-10-23 23:47:38 282,112 ----a-w I:\WINDOWS\system32\mscoree.dll

+ 2007-10-23 23:47:38 158,720 ----a-w I:\WINDOWS\system32\mscorier.dll

+ 2007-10-23 23:47:38 84,480 ----a-w I:\WINDOWS\system32\mscories.dll

+ 2006-10-02 13:28:42 312,128 ------w I:\WINDOWS\system32\msdelta.dll

+ 2005-07-26 07:59:48 86,016 ----a-w I:\WINDOWS\system32\MSffdrv.dll

+ 2005-08-23 15:10:02 880,640 ----a-w I:\WINDOWS\system32\MSffpage.dll

+ 2004-08-19 23:10:08 188,416 ----a-w I:\WINDOWS\system32\msh261.drv

+ 2004-08-20 00:10:08 294,912 ----a-w I:\WINDOWS\system32\msh263.drv

- 2005-01-28 12:44:28 142,336 ----a-w I:\WINDOWS\system32\msnetobj.dll

+ 2006-10-18 19:47:16 179,712 ----a-w I:\WINDOWS\system32\msnetobj.dll

- 2005-01-28 12:44:28 25,088 ----a-w I:\WINDOWS\system32\MsPMSNSv.dll

+ 2006-10-18 19:47:16 27,136 ----a-w I:\WINDOWS\system32\mspmsnsv.dll

- 2005-01-28 12:44:28 173,568 ----a-w I:\WINDOWS\system32\MsPMSP.dll

+ 2006-10-18 19:47:16 175,616 ----a-w I:\WINDOWS\system32\mspmsp.dll

- 2005-01-28 12:44:28 364,784 ----a-w I:\WINDOWS\system32\MSSCP.dll

+ 2006-10-18 19:47:16 414,208 ----a-w I:\WINDOWS\system32\msscp.dll

- 2005-01-28 12:44:28 315,904 ----a-w I:\WINDOWS\system32\MSWMDM.dll

+ 2006-10-18 19:47:16 321,536 ----a-w I:\WINDOWS\system32\mswmdm.dll

+ 2007-05-15 13:43:10 1,320,800 ----a-w I:\WINDOWS\system32\msxml6.dll

+ 2007-05-08 15:08:12 86,728 ----a-w I:\WINDOWS\system32\msxml6r.dll

+ 2007-10-23 23:47:44 15,360 ----a-w I:\WINDOWS\system32\mui\0409\mscorees.dll

+ 2005-09-23 05:28:56 32,768 ----a-w I:\WINDOWS\system32\netfxperf.dll

+ 2006-10-22 10:22:00 4,527,488 ----a-w I:\WINDOWS\system32\nv4_disp(3).dll

+ 2006-10-22 10:22:00 35,840 ----a-w I:\WINDOWS\system32\nvcod(2).dll

+ 2007-06-28 21:02:08 1,049,856 ----a-w I:\WINDOWS\system32\oodag.exe

+ 2007-06-28 20:58:50 17,152 ----a-w I:\WINDOWS\system32\oodagmg.dll

+ 2007-06-28 20:58:52 15,616 ----a-w I:\WINDOWS\system32\oodagrs.dll

+ 2007-06-28 21:00:26 193,792 ----a-w I:\WINDOWS\system32\oodbs.exe

+ 2007-06-28 20:58:52 9,984 ----a-w I:\WINDOWS\system32\oodbsrs.dll

+ 2007-06-28 21:01:00 2,512,128 ----a-w I:\WINDOWS\system32\oodtray.exe

+ 2007-06-28 20:59:12 206,080 ----a-w I:\WINDOWS\system32\oodtrrs.dll

+ 2007-06-28 18:19:48 15,104 ----a-w I:\WINDOWS\system32\ootmapi.dll

- 2007-10-28 09:54:07 39,992 ----a-w I:\WINDOWS\system32\perfc009.dat

+ 2008-07-15 15:03:10 90,608 ----a-w I:\WINDOWS\system32\perfc009.dat

- 2007-10-28 09:54:07 48,616 ----a-w I:\WINDOWS\system32\perfc00C.dat

+ 2008-07-15 15:03:10 109,860 ----a-w I:\WINDOWS\system32\perfc00C.dat

- 2007-10-28 09:54:07 311,604 ----a-w I:\WINDOWS\system32\perfh009.dat

+ 2008-07-15 15:03:10 487,864 ----a-w I:\WINDOWS\system32\perfh009.dat

- 2007-10-28 09:54:07 367,658 ----a-w I:\WINDOWS\system32\perfh00C.dat

+ 2008-07-15 15:03:10 563,722 ----a-w I:\WINDOWS\system32\perfh00C.dat

+ 2006-10-24 10:30:20 412,160 ------w I:\WINDOWS\system32\photometadatahandler.dll

+ 2008-03-27 08:49:56 66,872 ----a-w I:\WINDOWS\system32\PnkBstrA.exe

+ 2008-03-29 11:46:17 107,832 ----a-w I:\WINDOWS\system32\PnkBstrB.exe

+ 2006-10-18 19:47:18 284,160 ------w I:\WINDOWS\system32\PortableDeviceApi.dll

+ 2006-10-18 19:47:18 101,888 ------w I:\WINDOWS\system32\PortableDeviceClassExtension.dll

+ 2006-10-18 19:47:18 166,912 ------w I:\WINDOWS\system32\PortableDeviceTypes.dll

+ 2006-10-18 19:47:18 132,096 ------w I:\WINDOWS\system32\PortableDeviceWiaCompat.dll

+ 2006-10-18 19:47:18 199,168 ------w I:\WINDOWS\system32\PortableDeviceWMDRM.dll

+ 2007-03-22 18:25:02 124,928 ------w I:\WINDOWS\system32\prntvpt.dll

- 2005-01-28 12:44:28 221,184 ----a-w I:\WINDOWS\system32\qasf.dll

+ 2006-10-18 19:47:18 211,456 ----a-w I:\WINDOWS\system32\qasf.dll

- 2007-11-03 20:15:29 72,976 ----a-w I:\WINDOWS\system32\Restore\rstrlog.dat

+ 2008-07-17 10:42:19 688,816 ----a-w I:\WINDOWS\system32\Restore\rstrlog.dat

+ 2006-08-24 14:15:06 150,808 ----a-w I:\WINDOWS\system32\rgb9rast_2.dll

+ 1999-07-20 03:38:00 32,256 ----a-r I:\WINDOWS\system32\RNBOSENT\SETUPX86.EXE

+ 1999-07-20 03:38:00 17,920 ----a-w I:\WINDOWS\system32\RNBOVDD.DLL

+ 1999-07-20 03:38:00 47,616 ----a-w I:\WINDOWS\system32\SNTI386.DLL

+ 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\system32\sntnlusb.sys

+ 2003-04-24 12:00:00 1,744 ----a-w I:\WINDOWS\system32\sound.drv

- 2006-11-17 14:14:30 14,640 ------w I:\WINDOWS\system32\spmsg.dll

+ 2006-10-16 14:10:58 14,640 ------w I:\WINDOWS\system32\spmsg.dll

+ 2007-03-22 18:25:42 677,376 ------w I:\WINDOWS\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe

- 2005-06-28 08:21:46 22,752 ----a-w I:\WINDOWS\system32\spupdsvc.exe

+ 2006-10-16 14:10:58 23,856 ----a-w I:\WINDOWS\system32\spupdsvc.exe

+ 2003-04-24 12:00:00 3,360 ----a-w I:\WINDOWS\system32\system.drv

+ 2003-04-24 12:00:00 4,096 ----a-w I:\WINDOWS\system32\timer.drv

- 2005-01-28 12:44:28 47,104 ----a-w I:\WINDOWS\system32\uwdf.exe

+ 2006-10-18 19:58:00 8,704 ----a-w I:\WINDOWS\system32\uwdf.exe

+ 2003-04-24 12:00:00 2,176 ----a-w I:\WINDOWS\system32\vga.drv

- 2005-01-28 12:44:28 15,872 ----a-w I:\WINDOWS\system32\wdfapi.dll

+ 2006-10-18 19:47:18 4,096 ----a-w I:\WINDOWS\system32\wdfapi.dll

- 2005-01-28 12:44:28 38,912 ----a-w I:\WINDOWS\system32\wdfmgr.exe

+ 2006-10-18 19:58:00 8,704 ----a-w I:\WINDOWS\system32\wdfmgr.exe

+ 2004-08-19 23:10:08 23,552 ----a-w I:\WINDOWS\system32\wdmaud(2).drv

+ 2004-08-19 23:10:08 23,552 ----a-w I:\WINDOWS\system32\wdmaud.drv

+ 2003-04-24 12:00:00 13,600 ----a-w I:\WINDOWS\system32\wfwnet.drv

+ 2006-10-24 10:30:06 716,288 ------w I:\WINDOWS\system32\WindowsCodecs.dll

+ 2006-10-24 10:29:50 352,256 ------w I:\WINDOWS\system32\WindowsCodecsExt.dll

+ 2003-04-24 12:00:00 2,864 ----a-w I:\WINDOWS\system32\winsock.dll

+ 2004-08-19 23:10:08 146,944 ----a-w I:\WINDOWS\system32\winspool.drv

+ 2003-04-24 12:00:00 2,112 ----a-w I:\WINDOWS\system32\winspool.exe

- 2005-01-28 12:44:28 396,528 ----a-w I:\WINDOWS\system32\wmadmod.dll

+ 2006-10-18 19:47:18 757,248 ----a-w I:\WINDOWS\system32\wmadmod.dll

- 2005-01-28 12:44:28 716,288 ----a-w I:\WINDOWS\system32\wmadmoe.dll

+ 2006-10-18 19:47:18 1,117,696 ----a-w I:\WINDOWS\system32\WMADMOE.dll

- 2007-10-20 05:01:32 227,328 ----a-w I:\WINDOWS\system32\wmasf.dll

+ 2006-10-18 19:47:18 222,208 ----a-w I:\WINDOWS\system32\wmasf.dll

- 2005-01-28 12:44:28 28,160 ----a-w I:\WINDOWS\system32\WMDMLOG.dll

+ 2006-10-18 19:47:18 33,792 ----a-w I:\WINDOWS\system32\wmdmlog.dll

- 2005-01-28 12:44:28 33,792 ----a-w I:\WINDOWS\system32\WMDMPS.dll

+ 2006-10-18 19:47:18 37,376 ----a-w I:\WINDOWS\system32\wmdmps.dll

- 2005-01-28 12:44:28 335,872 ----a-w I:\WINDOWS\system32\WMDRMdev.dll

+ 2006-10-18 19:47:18 429,056 ----a-w I:\WINDOWS\system32\wmdrmdev.dll

- 2005-01-28 12:44:28 290,816 ----a-w I:\WINDOWS\system32\WMDRMNet.dll

+ 2006-10-18 19:47:20 348,672 ----a-w I:\WINDOWS\system32\wmdrmnet.dll

+ 2006-10-18 19:47:20 535,040 ------w I:\WINDOWS\system32\wmdrmsdk.dll

- 2004-08-19 23:09:07 200,704 ------w I:\WINDOWS\system32\wmerror.dll

+ 2006-11-03 07:58:42 272,384 ------w I:\WINDOWS\system32\wmerror.dll

- 2005-01-28 12:44:28 150,016 ----a-w I:\WINDOWS\system32\wmidx.dll

+ 2006-10-18 19:47:20 157,184 ----a-w I:\WINDOWS\system32\wmidx.dll

- 2005-01-28 12:44:28 1,027,072 ----a-w I:\WINDOWS\system32\wmnetmgr.dll

+ 2006-10-18 19:47:20 937,984 ----a-w I:\WINDOWS\system32\WMNetMgr.dll

- 2007-04-30 00:22:16 4,734,976 ------w I:\WINDOWS\system32\wmp.dll

+ 2006-10-18 19:47:20 10,834,432 ------w I:\WINDOWS\system32\wmp.dll

- 2004-08-19 23:09:49 114,688 ------w I:\WINDOWS\system32\wmpasf.dll

+ 2006-10-18 19:47:20 242,688 ------w I:\WINDOWS\system32\wmpasf.dll

- 2004-08-19 23:09:49 233,472 ------w I:\WINDOWS\system32\wmpdxm.dll

+ 2006-10-18 19:47:20 314,880 ------w I:\WINDOWS\system32\wmpdxm.dll

+ 2006-10-18 19:47:20 295,936 ------w I:\WINDOWS\system32\wmpeffects.dll

+ 2006-10-18 19:47:20 1,661,440 ------w I:\WINDOWS\system32\wmpencen.dll

+ 2006-10-24 10:30:00 276,992 ------w I:\WINDOWS\system32\WMPhoto.dll

- 2004-08-19 23:09:11 2,985,984 ----a-w I:\WINDOWS\system32\wmploc.dll

+ 2006-11-03 08:03:34 8,292,352 ----a-w I:\WINDOWS\system32\wmploc.dll

+ 2006-10-18 19:47:20 613,376 ------w I:\WINDOWS\system32\wmpmde.dll

+ 2006-10-18 19:47:20 130,048 ------w I:\WINDOWS\system32\wmpps.dll

- 2004-08-19 23:09:49 102,400 ----a-w I:\WINDOWS\system32\wmpshell.dll

+ 2006-11-03 07:59:06 99,840 ----a-w I:\WINDOWS\system32\wmpshell.dll

+ 2006-10-18 19:47:20 204,288 ------w I:\WINDOWS\system32\wmpsrcwp.dll

- 2005-01-28 12:44:28 774,904 ----a-w I:\WINDOWS\system32\wmsdmod.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmsdmod.dll

- 2005-01-28 12:44:28 1,119,744 ----a-w I:\WINDOWS\system32\wmsdmoe2.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmsdmoe2.dll

- 2005-01-28 12:44:28 413,944 ----a-w I:\WINDOWS\system32\wmspdmod.dll

+ 2006-10-18 19:47:22 603,648 ----a-w I:\WINDOWS\system32\WMSPDMOD.dll

- 2005-01-28 12:44:28 940,544 ----a-w I:\WINDOWS\system32\wmspdmoe.dll

+ 2006-10-18 19:47:22 1,329,152 ----a-w I:\WINDOWS\system32\WMSPDMOE.dll

- 2005-01-28 12:44:28 1,218,808 ----a-w I:\WINDOWS\system32\wmvadvd.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\WMVADVD.dll

- 2005-01-28 12:44:28 1,512,448 ----a-w I:\WINDOWS\system32\WMVADVE.DLL

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\WMVADVE.DLL

- 2006-12-07 05:29:34 2,374,472 ----a-w I:\WINDOWS\system32\wmvcore.dll

+ 2006-10-18 19:47:22 2,450,944 ----a-w I:\WINDOWS\system32\wmvcore.dll

+ 2006-10-18 19:47:22 1,543,680 ------w I:\WINDOWS\system32\WMVDECOD.dll

- 2005-01-28 12:44:28 895,736 ----a-w I:\WINDOWS\system32\wmvdmod.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmvdmod.dll

- 2005-01-28 12:44:28 1,003,008 ----a-w I:\WINDOWS\system32\wmvdmoe2.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmvdmoe2.dll

+ 2006-10-18 19:47:22 1,574,912 ------w I:\WINDOWS\system32\WMVENCOD.dll

+ 2006-10-18 19:47:22 1,382,912 ------w I:\WINDOWS\system32\WMVSDECD.dll

+ 2006-10-18 19:47:22 767,488 ------w I:\WINDOWS\system32\WMVSENCD.dll

+ 2006-10-18 19:47:22 656,896 ------w I:\WINDOWS\system32\WMVXENCD.dll

+ 2003-04-24 12:00:00 2,736 ----a-w I:\WINDOWS\system32\wowdeb.exe

- 2005-01-28 12:44:28 38,912 ----a-w I:\WINDOWS\system32\wpd_ci.dll

+ 2006-10-18 19:47:22 629,760 ----a-w I:\WINDOWS\system32\wpd_ci.dll

- 2005-01-28 12:44:28 61,952 ----a-w I:\WINDOWS\system32\wpdconns.dll

+ 2006-10-18 19:47:22 35,840 ----a-w I:\WINDOWS\system32\wpdconns.dll

- 2005-01-28 12:44:28 114,176 ----a-w I:\WINDOWS\system32\wpdmtp.dll

+ 2006-10-18 19:47:22 154,624 ----a-w I:\WINDOWS\system32\wpdmtp.dll

- 2005-01-28 12:44:28 66,560 ----a-w I:\WINDOWS\system32\wpdmtpus.dll

+ 2006-10-18 19:47:22 63,488 ----a-w I:\WINDOWS\system32\wpdmtpus.dll

+ 2006-10-18 19:47:22 2,603,008 ------w I:\WINDOWS\system32\WpdShext.dll

+ 2006-10-18 18:00:14 17,408 ------w I:\WINDOWS\system32\wpdshextautoplay.exe

+ 2006-11-02 09:52:12 44,032 ------w I:\WINDOWS\system32\wpdshextres.dll

+ 2006-10-18 19:47:22 133,632 ------w I:\WINDOWS\system32\WPDShServiceObj.dll

- 2005-01-28 12:44:28 331,264 ----a-w I:\WINDOWS\system32\wpdsp.dll

+ 2006-10-18 19:47:22 356,352 ----a-w I:\WINDOWS\system32\wpdsp.dll

+ 2006-09-28 18:13:26 95,344 ------w I:\WINDOWS\system32\WUDFCoinstaller.dll

+ 2006-09-28 16:56:38 146,432 ------w I:\WINDOWS\system32\WudfHost.exe

+ 2006-09-28 16:56:16 165,376 ------w I:\WINDOWS\system32\WudfPlatform.dll

+ 2006-09-28 16:56:14 55,808 ------w I:\WINDOWS\system32\WudfSvc.dll

+ 2006-09-28 16:56:38 316,416 ------w I:\WINDOWS\system32\WUDFx.dll

- 2007-07-30 17:19:28 203,096 ----a-w I:\WINDOWS\system32\wuweb.dll

+ 2007-07-30 17:19:46 203,096 ----a-w I:\WINDOWS\system32\wuweb.dll

+ 2007-03-23 04:07:54 583,504 ------w I:\WINDOWS\system32\XPSSHHDR.dll

+ 2007-03-23 04:07:56 1,683,280 ------w I:\WINDOWS\system32\XpsSvcs.dll

+ 2000-08-31 06:00:00 49,152 ----a-w I:\WINDOWS\VFind.exe

+ 2008-07-15 15:02:50 8,192 ----a-w I:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

+ 2006-12-01 20:56:00 96,256 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll

+ 2007-10-23 23:47:56 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcm80.dll

+ 2007-10-23 23:47:56 558,080 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll

+ 2007-10-23 23:47:56 635,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll

- 2005-09-22 21:48:08 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll

+ 2005-09-23 05:29:16 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll

- 2005-09-22 21:48:08 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll

+ 2005-09-23 05:29:16 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll

- 2005-09-22 21:48:06 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll

+ 2005-09-23 05:29:16 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll

+ 2006-12-01 21:54:32 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll

+ 2006-12-01 21:54:34 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll

+ 2006-12-01 21:54:32 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

+ 2006-12-01 23:25:52 1,101,824 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll

+ 2006-12-01 23:25:56 1,093,120 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll

+ 2006-12-01 23:25:58 69,632 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll

+ 2006-12-01 23:26:00 57,856 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll

+ 2006-12-01 22:08:00 40,960 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll

+ 2006-12-01 22:08:00 45,056 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll

+ 2006-12-01 22:08:00 65,536 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll

+ 2006-12-01 22:08:00 57,344 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll

+ 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll

+ 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll

+ 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll

+ 2006-12-01 22:08:00 49,152 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll

+ 2006-12-01 22:08:00 49,152 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll

+ 2006-12-01 22:46:44 65,536 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll

+ 2007-11-07 15:19:32 161,784 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll

+ 2007-11-07 10:23:58 224,768 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll

+ 2007-11-07 15:19:34 568,832 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll

+ 2007-11-07 15:19:34 655,872 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll

+ 2007-11-07 15:19:38 1,156,600 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll

+ 2007-11-07 15:19:38 1,162,744 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll

+ 2007-11-07 12:51:08 59,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll

+ 2007-11-07 12:51:08 59,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll

+ 2007-11-07 15:19:16 41,472 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll

+ 2007-11-07 15:19:16 41,984 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll

+ 2007-11-07 15:19:28 60,928 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll

+ 2007-11-07 15:19:22 54,272 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll

+ 2007-11-07 15:19:22 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll

+ 2007-11-07 15:19:22 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll

+ 2007-11-07 15:19:28 60,416 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll

+ 2007-11-07 15:19:28 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll

+ 2007-11-07 15:19:16 47,104 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll

+ 2007-11-07 15:19:16 46,592 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll

+ 2007-11-07 15:19:22 54,272 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll

+ 2008-07-15 15:02:57 258,048 ----a-w I:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2008-07-15 15:02:57 113,664 ----a-w I:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

+ 2000-08-31 06:00:00 68,096 ----a-w I:\WINDOWS\zip.exe

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="I:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]

"Steam"="i:\program files\valve\steam\steam.exe" [2008-06-07 17:47 1271032]

"msnmsgr"="I:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352]

"swg"="I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-15 00:11 68856]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PowerStrip"="i:\program files\powerstrip\pstrip.exe" [2007-07-14 11:35 730360]

"NvCplDaemon"="I:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480]

"MessengerPlus3"="I:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-08-14 17:51 190024]

"BigDogPath"="I:\WINDOWS\VM_STI.EXE" [2004-11-29 08:28 40960]

"nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 I:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="NvMCTray.dll" [2006-10-22 12:22 86016 I:\WINDOWS\system32\nvmctray.dll]

"Cmaudio"="cmicnfg.cpl" [N/A]

 

I:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

Outil de mise … jour Google.lnk - I:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-15 00:11:11 124912]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"SENTINEL"= snti386.dll

 

[HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]

path=I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk

backup=I:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]

--a------ 2007-06-11 11:25 6731312 I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-squared]

--a------ 2008-07-14 19:00 2132112 I:\Program Files\a-squared Anti-Malware\a2guard.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]

--a------ 2006-01-18 15:52 229416 I:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

--a------ 2008-04-01 11:39 486856 I:\Program Files\DAEMON Tools Lite\daemon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HiYo]

I:\Program Files\HiYo\bin\HiYo.exe [N/A]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]

--a------ 2008-04-01 12:40 172280 I:\Program Files\ICQ6\ICQ.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

-ra------ 2001-07-09 12:50 155648 I:\WINDOWS\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]

--a------ 2007-06-28 23:01 2512128 I:\WINDOWS\system32\oodtray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]

--a------ 2007-10-23 02:47 360448 I:\Program Files\Winamp Remote\bin\OrbTray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]

--------- 2003-06-24 15:23 61440 I:\Program Files\Home Cinema\PowerCinema\PCMService.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2008-02-22 05:25 144784 I:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]

--a------ 2007-05-15 16:34 3975848 I:\Program Files\TomTom HOME\TomTomHOME.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]

I:\Program Files\Unlocker\UnlockerAssistant.exe [N/A]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

--a------ 2007-10-10 07:28 36352 I:\Program Files\Winamp\winampa.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{7147f2b1-74f9-82c9-6bdd-49be6cbfe9fb}]

I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll [N/A]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Corporation Svchost Service]

mssvc.exe [N/A]

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"I:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=

"I:\\Program Files\\MSN Messenger\\livecall.exe"=

"I:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"=

"I:\\Program Files\\ICQ6\\ICQ.exe"=

"I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\Win32\\RpcDataSrv.exe"=

"I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\RpcSandraSrv.exe"=

"I:\\Program Files\\LimeWire\\LimeWire.exe"=

"I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\PCM.exe"=

"I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\Autorun\\Exe\\Autorun.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3478:UDP"= 3478:UDP:stun

"3479:UDP"= 3479:UDP:stun 2

"6112:UDP"= 6112:UDP:stun 3

"5730:UDP"= 5730:UDP:game

"5739:UDP"= 5739:UDP:game 1

"9001:TCP"= 9001:TCP:game 2

"11881:TCP"= 11881:TCP:game 3

"11881:UDP"= 11881:UDP:game4

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

 

R0 avgntmgr;avgntmgr;I:\WINDOWS\system32\drivers\avgntmgr.sys [2005-07-04 11:58]

R1 appdrv01;Application Driver (01);I:\WINDOWS\system32\Drivers\appdrv01.sys [2008-07-11 20:33]

R1 avgntdd;avgntdd;I:\WINDOWS\system32\DRIVERS\avgntdd.sys [2005-08-23 15:32]

R2 PStrip;PStrip;I:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 03:37]

R3 Cap7134;MEDION (7134) WDM Video Capture;I:\WINDOWS\system32\DRIVERS\Cap7134.sys [2002-11-04 17:29]

R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;I:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2002-11-04 17:32]

S1 hidfltr;HID Filter Driver;I:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 12:20]

S2 appdrvrem01;Application Driver Auto Removal Service (01);I:\WINDOWS\System32\appdrvrem01.exe svc []

S3 ewdmaudn;ewdmaudn;I:\DOCUME~1\BENOIT~1\LOCALS~1\Temp\ewdmaudn.sys []

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2291a4b8-0870-11dd-b659-000c76febb28}]

\Shell\AutoRun\command - K:\Exe\Autorun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{360363b4-0d3b-11dd-b665-000c76febb28}]

\Shell\AutoRun\command - G:\Exe\Autorun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c0f6098-3a40-11dd-b6c8-000c76febb28}]

\Shell\AutoRun\command - L:\InstallTomTomHOME.exe

.

Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

"2008-07-12 22:36:01 I:\WINDOWS\Tasks\At1.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-15 07:00:02 I:\WINDOWS\Tasks\At10.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 08:07:03 I:\WINDOWS\Tasks\At11.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 09:07:14 I:\WINDOWS\Tasks\At12.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 10:07:15 I:\WINDOWS\Tasks\At13.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 11:07:22 I:\WINDOWS\Tasks\At14.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 12:07:21 I:\WINDOWS\Tasks\At15.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 13:00:05 I:\WINDOWS\Tasks\At16.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 14:00:02 I:\WINDOWS\Tasks\At17.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 15:00:01 I:\WINDOWS\Tasks\At18.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 16:00:05 I:\WINDOWS\Tasks\At19.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-12 23:00:01 I:\WINDOWS\Tasks\At2.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 17:00:02 I:\WINDOWS\Tasks\At20.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 18:00:27 I:\WINDOWS\Tasks\At21.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 19:00:03 I:\WINDOWS\Tasks\At22.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 20:00:00 I:\WINDOWS\Tasks\At23.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 21:00:00 I:\WINDOWS\Tasks\At24.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-12 22:56:10 I:\WINDOWS\Tasks\At25.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-12 23:00:10 I:\WINDOWS\Tasks\At26.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 00:00:10 I:\WINDOWS\Tasks\At27.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

- È:\îP˜

"2008-07-13 01:00:10 I:\WINDOWS\Tasks\At28.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 02:00:10 I:\WINDOWS\Tasks\At29.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 00:00:01 I:\WINDOWS\Tasks\At3.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-13 03:00:10 I:\WINDOWS\Tasks\At30.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 04:00:10 I:\WINDOWS\Tasks\At31.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 05:00:00 I:\WINDOWS\Tasks\At32.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 06:00:00 I:\WINDOWS\Tasks\At33.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-15 07:00:00 I:\WINDOWS\Tasks\At34.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 08:00:00 I:\WINDOWS\Tasks\At35.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 09:00:00 I:\WINDOWS\Tasks\At36.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 10:00:00 I:\WINDOWS\Tasks\At37.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 11:00:00 I:\WINDOWS\Tasks\At38.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 12:00:00 I:\WINDOWS\Tasks\At39.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 01:00:01 I:\WINDOWS\Tasks\At4.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 13:00:10 I:\WINDOWS\Tasks\At40.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 14:00:10 I:\WINDOWS\Tasks\At41.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 15:00:10 I:\WINDOWS\Tasks\At42.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 16:00:10 I:\WINDOWS\Tasks\At43.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 17:00:10 I:\WINDOWS\Tasks\At44.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 18:08:50 I:\WINDOWS\Tasks\At45.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 19:07:32 I:\WINDOWS\Tasks\At46.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 20:00:00 I:\WINDOWS\Tasks\At47.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 21:00:00 I:\WINDOWS\Tasks\At48.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-12 22:10:00 I:\WINDOWS\Tasks\At49.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 02:00:01 I:\WINDOWS\Tasks\At5.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-12 23:00:00 I:\WINDOWS\Tasks\At50.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 00:00:00 I:\WINDOWS\Tasks\At51.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 01:00:00 I:\WINDOWS\Tasks\At52.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 02:00:00 I:\WINDOWS\Tasks\At53.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 03:00:00 I:\WINDOWS\Tasks\At54.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 04:00:00 I:\WINDOWS\Tasks\At55.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 05:00:00 I:\WINDOWS\Tasks\At56.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 06:00:00 I:\WINDOWS\Tasks\At57.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-15 07:00:00 I:\WINDOWS\Tasks\At58.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-18 08:00:00 I:\WINDOWS\Tasks\At59.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 03:00:01 I:\WINDOWS\Tasks\At6.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 09:00:00 I:\WINDOWS\Tasks\At60.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-18 10:00:00 I:\WINDOWS\Tasks\At61.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-18 11:00:00 I:\WINDOWS\Tasks\At62.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-18 12:00:00 I:\WINDOWS\Tasks\At63.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 13:00:00 I:\WINDOWS\Tasks\At64.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 14:00:00 I:\WINDOWS\Tasks\At65.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 15:00:00 I:\WINDOWS\Tasks\At66.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 16:00:00 I:\WINDOWS\Tasks\At67.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 17:00:00 I:\WINDOWS\Tasks\At68.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 18:00:25 I:\WINDOWS\Tasks\At69.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 04:00:01 I:\WINDOWS\Tasks\At7.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 19:00:00 I:\WINDOWS\Tasks\At70.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 20:00:00 I:\WINDOWS\Tasks\At71.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 21:00:00 I:\WINDOWS\Tasks\At72.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-12 22:58:01 I:\WINDOWS\Tasks\At73.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-12 23:00:01 I:\WINDOWS\Tasks\At74.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 00:00:01 I:\WINDOWS\Tasks\At75.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 01:00:01 I:\WINDOWS\Tasks\At76.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 02:00:01 I:\WINDOWS\Tasks\At77.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 03:00:01 I:\WINDOWS\Tasks\At78.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 04:00:01 I:\WINDOWS\Tasks\At79.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 05:00:02 I:\WINDOWS\Tasks\At8.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 05:00:02 I:\WINDOWS\Tasks\At80.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 06:00:02 I:\WINDOWS\Tasks\At81.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-15 07:00:02 I:\WINDOWS\Tasks\At82.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 08:00:00 I:\WINDOWS\Tasks\At83.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 09:00:00 I:\WINDOWS\Tasks\At84.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 10:00:00 I:\WINDOWS\Tasks\At85.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 11:00:00 I:\WINDOWS\Tasks\At86.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 12:00:00 I:\WINDOWS\Tasks\At87.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 13:00:10 I:\WINDOWS\Tasks\At88.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 14:00:02 I:\WINDOWS\Tasks\At89.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 06:00:02 I:\WINDOWS\Tasks\At9.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 15:00:01 I:\WINDOWS\Tasks\At90.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 16:00:09 I:\WINDOWS\Tasks\At91.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 17:00:03 I:\WINDOWS\Tasks\At92.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 18:00:27 I:\WINDOWS\Tasks\At93.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 19:00:03 I:\WINDOWS\Tasks\At94.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 20:00:00 I:\WINDOWS\Tasks\At95.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 21:00:00 I:\WINDOWS\Tasks\At96.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 12:40:07 I:\WINDOWS\Tasks\User_Feed_Synchronization-{4274763A-B51A-48F2-A192-02DCE7262C32}.job"

- I:\WINDOWS\system32\msfeedssync.exe

.

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-07-18 14:31:26

Windows 5.1.2600 Service Pack 2 NTFS

 

Balayage processus cachés ...

 

Balayage caché autostart entries ...

 

Balayage des fichiers cachés ...

 

Scan terminé avec succès

Les fichiers cachés: 0

 

**************************************************************************

.

Temps d'accomplissement: 2008-07-18 14:32:53

ComboFix-quarantined-files.txt 2008-07-18 12:32:35

ComboFix2.txt 2008-01-20 20:43:00

 

Pre-Run: 177,256,910,848 octets libres

Post-Run: 177,319,284,736 octets libres

 

1140 --- E O F --- 2008-01-10 00:54:35

ComboFix 08-07-17.4 - benoit pellissier 2008-07-18 14:28:52.2 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.399 [GMT 2:00]

Endroit: I:\Documents and Settings\benoit pellissier\Bureau\Combo-Fix.exe

* Resident AV is active

 

 

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

I:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML

I:\install.exe

I:\WINDOWS\Downloaded Program Files\setup.inf

I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll

 

.

((((((((((((((((((((((((((((( Fichiers créés 2008-06-18 to 2008-07-18 ))))))))))))))))))))))))))))))))))))

.

 

2008-07-17 23:13 . 2008-07-17 23:13 35,842 --a------ I:\WINDOWS\system32\C3DL15v4.exe

2008-07-17 20:50 . 2008-07-17 20:51 1,442,142 --a------ I:\SDFix.exe

2008-07-17 18:36 . 2008-07-17 18:36 <REP> d-------- I:\VundoFix Backups

2008-07-17 18:30 . 2008-07-17 20:25 <REP> d-------- I:\Program Files\Malwarebytes' Anti-Malware

2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Malwarebytes

2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-07-17 18:30 . 2008-07-07 17:35 34,296 --a------ I:\WINDOWS\system32\drivers\mbamcatchme.sys

2008-07-17 18:30 . 2008-07-07 17:35 17,144 --a------ I:\WINDOWS\system32\drivers\mbam.sys

2008-07-17 12:46 . 2007-07-30 19:19 271,224 --a------ I:\WINDOWS\system32\mucltui.dll

2008-07-17 12:46 . 2007-07-30 19:19 207,736 --a------ I:\WINDOWS\system32\muweb.dll

2008-07-17 12:46 . 2007-07-30 19:18 30,072 --a------ I:\WINDOWS\system32\mucltui.dll.mui

2008-07-17 12:42 . 2008-07-17 12:42 <REP> d-------- I:\37697b738c9b3c8639754acaec909457

2008-07-17 12:41 . 2008-07-17 12:41 <REP> d-------- I:\3226aa2ad68ffcc930ef58

2008-07-17 10:35 . 2008-07-17 12:41 <REP> d----c--- I:\Program Files\Fichiers communs\WindowsLiveInstaller

2008-07-17 10:35 . 2008-07-17 10:54 <REP> d-------- I:\Documents and Settings\All Users\Application Data\WLInstaller

2008-07-15 17:05 . 2006-06-29 13:07 14,048 --------- I:\WINDOWS\system32\spmsg2.dll

2008-07-15 08:08 . 2008-07-15 08:08 <REP> d-------- I:\Program Files\TomTom DesktopSuite

2008-07-14 18:47 . 2008-07-17 13:07 <REP> d-------- I:\Program Files\a-squared Anti-Malware

2008-07-14 18:37 . 2008-07-14 18:37 <REP> d-------- I:\WINDOWS\type

2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\InstantTimeZone

2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Documents and Settings\All Users\Application Data\HiYo

2008-07-13 12:26 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\BigFix

2008-07-13 12:10 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\Realtek AC97

2008-07-13 12:10 . 2002-02-05 13:54 141,016 --a------ I:\WINDOWS\system32\alsndmgr.wav

2008-07-13 12:08 . 2008-07-13 12:49 <REP> d-------- I:\WINDOWS\NV35763580.TMP

2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Program Files\ma-config.com

2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Documents and Settings\All Users\Application Data\ma-config.com

2008-07-12 19:17 . 2008-07-15 17:17 <REP> d-------- I:\WINDOWS\system32\XPSViewer

2008-07-12 19:17 . 2008-07-12 19:17 <REP> d-------- I:\Program Files\MSBuild

2008-07-12 19:16 . 2008-07-12 19:16 <REP> d-------- I:\Program Files\Reference Assemblies

2008-07-12 18:02 . 2008-07-12 18:02 <REP> d-------- I:\Program Files\MSXML 6.0

2008-07-12 15:20 . 2008-07-12 19:31 1,374 --a------ I:\WINDOWS\imsins.BAK

2008-07-12 15:04 . 2008-07-12 15:04 0 --a------ I:\WINDOWS\system32\tOgc374C.exe.a_a

2008-07-11 20:33 . 2008-07-11 20:33 3,468,904 --a------ I:\WINDOWS\system32\drivers\appdrv01.sys

2008-07-11 20:33 . 2008-07-11 20:33 304,528 --a------ I:\WINDOWS\system32\appdrvrem01.exe

2008-07-11 18:50 . 2008-07-11 18:55 <REP> d-------- I:\Program Files\BHODemon 2

2008-07-11 17:48 . 2008-07-11 17:48 999 --a------ I:\WINDOWS\unins000.dat

2008-07-11 17:23 . 2008-07-11 18:03 <REP> d-------- I:\54f2d04aeca8b46f3adb319aae

2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Microsoft Visual Studio 8

2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Fichiers communs\Merge Modules

2008-07-11 17:16 . 2008-07-11 18:03 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Microsoft Help

2008-07-11 12:31 . 2008-07-11 18:05 <REP> d-------- I:\Program Files\SpywareGuard

2008-07-11 10:56 . 2008-07-11 10:56 0 --a------ I:\WINDOWS\system32\NW1iG6cU.exe.a_a

2008-07-10 19:32 . 2008-07-10 19:32 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Sandlot Games

2008-07-10 19:31 . 2008-07-10 19:31 <REP> d-------- I:\Program Files\ReflexiveArcade

2008-07-10 19:31 . 2008-07-11 18:04 <REP> d-------- I:\Program Files\Cake Mania

2008-07-07 16:10 . 2008-07-07 16:10 64,846 --a------ I:\WINDOWS\system32\kkkcccypnwb.exe

2008-07-06 12:20 . 2008-07-15 18:06 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Pro Cycling Manager 2008

2008-07-06 07:05 . 2008-07-06 07:25 <REP> d-------- I:\Program Files\Star Downloader

2008-07-03 23:11 . 2008-07-03 23:11 0 --a------ I:\WINDOWS\system32\HJO0GNU5.exe.a_a

2008-07-03 22:03 . 2008-07-03 22:03 <REP> dr------- I:\Documents and Settings\NetworkService\Favoris

2008-07-02 17:10 . 2008-07-02 17:10 0 --a------ I:\WINDOWS\system32\C3DL15v4.exe.a_a

2008-06-30 20:29 . 2006-10-04 16:06 1,197,294 -----c--- I:\WINDOWS\system32\dllcache\sysmain.sdb

2008-06-30 20:29 . 2006-10-04 16:06 764,868 -----c--- I:\WINDOWS\system32\dllcache\apph_sp.sdb

2008-06-30 20:29 . 2006-10-04 16:06 217,118 -----c--- I:\WINDOWS\system32\dllcache\apphelp.sdb

2008-06-30 20:27 . 2008-06-30 20:27 <REP> d-------- I:\Program Files\Windows Media Connect 2

2008-06-30 20:25 . 2008-06-30 20:26 <REP> d-------- I:\WINDOWS\system32\drivers\UMDF

2008-06-28 18:12 . 2008-06-28 18:23 <REP> d-------- I:\Program Files\Yahoo!

2008-06-28 07:37 . 2008-07-18 14:17 107,373 --a------ I:\WINDOWS\system32\oodbs.lor

2008-06-27 20:35 . 2008-06-27 20:35 0 --a------ I:\WINDOWS\oodcnt.INI

2008-06-27 16:04 . 2008-07-16 19:21 <REP> d-------- I:\WINDOWS\system32\oodag

2008-06-27 15:52 . 2008-06-27 15:52 <REP> d-------- I:\Program Files\OO Software

2008-06-27 15:45 . 2008-07-16 20:10 <REP> d-------- I:\Program Files\RamBoost XP

2008-06-27 15:32 . 2008-06-27 15:36 <REP> d-------- I:\Program Files\RegCleaner

2008-06-23 15:21 . 2008-06-23 15:21 0 --a------ I:\WINDOWS\nsreg.dat

2008-06-18 15:44 . 2008-06-18 15:44 <REP> d-------- I:\UDA051_build01(Logo51.3_Standard)

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-07-18 11:58 --------- d-----w I:\Documents and Settings\All Users\Application Data\Google Updater

2008-07-18 11:49 --------- d-----w I:\Program Files\Wanadoo

2008-07-17 17:03 --------- d-----w I:\Program Files\Google

2008-07-17 14:37 --------- d-----w I:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic

2008-07-17 11:04 --------- d-----w I:\Program Files\MSN Messenger

2008-07-17 08:35 --------- d-----w I:\Program Files\Windows Live

2008-07-16 15:53 --------- d-----w I:\Program Files\mIRC

2008-07-15 14:10 --------- d-----w I:\Program Files\TomTom HOME

2008-07-14 18:27 --------- d-----w I:\Program Files\PKR

2008-07-14 18:27 --------- d-----w I:\Program Files\GaNja`Script

2008-07-13 10:10 --------- d--h--w I:\Program Files\InstallShield Installation Information

2008-07-11 17:19 --------- d-----w I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-07-11 16:16 --------- d-----w I:\Program Files\Cyanide

2008-07-11 15:07 --------- d-----w I:\Program Files\Java

2008-07-09 14:02 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\LimeWire

2008-07-09 13:54 --------- d-----w I:\Program Files\eMule

2008-07-07 19:12 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\teamspeak2

2008-06-29 15:14 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\FileZilla

2008-06-28 16:23 --------- d-----w I:\Program Files\Ludiclub

2008-06-27 13:15 --------- d-----w I:\Program Files\RSS Xpress

2008-06-18 16:24 --------- d-----w I:\Program Files\LimeWire

2008-06-18 13:33 --------- d-----w I:\Program Files\Lavalys

2008-06-14 18:33 --------- d-----w I:\Documents and Settings\All Users\Application Data\TomTom

2008-06-14 18:31 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\InstallShield

2008-06-11 18:01 --------- d-----w I:\Program Files\Messenger Plus! Live

2008-06-07 17:45 --------- d-----w I:\Program Files\C-Media 3D Audio

2008-06-07 14:56 --------- d-----w I:\Program Files\Valve

2008-06-07 13:34 43,520 ----a-w I:\WINDOWS\system32\CmdLineExt03.dll

2008-05-22 13:42 107,888 ----a-w I:\WINDOWS\system32\CmdLineExt.dll

2008-05-19 17:04 --------- d-----w I:\Program Files\EA Sports

1999-06-30 13:06 151,552 ----a-r I:\WINDOWS\inf\AGFA\Message.exe

.

<pre>
----a-w         5,109,800 2002-12-07 06:27:30  I:\Program Files\XARA\Xara Menu Maker 1.0 .exe
</pre>

 

 

((((((((((((((((((((((((((((( snapshot@2008-01-20_21.42.48.18 )))))))))))))))))))))))))))))))))))))))))

.

+ 2003-04-24 12:00:00 1,740 -c----w I:\WINDOWS\$NtServicePackUninstall$\dcache.bin

+ 2002-08-29 00:32:34 2,816 -c----w I:\WINDOWS\$NtServicePackUninstall$\drmkaud.sys

+ 2003-04-24 12:00:00 184,320 -c----w I:\WINDOWS\$NtServicePackUninstall$\msh261.drv

+ 2002-08-29 09:45:20 286,720 -c----w I:\WINDOWS\$NtServicePackUninstall$\msh263.drv

+ 2003-04-24 12:00:00 22,016 -c----w I:\WINDOWS\$NtServicePackUninstall$\wdmaud.drv

+ 2003-04-24 12:00:00 132,608 -c----w I:\WINDOWS\$NtServicePackUninstall$\winspool.drv

+ 2006-10-04 14:05:26 39,424 ------w I:\WINDOWS\AppPatch\acadproc.dll

+ 2008-04-14 15:08:31 53,248 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

+ 2008-04-14 15:08:32 12,800 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll

+ 2008-04-14 15:08:32 473,600 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

+ 2008-04-14 15:08:24 2,676,224 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:26 2,846,720 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:27 563,712 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:27 567,296 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:28 576,000 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:28 577,024 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:29 577,536 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:29 577,536 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:30 578,560 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:32 578,560 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:33 145,920 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

+ 2008-04-14 15:08:33 159,232 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

+ 2008-04-14 15:08:34 364,544 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

+ 2008-04-14 15:08:34 178,176 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

+ 2008-04-14 15:08:31 223,232 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

+ 2008-07-15 15:02:47 69,120 ----a-w I:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2008-07-15 15:02:53 72,192 ----a-w I:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2008-07-15 15:02:34 4,444,160 ----a-w I:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2008-07-15 15:02:55 483,840 ----a-w I:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

+ 2008-07-15 15:02:41 3,036,160 ----a-w I:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

+ 2008-07-15 15:02:57 258,048 ----a-w I:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

+ 2008-07-15 15:02:57 113,664 ----a-w I:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2008-07-15 15:02:53 261,120 ----a-w I:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2008-07-15 15:02:39 5,431,296 ----a-w I:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2008-07-15 15:02:45 10,752 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

+ 2008-07-15 15:02:40 507,904 ----a-w I:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

+ 2008-07-15 15:02:47 13,312 ----a-w I:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2008-07-15 15:02:50 8,192 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2008-07-15 15:02:51 77,824 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

+ 2008-07-15 15:02:51 6,656 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2008-07-15 15:02:58 348,160 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

+ 2008-07-15 15:02:58 36,864 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

+ 2008-07-15 15:02:59 655,360 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

+ 2008-07-15 15:03:00 77,824 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

+ 2008-07-15 15:02:52 749,568 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2008-07-15 15:02:50 110,592 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2008-07-15 15:02:49 372,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2008-07-15 15:02:55 28,672 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2008-07-15 15:02:48 671,744 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2008-07-15 15:02:37 5,632 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2008-07-15 15:02:56 12,800 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2008-07-15 15:02:48 32,768 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

+ 2008-07-15 15:02:47 7,168 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

+ 2008-07-15 15:02:52 110,592 ----a-w I:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

+ 2008-07-15 15:02:53 81,920 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2008-07-15 15:02:40 425,984 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

+ 2008-07-15 15:02:42 741,376 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2008-07-15 15:02:42 933,888 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2008-07-15 15:03:01 5,070,848 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

+ 2008-07-15 15:02:59 188,416 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

+ 2008-07-15 15:02:45 401,408 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2008-07-15 15:02:56 81,920 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

+ 2008-07-15 15:02:37 630,784 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2008-07-15 15:02:57 372,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2008-07-15 15:02:56 258,048 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

+ 2008-07-15 15:02:54 299,008 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2008-07-15 15:02:54 131,072 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2008-07-15 15:02:38 258,048 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2008-07-15 15:02:38 114,688 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2008-07-15 15:02:44 884,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

+ 2008-07-15 15:02:44 90,112 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2008-07-15 15:02:44 839,680 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

+ 2008-07-15 15:02:46 5,013,504 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2008-07-15 15:02:39 2,068,480 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

+ 2008-07-15 15:02:43 3,076,096 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

+ 2008-07-17 11:24:49 27,136 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll

+ 2008-07-17 11:24:53 884,736 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\a1d353edc300e3aff0784202f68a657b\AspNetMMCExt.ni.dll

+ 2008-07-17 11:24:53 237,568 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c10ec9b4de2b366236ec83237dc31281\CustomMarshalers.ni.dll

+ 2008-07-17 11:24:54 15,360 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\837fe02bdcf637d5bf1e5ffb935ebb80\dfsvc.ni.exe

+ 2008-07-17 11:24:56 876,544 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9710a3c0d11dd264c3a6b88977699e9b\Microsoft.Build.Engine.ni.dll

+ 2008-07-17 11:24:56 81,920 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e2858a45971fb30b0c0523dbb52c1d4e\Microsoft.Build.Framework.ni.dll

+ 2008-07-17 11:25:00 1,695,744 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\63d69ffdf3c640d2d104a4b74e8115f8\Microsoft.Build.Tasks.ni.dll

+ 2008-07-17 11:25:00 167,936 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\11cb5418c06e30100616fbf205588489\Microsoft.Build.Utilities.ni.dll

+ 2008-07-17 11:25:03 1,740,800 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll

+ 2008-07-17 10:43:45 11,722,752 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll

+ 2008-07-17 11:25:05 1,011,712 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll

+ 2008-07-17 10:44:26 7,049,216 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5f669e819da7010c1dca347a25597c42\System.Data.ni.dll

+ 2008-07-17 11:25:06 1,798,144 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll

+ 2008-07-17 10:45:04 10,969,088 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\c1e16b40e30a05c39be8aee46311841c\System.Design.ni.dll

+ 2008-07-17 11:25:08 1,224,704 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll

+ 2008-07-17 11:25:09 512,000 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll

+ 2008-07-17 10:45:23 229,376 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b974f6c17d17a533adf6e7710c5a62fa\System.Drawing.Design.ni.dll

+ 2008-07-17 10:45:22 1,667,072 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll

+ 2008-07-17 11:25:10 659,456 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll

+ 2008-07-17 11:25:10 294,912 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll

+ 2008-07-17 11:25:11 733,184 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll

+ 2008-07-17 11:25:12 233,472 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll

+ 2008-07-17 11:25:12 679,936 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll

+ 2008-07-17 11:25:29 2,342,912 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\37d87b3cab1c66ec4430ebb2abeaa570\System.Web.Mobile.ni.dll

+ 2008-07-17 11:25:29 237,568 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll

+ 2008-07-17 11:25:31 1,986,560 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll

+ 2008-07-17 11:25:26 12,509,184 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll

+ 2008-07-17 10:46:11 13,193,216 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll

+ 2008-07-17 10:46:29 5,771,264 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll

+ 2008-07-17 10:44:07 8,265,728 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll

- 2007-10-05 13:20:36 181,760 ----a-w I:\WINDOWS\BDOSCAN8\bdcore.dll

+ 2008-02-25 20:52:07 181,760 ----a-w I:\WINDOWS\BDOSCAN8\bdcore.dll

- 2006-05-24 23:21:00 118,784 ----a-w I:\WINDOWS\BDOSCAN8\bdupd.dll

+ 2006-05-25 00:21:00 118,784 ----a-w I:\WINDOWS\BDOSCAN8\bdupd.dll

- 2006-05-24 23:21:14 53,248 ----a-w I:\WINDOWS\BDOSCAN8\ipsupd.dll

+ 2006-05-25 00:21:14 53,248 ----a-w I:\WINDOWS\BDOSCAN8\ipsupd.dll

- 2007-10-05 13:20:39 142,848 ----a-w I:\WINDOWS\BDOSCAN8\libfn.dll

+ 2008-02-25 20:52:08 142,848 ----a-w I:\WINDOWS\BDOSCAN8\libfn.dll

+ 2002-10-18 13:56:06 28,672 ----a-w I:\WINDOWS\CMIRmDriver.dll

+ 2003-07-22 09:15:24 225,280 ----a-w I:\WINDOWS\CmiRmRedundDir.exe

+ 2003-08-05 12:23:24 266,240 ----a-w I:\WINDOWS\CMIUninstall.exe

+ 2006-05-25 00:21:00 118,784 ----a-w I:\WINDOWS\Downloaded Program Files\CONFLICT.1\bdupd.dll

+ 2006-05-25 00:21:14 53,248 ----a-w I:\WINDOWS\Downloaded Program Files\CONFLICT.1\ipsupd.dll

+ 2008-03-24 17:33:02 1,527,056 ----a-w I:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe

+ 2002-01-03 13:54:36 96,768 ----a-w I:\WINDOWS\DRIVER\Sound\C-Media 5.12.01.0036\C-Media 5.12.01.0036\Driver\Win_95\CM9738.DRV

+ 2002-01-03 14:54:36 96,768 ----a-w I:\WINDOWS\DRIVER\Sound\C-Media 5.12.01.0040\C-Media 5.12.01.0040\Driver\Win_95\CM9738.DRV

+ 2005-10-20 18:02:28 163,328 ----a-w I:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE

- 2007-08-23 00:15:50 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE

+ 2008-07-17 10:57:06 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE

- 2007-08-23 21:20:07 2,334,720 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT

+ 2008-07-18 12:11:15 16,211,968 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000001\ntuser.dat

- 2007-08-23 21:20:07 8,192 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat

+ 2008-07-18 12:11:15 548,864 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat

+ 2008-07-17 10:57:06 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE

+ 2008-07-18 12:11:12 16,211,968 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\ntuser.dat

+ 2008-07-18 12:11:13 548,864 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat

+ 2000-08-31 06:00:00 89,504 ----a-w I:\WINDOWS\fdsv.exe

+ 2000-08-31 06:00:00 80,412 ----a-w I:\WINDOWS\grep.exe

- 2004-08-19 23:10:03 208,896 ----a-w I:\WINDOWS\inf\unregmp2.exe

+ 2006-11-03 07:58:34 317,440 ----a-w I:\WINDOWS\inf\unregmp2.exe

+ 2008-04-18 18:00:41 98,304 ----a-r I:\WINDOWS\Installer\{1EC73FB6-97FD-48EE-8100-CA969A56E727}\ARPPRODUCTICON.exe

+ 2008-04-18 18:00:41 98,304 ----a-r I:\WINDOWS\Installer\{1EC73FB6-97FD-48EE-8100-CA969A56E727}\NewShortcut1_1EC73FB697FD48EE8100CA969A56E727.exe

+ 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\ARPPRODUCTICON.exe

+ 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_ds.53480420_ED54_41F1_B802_5A3B83DAF067.exe

+ 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_exe.53480420_ED54_41F1_B802_5A3B83DAF067.exe

+ 2008-06-04 12:31:43 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\ARPPRODUCTICON.exe

+ 2008-06-04 12:31:43 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut1_644D622AEF3D40E290EE92523E2DA87A.exe

+ 2008-06-04 12:31:44 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut2_569C74F853D147C0802E971DD74EC31B.exe

+ 2008-06-04 12:31:44 8,854 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut3_661346DFE29D45B2AB0F791526D873EC.exe

+ 2008-05-19 16:59:17 32,038 ----a-r I:\WINDOWS\Installer\{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}\nhl08.exe

+ 2005-03-18 14:23:10 53,248 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll

+ 2005-03-18 14:23:10 12,800 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll

+ 2005-03-18 14:23:14 473,600 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll

+ 2004-09-29 10:38:58 2,676,224 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-03-18 14:23:10 145,920 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll

+ 2005-03-18 14:23:10 159,232 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll

+ 2005-03-18 14:23:14 364,544 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll

+ 2005-03-18 14:23:12 178,176 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll

+ 2005-03-18 14:23:14 223,232 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll

+ 2004-12-01 13:53:06 2,846,720 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-02-05 17:32:54 563,712 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-03-18 15:23:14 567,296 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-05-26 13:15:56 576,000 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-07-22 15:21:34 577,024 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-09-28 12:11:52 577,536 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-12-05 15:20:50 577,536 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll

+ 2006-02-03 05:40:48 578,560 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll

+ 2006-03-31 09:27:50 578,560 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll

+ 2007-10-23 23:47:38 82,944 ----a-w I:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_diasymreader.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_iehost.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.jscript.dll

+ 2005-09-23 05:29:04 5,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscordbi.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscorrc.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscorsec.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.configuration.install.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.data.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_VsaVb7rt.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_wminet_utils.dll

+ 2007-10-23 23:47:38 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll

+ 2007-10-23 23:47:40 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll

+ 2007-10-23 23:47:42 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll

+ 2007-10-23 23:47:40 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll

+ 2007-10-23 23:47:38 97,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll

+ 2007-10-23 23:47:26 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll

+ 2007-10-23 23:47:30 145,408 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll

+ 2007-10-23 23:47:32 13,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll

+ 2007-10-23 23:47:48 193,016 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll

+ 2007-10-23 23:47:20 218,112 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll

+ 2007-10-23 23:47:40 10,752 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll

+ 2007-10-23 23:47:42 147,968 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll

+ 2007-10-23 23:47:26 99,320 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll

+ 2007-10-23 23:47:42 59,392 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe

+ 2007-10-23 23:47:22 36,864 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe

+ 2007-10-23 23:47:22 22,024 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll

+ 2007-10-23 23:47:22 17,928 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll

+ 2007-10-23 23:47:22 33,288 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll

+ 2007-10-23 23:47:22 84,480 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll

+ 2007-10-23 23:47:22 24,576 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe

+ 2007-10-23 23:47:22 32,776 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe

+ 2007-10-23 23:47:22 106,496 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe

+ 2007-10-23 23:47:22 33,800 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

+ 2007-10-23 23:47:22 33,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe

+ 2007-10-23 23:47:22 507,904 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll

+ 2007-10-23 23:47:40 106,496 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe

+ 2007-10-23 23:47:40 101,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll

+ 2007-10-23 23:47:30 80,376 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe

+ 2007-10-23 23:47:30 1,162,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll

+ 2007-10-23 23:47:30 13,312 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll

+ 2007-10-23 23:47:42 27,136 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll

+ 2007-10-23 23:47:40 69,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll

+ 2007-10-23 23:47:30 35,320 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe

+ 2007-10-23 23:47:28 66,552 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll

+ 2007-10-23 23:47:28 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe

+ 2007-10-23 23:47:54 572,936 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll

+ 2007-10-23 23:47:40 798,224 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll

+ 2007-10-23 23:47:36 18,936 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll

+ 2007-10-23 23:47:40 9,728 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe

+ 2007-10-23 23:47:40 8,192 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll

+ 2007-10-23 23:47:40 77,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll

+ 2007-10-23 23:47:40 6,656 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll

+ 2007-10-23 23:47:40 230,904 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe

+ 2007-10-23 23:47:40 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe

+ 2007-10-23 23:47:40 65,032 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll

+ 2007-10-23 23:47:40 72,192 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll

+ 2007-10-23 23:47:34 40,960 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe

+ 2007-10-23 23:47:36 348,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll

+ 2007-10-23 23:47:36 36,864 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll

+ 2007-10-23 23:47:36 655,360 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll

+ 2007-10-23 23:47:36 77,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll

+ 2007-10-23 23:47:34 749,568 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll

+ 2007-10-23 23:47:52 110,592 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2007-10-23 23:47:52 372,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll

+ 2007-10-23 23:47:50 671,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll

+ 2007-10-23 23:47:20 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll

+ 2007-10-23 23:47:52 5,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll

+ 2007-10-23 23:47:20 32,768 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll

+ 2007-10-23 23:47:20 12,800 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2007-10-23 23:47:20 7,168 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll

+ 2007-10-23 23:47:22 97,792 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll

+ 2007-10-23 23:47:36 69,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe

+ 2007-10-23 23:47:40 822,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll

+ 2007-10-23 23:47:40 83,456 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll

+ 2007-10-23 23:47:40 308,224 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll

+ 2007-10-23 23:47:40 47,104 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll

+ 2007-10-23 23:47:40 348,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

+ 2007-10-23 23:47:40 94,208 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll

+ 2007-10-23 23:47:40 4,444,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll

+ 2007-10-23 23:47:40 114,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll

+ 2007-10-23 23:47:44 340,992 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll

+ 2007-10-23 23:47:40 77,312 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll

+ 2007-10-23 23:47:36 18,944 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll

+ 2007-10-23 23:47:40 242,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll

+ 2007-10-23 23:47:40 70,144 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

+ 2007-10-23 23:47:40 19,456 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll

+ 2007-10-23 23:47:36 5,814,784 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

+ 2007-10-23 23:47:44 31,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll

+ 2007-10-23 23:47:40 101,880 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe

+ 2007-10-23 23:47:40 24,584 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll

+ 2007-10-23 23:47:40 89,096 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll

+ 2007-10-23 23:47:36 144,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll

+ 2007-10-23 23:47:40 53,248 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe

+ 2007-10-23 23:47:40 32,768 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe

+ 2007-10-23 23:47:46 61,952 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe

+ 2007-10-23 23:47:42 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll

+ 2007-10-23 23:47:40 119,296 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll

+ 2007-10-23 23:47:44 95,232 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll

+ 2007-10-23 23:47:40 392,696 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll

+ 2007-10-23 23:47:40 110,592 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll

+ 2007-10-23 23:47:42 425,984 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll

+ 2007-10-23 23:47:40 81,920 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll

+ 2007-10-23 23:47:40 3,036,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll

+ 2007-10-23 23:47:40 483,840 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll

+ 2007-10-23 23:47:40 741,376 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll

+ 2007-10-23 23:47:28 933,888 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll

+ 2007-10-23 23:47:40 5,070,848 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll

+ 2007-10-23 23:47:40 401,408 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll

+ 2007-10-23 23:47:40 188,416 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll

+ 2007-10-23 23:47:40 3,076,096 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll

+ 2007-10-23 23:47:40 81,920 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll

+ 2007-10-23 23:47:40 630,784 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll

+ 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll

+ 2007-10-23 23:47:40 57,392 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll

+ 2007-10-23 23:47:40 113,664 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll

+ 2007-10-23 23:47:40 372,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll

+ 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll

+ 2007-10-23 23:47:40 299,008 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll

+ 2007-10-23 23:47:40 131,072 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll

+ 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll

+ 2007-10-23 23:47:40 114,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll

+ 2007-10-23 23:47:40 261,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll

+ 2007-10-23 23:47:40 5,431,296 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll

+ 2007-10-23 23:47:40 884,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll

+ 2007-10-23 23:47:40 90,112 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll

+ 2007-10-23 23:47:40 839,680 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll

+ 2007-10-23 23:47:40 5,013,504 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll

+ 2007-10-23 23:47:40 2,068,480 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll

+ 2007-10-23 23:47:40 81,400 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL

+ 2007-10-23 23:47:48 1,172,472 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe

+ 2007-10-23 23:47:20 1,344,000 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll

+ 2007-10-23 23:47:22 434,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll

+ 2007-10-23 23:47:40 37,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll

+ 2008-01-16 23:28:20 28,306 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\baseline.dat

+ 2007-11-07 17:00:02 210,834 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\baseline.dat

- 2000-08-31 07:00:00 51,200 ----a-w I:\WINDOWS\NirCmd.exe

+ 2000-08-31 06:00:00 28,672 ----a-w I:\WINDOWS\NirCmd.exe

+ 2000-08-31 06:00:00 98,816 ----a-w I:\WINDOWS\sed.exe

+ 2004-08-19 23:23:25 1,788 ------w I:\WINDOWS\ServicePackFiles\i386\dcache.bin

+ 2004-08-04 06:07:57 2,944 ------w I:\WINDOWS\ServicePackFiles\i386\drmkaud.sys

+ 2004-08-19 23:10:08 188,416 ------w I:\WINDOWS\ServicePackFiles\i386\msh261.drv

+ 2004-08-19 23:10:08 294,912 ------w I:\WINDOWS\ServicePackFiles\i386\msh263.drv

+ 2004-08-19 23:10:08 23,552 ------w I:\WINDOWS\ServicePackFiles\i386\wdmaud.drv

+ 2004-08-19 23:10:08 146,944 ------w I:\WINDOWS\ServicePackFiles\i386\winspool.drv

+ 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\sntnlusb.sys

+ 1999-07-20 03:38:00 6,944 ----a-r I:\WINDOWS\sntusb95.sys

+ 2008-07-18 05:52:59 7,264 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{5AA70BE6-651E-439A-A4AF-17131AE5A542}.bin

+ 2008-07-17 05:27:06 10,308 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{6F89D190-5113-43C0-A793-8615836436EC}.bin

+ 2008-07-11 16:03:14 15,456 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{927826F8-F827-4CDC-8FB5-BBCF8C530A8F}.bin

+ 2008-07-13 10:41:59 5,892 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{A9BCB0E8-93DC-466D-85B5-6C6FED16BB40}.bin

+ 2008-07-17 09:01:17 4,196 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{DE3AC4AD-8570-4D00-8FBE-DC6CC0A5DC09}.bin

+ 2000-08-31 06:00:00 161,792 ----a-w I:\WINDOWS\swreg.exe

+ 2000-08-31 06:00:00 136,704 ----a-w I:\WINDOWS\swsc.exe

+ 2000-08-31 06:00:00 212,480 ----a-w I:\WINDOWS\swxcacls.exe

+ 2003-04-24 12:00:00 2,000 ----a-w I:\WINDOWS\system\KEYBOARD.DRV

+ 2003-04-24 12:00:00 73,680 ----a-w I:\WINDOWS\system\MCIAVI.DRV

+ 2003-04-24 12:00:00 25,280 ----a-w I:\WINDOWS\system\MCISEQ.DRV

+ 2003-04-24 12:00:00 28,160 ----a-w I:\WINDOWS\system\MCIWAVE.DRV

+ 2003-04-24 12:00:00 2,032 ----a-w I:\WINDOWS\system\MOUSE.DRV

+ 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\system\sntnlusb.sys

+ 1999-07-20 03:38:00 6,944 ----a-r I:\WINDOWS\system\sntusb95.sys

+ 2003-04-24 12:00:00 1,744 ----a-w I:\WINDOWS\system\SOUND.DRV

+ 2003-04-24 12:00:00 3,360 ----a-w I:\WINDOWS\system\SYSTEM.DRV

+ 2003-04-24 12:00:00 4,096 ----a-w I:\WINDOWS\system\TIMER.DRV

+ 2003-04-24 12:00:00 2,176 ----a-w I:\WINDOWS\system\VGA.DRV

+ 2003-04-24 12:00:00 13,600 ----a-w I:\WINDOWS\system\WFWNET.DRV

+ 2004-08-19 23:10:08 146,944 ----a-w I:\WINDOWS\system\winspool.drv

- 2004-08-19 23:08:00 8,704 ----a-w I:\WINDOWS\system32\asferror.dll

+ 2006-11-03 07:56:54 7,680 ----a-w I:\WINDOWS\system32\asferror.dll

+ 2006-10-18 19:47:08 276,992 ------w I:\WINDOWS\system32\audiodev.dll

- 2005-01-28 12:44:28 294,912 ----a-w I:\WINDOWS\system32\blackbox.dll

+ 2006-10-18 19:47:10 542,720 ----a-w I:\WINDOWS\system32\blackbox.dll

+ 2004-02-11 10:11:04 32,768 ----a-w I:\WINDOWS\system32\BlackKey.dll

- 2005-01-28 12:44:28 164,864 ----a-w I:\WINDOWS\system32\cewmdm.dll

+ 2006-10-18 19:47:10 229,376 ----a-w I:\WINDOWS\system32\cewmdm.dll

- 2005-12-15 16:48:20 172,032 ----a-w I:\WINDOWS\system32\cmuda.dll

+ 2006-06-15 16:03:48 172,032 ----a-w I:\WINDOWS\system32\cmuda.dll

+ 2003-04-24 12:00:00 10,544 ----a-w I:\WINDOWS\system32\comm.drv

+ 2008-07-14 18:36:05 262,144 ---ha-w I:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

+ 2004-08-19 23:23:25 1,788 ----a-w I:\WINDOWS\system32\dcache.bin

+ 2007-10-23 23:47:28 96,760 ----a-w I:\WINDOWS\system32\dfshim.dll

+ 2001-11-23 10:08:20 712,704 -c--a-w I:\WINDOWS\system32\dllcache\a3d.dll

- 2005-01-28 12:44:28 294,912 -c--a-w I:\WINDOWS\system32\dllcache\blackbox.dll

+ 2006-10-18 19:47:10 542,720 -c--a-w I:\WINDOWS\system32\dllcache\blackbox.dll

- 2005-01-28 12:44:28 164,864 -c--a-w I:\WINDOWS\system32\dllcache\cewmdm.dll

+ 2006-10-18 19:47:10 229,376 -c--a-w I:\WINDOWS\system32\dllcache\cewmdm.dll

+ 2004-08-04 06:07:58 60,288 -c--a-w I:\WINDOWS\system32\dllcache\drmk.sys

- 2005-01-28 12:44:28 502,272 -c--a-w I:\WINDOWS\system32\dllcache\drmv2clt.dll

+ 2006-10-18 19:47:10 991,744 -c--a-w I:\WINDOWS\system32\dllcache\drmv2clt.dll

+ 2007-03-22 18:24:58 28,160 -c----w I:\WINDOWS\system32\dllcache\FilterPipelinePrintProc.dll

+ 2004-08-19 23:09:28 21,504 -c--a-w I:\WINDOWS\system32\dllcache\hidserv.dll

+ 2004-08-19 23:00:36 14,848 -c--a-w I:\WINDOWS\system32\dllcache\kbdhid.sys

+ 2003-04-24 12:00:00 2,000 -c--a-w I:\WINDOWS\system32\dllcache\keyboard.drv

- 2004-08-04 07:15:22 140,928 -c--a-w I:\WINDOWS\system32\dllcache\ks.sys

+ 2004-08-04 06:15:22 140,928 -c--a-w I:\WINDOWS\system32\dllcache\ks.sys

- 2005-01-28 12:44:28 6,656 -c--a-w I:\WINDOWS\system32\dllcache\laprxy.dll

+ 2006-10-18 19:47:14 11,264 -c--a-w I:\WINDOWS\system32\dllcache\LAPRXY.dll

- 2005-01-28 12:44:28 96,768 -c--a-w I:\WINDOWS\system32\dllcache\logagent.exe

+ 2006-10-18 18:03:58 100,864 -c--a-w I:\WINDOWS\system32\dllcache\logagent.exe

+ 2003-04-24 12:00:00 2,560 -c--a-w I:\WINDOWS\system32\dllcache\lz32.dll

+ 2003-04-24 12:00:00 73,680 -c--a-w I:\WINDOWS\system32\dllcache\mciavi.drv

+ 2003-04-24 12:00:00 25,280 -c--a-w I:\WINDOWS\system32\dllcache\mciseq.drv

+ 2003-04-24 12:00:00 28,160 -c--a-w I:\WINDOWS\system32\dllcache\mciwave.drv

+ 2003-04-24 12:00:00 2,032 -c--a-w I:\WINDOWS\system32\dllcache\mouse.drv

- 2005-01-28 12:44:28 142,336 -c--a-w I:\WINDOWS\system32\dllcache\msnetobj.dll

+ 2006-10-18 19:47:16 179,712 -c--a-w I:\WINDOWS\system32\dllcache\msnetobj.dll

- 2005-01-28 12:44:28 25,088 -c--a-w I:\WINDOWS\system32\dllcache\mspmsnsv.dll

+ 2006-10-18 19:47:16 27,136 -c--a-w I:\WINDOWS\system32\dllcache\mspmsnsv.dll

- 2005-01-28 12:44:28 173,568 -c--a-w I:\WINDOWS\system32\dllcache\mspmsp.dll

+ 2006-10-18 19:47:16 175,616 -c--a-w I:\WINDOWS\system32\dllcache\mspmsp.dll

- 2005-01-28 12:44:28 364,784 -c--a-w I:\WINDOWS\system32\dllcache\msscp.dll

+ 2006-10-18 19:47:16 414,208 -c--a-w I:\WINDOWS\system32\dllcache\msscp.dll

- 2005-01-28 12:44:28 315,904 -c--a-w I:\WINDOWS\system32\dllcache\mswmdm.dll

+ 2006-10-18 19:47:16 321,536 -c--a-w I:\WINDOWS\system32\dllcache\mswmdm.dll

+ 2003-04-24 12:00:00 2,944 -c--a-w I:\WINDOWS\system32\dllcache\null.sys

+ 2004-08-04 06:15:50 145,792 -c--a-w I:\WINDOWS\system32\dllcache\portcls.sys

+ 2007-03-22 18:25:42 677,376 -c----w I:\WINDOWS\system32\dllcache\PrintFilterPipelineSvc.exe

- 2005-01-28 12:44:28 221,184 -c--a-w I:\WINDOWS\system32\dllcache\qasf.dll

+ 2006-10-18 19:47:18 211,456 -c--a-w I:\WINDOWS\system32\dllcache\qasf.dll

+ 2003-04-24 12:00:00 1,744 -c--a-w I:\WINDOWS\system32\dllcache\sound.drv

+ 2004-08-04 06:08:02 48,640 -c--a-w I:\WINDOWS\system32\dllcache\stream.sys

+ 2003-04-24 12:00:00 3,360 -c--a-w I:\WINDOWS\system32\dllcache\system.drv

+ 2003-04-24 12:00:00 4,096 -c--a-w I:\WINDOWS\system32\dllcache\timer.drv

+ 2003-04-24 12:00:00 2,176 -c--a-w I:\WINDOWS\system32\dllcache\vga.drv

+ 2003-04-24 12:00:00 13,600 -c--a-w I:\WINDOWS\system32\dllcache\wfwnet.drv

+ 2003-04-24 12:00:00 2,864 -c--a-w I:\WINDOWS\system32\dllcache\winsock.dll

+ 2003-04-24 12:00:00 2,112 -c--a-w I:\WINDOWS\system32\dllcache\winspool.exe

- 2005-01-28 12:44:28 396,528 -c--a-w I:\WINDOWS\system32\dllcache\wmadmod.dll

+ 2006-10-18 19:47:18 757,248 -c--a-w I:\WINDOWS\system32\dllcache\WMADMOD.dll

- 2005-01-28 12:44:28 716,288 -c--a-w I:\WINDOWS\system32\dllcache\wmadmoe.dll

+ 2006-10-18 19:47:18 1,117,696 -c--a-w I:\WINDOWS\system32\dllcache\WMADMOE.dll

- 2007-10-20 05:01:32 227,328 -c--a-w I:\WINDOWS\system32\dllcache\wmasf.dll

+ 2006-10-18 19:47:18 222,208 -c--a-w I:\WINDOWS\system32\dllcache\WMASF.dll

- 2005-01-28 12:44:28 28,160 -c--a-w I:\WINDOWS\system32\dllcache\wmdmlog.dll

+ 2006-10-18 19:47:18 33,792 -c--a-w I:\WINDOWS\system32\dllcache\wmdmlog.dll

- 2005-01-28 12:44:28 33,792 -c--a-w I:\WINDOWS\system32\dllcache\wmdmps.dll

+ 2006-10-18 19:47:18 37,376 -c--a-w I:\WINDOWS\system32\dllcache\wmdmps.dll

- 2005-01-28 12:44:28 150,016 -c--a-w I:\WINDOWS\system32\dllcache\wmidx.dll

+ 2006-10-18 19:47:20 157,184 -c--a-w I:\WINDOWS\system32\dllcache\wmidx.dll

- 2005-01-28 12:44:28 1,027,072 -c--a-w I:\WINDOWS\system32\dllcache\wmnetmgr.dll

+ 2006-10-18 19:47:20 937,984 -c--a-w I:\WINDOWS\system32\dllcache\WMNetMgr.dll

- 2004-08-19 23:10:05 73,728 -c--a-w I:\WINDOWS\system32\dllcache\wmplayer.exe

+ 2006-11-03 07:59:00 64,000 -c--a-w I:\WINDOWS\system32\dllcache\wmplayer.exe

- 2004-08-19 23:09:11 2,985,984 -c--a-w I:\WINDOWS\system32\dllcache\wmploc.dll

+ 2006-11-03 08:03:34 8,292,352 -c--a-w I:\WINDOWS\system32\dllcache\wmploc.dll

- 2005-01-28 12:44:28 774,904 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmod.dll

+ 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmod.dll

- 2005-01-28 12:44:28 1,119,744 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmoe2.dll

+ 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmoe2.dll

- 2005-01-28 12:44:28 413,944 -c--a-w I:\WINDOWS\system32\dllcache\wmspdmod.dll

+ 2006-10-18 19:47:22 603,648 -c--a-w I:\WINDOWS\system32\dllcache\WMSPDMOD.dll

- 2005-01-28 12:44:28 940,544 -c--a-w I:\WINDOWS\system32\dllcache\wmspdmoe.dll

+ 2006-10-18 19:47:22 1,329,152 -c--a-w I:\WINDOWS\system32\dllcache\WMSPDMOE.dll

- 2006-12-07 05:29:34 2,374,472 -c--a-w I:\WINDOWS\system32\dllcache\wmvcore.dll

+ 2006-10-18 19:47:22 2,450,944 -c--a-w I:\WINDOWS\system32\dllcache\wmvcore.dll

- 2005-01-28 12:44:28 895,736 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmod.dll

+ 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmod.dll

- 2005-01-28 12:44:28 1,003,008 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmoe2.dll

+ 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmoe2.dll

+ 2003-04-24 12:00:00 2,736 -c--a-w I:\WINDOWS\system32\dllcache\wowdeb.exe

- 2007-07-30 17:19:28 203,096 -c--a-w I:\WINDOWS\system32\dllcache\wuweb.dll

+ 2007-07-30 17:19:46 203,096 -c--a-w I:\WINDOWS\system32\dllcache\wuweb.dll

+ 2007-03-23 04:07:54 583,504 -c----w I:\WINDOWS\system32\dllcache\XPSSHHDR.dll

+ 2007-03-23 04:07:56 1,683,280 -c----w I:\WINDOWS\system32\dllcache\XpsSvcs.dll

- 2005-12-15 11:57:46 1,368,000 ----a-w I:\WINDOWS\system32\drivers\cmuda.sys

+ 2006-06-26 10:15:38 1,372,992 ----a-w I:\WINDOWS\system32\drivers\cmuda.sys

+ 2004-08-04 06:07:57 2,944 ----a-w I:\WINDOWS\system32\drivers\drmkaud.sys

+ 2004-08-19 23:00:36 14,848 ----a-w I:\WINDOWS\system32\drivers\kbdhid.sys

- 2004-08-04 07:15:22 140,928 ----a-w I:\WINDOWS\system32\drivers\ks.sys

+ 2004-08-04 06:15:22 140,928 ----a-w I:\WINDOWS\system32\drivers\ks.sys

+ 2001-08-17 21:00:04 2,944 ----a-w I:\WINDOWS\system32\drivers\msmpu401.sys

+ 2004-11-03 10:20:24 13,332 ----a-w I:\WINDOWS\system32\drivers\MWhid.sys

+ 2003-04-24 12:00:00 2,944 ----a-w I:\WINDOWS\system32\drivers\null.sys

+ 2007-06-28 18:20:42 37,896 ----a-w I:\WINDOWS\system32\drivers\oobctm.sys

+ 2008-03-29 11:46:24 22,328 ----a-w I:\WINDOWS\system32\drivers\PnkBstrK.sys

- 2004-08-04 06:15:49 145,792 ----a-w I:\WINDOWS\system32\drivers\portcls.sys

+ 2004-08-04 06:15:50 145,792 ----a-w I:\WINDOWS\system32\drivers\portcls.sys

+ 1999-07-20 03:38:00 73,216 ----a-w I:\WINDOWS\system32\drivers\SENTINEL.SYS

- 2007-08-29 19:24:03 685,816 ----a-w I:\WINDOWS\system32\drivers\sptd.sys

+ 2008-04-18 11:28:31 717,296 ----a-w I:\WINDOWS\system32\drivers\sptd.sys

+ 2008-02-25 18:50:37 102,664 ----a-w I:\WINDOWS\system32\drivers\tmcomm.sys

+ 2006-10-18 19:47:22 671,232 ------w I:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll

- 2005-01-28 12:44:28 18,944 ----a-w I:\WINDOWS\system32\drivers\wpdusb.sys

+ 2006-10-18 18:00:00 38,528 ----a-w I:\WINDOWS\system32\drivers\wpdusb.sys

+ 2006-09-28 16:55:50 77,568 ------w I:\WINDOWS\system32\drivers\WudfPf.sys

+ 2006-09-28 17:00:34 82,944 ------w I:\WINDOWS\system32\drivers\WudfRd.sys

+ 2006-10-18 18:00:46 249,856 ------w I:\WINDOWS\system32\drmupgds.exe

- 2005-01-28 12:44:28 502,272 ----a-w I:\WINDOWS\system32\drmv2clt.dll

+ 2006-10-18 19:47:10 991,744 ----a-w I:\WINDOWS\system32\drmv2clt.dll

- 2007-11-03 10:50:53 1,501,096 ----a-w I:\WINDOWS\system32\FNTCACHE.DAT

+ 2008-07-17 10:43:16 1,528,256 ----a-w I:\WINDOWS\system32\FNTCACHE.DAT

+ 2004-08-19 23:09:28 21,504 ----a-w I:\WINDOWS\system32\hidserv.dll

- 2007-09-24 20:30:28 135,168 ----a-w I:\WINDOWS\system32\java.exe

+ 2008-02-22 00:23:35 135,168 ----a-w I:\WINDOWS\system32\java.exe

- 2007-09-24 20:30:30 135,168 ----a-w I:\WINDOWS\system32\javaw.exe

+ 2008-02-22 00:23:39 135,168 ----a-w I:\WINDOWS\system32\javaw.exe

- 2007-09-24 21:31:42 139,264 ----a-w I:\WINDOWS\system32\javaws.exe

+ 2008-02-22 01:33:32 139,264 ----a-w I:\WINDOWS\system32\javaws.exe

+ 2003-04-24 12:00:00 2,000 ----a-w I:\WINDOWS\system32\keyboard.drv

+ 2004-08-19 23:09:30 4,096 ----a-w I:\WINDOWS\system32\ksuser(2).dll

+ 2003-04-24 12:00:00 224,448 ----a-w I:\WINDOWS\system32\lanman.drv

- 2005-01-28 12:44:28 6,656 ----a-w I:\WINDOWS\system32\laprxy.dll

+ 2006-10-18 19:47:14 11,264 ----a-w I:\WINDOWS\system32\LAPRXY.dll

- 2005-01-28 12:44:28 96,768 ----a-w I:\WINDOWS\system32\logagent.exe

+ 2006-10-18 18:03:58 100,864 ----a-w I:\WINDOWS\system32\logagent.exe

+ 2003-04-24 12:00:00 2,560 ----a-w I:\WINDOWS\system32\lz32.dll

+ 2008-03-25 02:32:44 218,496 ----a-r I:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe

- 2007-11-25 00:14:48 48,749 ----a-w I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

+ 2008-07-17 17:28:03 74,649 ----a-w I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

+ 2003-04-24 12:00:00 73,680 ----a-w I:\WINDOWS\system32\mciavi.drv

+ 2003-04-24 12:00:00 25,280 ----a-w I:\WINDOWS\system32\mciseq.drv

+ 2003-04-24 12:00:00 28,160 ----a-w I:\WINDOWS\system32\mciwave.drv

+ 2004-12-09 15:50:56 2,142,208 ----a-w I:\WINDOWS\system32\MegaStore.exe

+ 2006-10-18 19:47:14 212,992 ------w I:\WINDOWS\system32\MFPLAT.dll

+ 2003-04-24 12:00:00 2,032 ----a-w I:\WINDOWS\system32\mouse.drv

+ 2006-10-18 19:47:14 259,072 ------w I:\WINDOWS\system32\MP43DECD.dll

- 2004-08-19 23:09:31 310,272 ------w I:\WINDOWS\system32\mp43dmod.dll

+ 2006-10-18 19:47:14 4,096 ------w I:\WINDOWS\system32\MP43DMOD.dll

+ 2006-10-18 19:47:14 317,440 ------w I:\WINDOWS\system32\MP4SDECD.dll

- 2004-08-19 23:09:31 384,512 ------w I:\WINDOWS\system32\mp4sdmod.dll

+ 2006-10-18 19:47:14 4,096 ------w I:\WINDOWS\system32\MP4SDMOD.dll

+ 2006-10-18 19:47:14 259,072 ------w I:\WINDOWS\system32\MPG4DECD.dll

- 2004-08-19 23:09:31 240,640 ----a-w I:\WINDOWS\system32\mpg4dmod.dll

+ 2006-10-18 19:47:14 4,096 ----a-w I:\WINDOWS\system32\MPG4DMOD.dll

+ 2003-04-24 12:00:00 20,992 ----a-w I:\WINDOWS\system32\msacm32.drv

+ 2007-10-23 23:47:38 282,112 ----a-w I:\WINDOWS\system32\mscoree.dll

+ 2007-10-23 23:47:38 158,720 ----a-w I:\WINDOWS\system32\mscorier.dll

+ 2007-10-23 23:47:38 84,480 ----a-w I:\WINDOWS\system32\mscories.dll

+ 2006-10-02 13:28:42 312,128 ------w I:\WINDOWS\system32\msdelta.dll

+ 2005-07-26 07:59:48 86,016 ----a-w I:\WINDOWS\system32\MSffdrv.dll

+ 2005-08-23 15:10:02 880,640 ----a-w I:\WINDOWS\system32\MSffpage.dll

+ 2004-08-19 23:10:08 188,416 ----a-w I:\WINDOWS\system32\msh261.drv

+ 2004-08-20 00:10:08 294,912 ----a-w I:\WINDOWS\system32\msh263.drv

- 2005-01-28 12:44:28 142,336 ----a-w I:\WINDOWS\system32\msnetobj.dll

+ 2006-10-18 19:47:16 179,712 ----a-w I:\WINDOWS\system32\msnetobj.dll

- 2005-01-28 12:44:28 25,088 ----a-w I:\WINDOWS\system32\MsPMSNSv.dll

+ 2006-10-18 19:47:16 27,136 ----a-w I:\WINDOWS\system32\mspmsnsv.dll

- 2005-01-28 12:44:28 173,568 ----a-w I:\WINDOWS\system32\MsPMSP.dll

+ 2006-10-18 19:47:16 175,616 ----a-w I:\WINDOWS\system32\mspmsp.dll

- 2005-01-28 12:44:28 364,784 ----a-w I:\WINDOWS\system32\MSSCP.dll

+ 2006-10-18 19:47:16 414,208 ----a-w I:\WINDOWS\system32\msscp.dll

- 2005-01-28 12:44:28 315,904 ----a-w I:\WINDOWS\system32\MSWMDM.dll

+ 2006-10-18 19:47:16 321,536 ----a-w I:\WINDOWS\system32\mswmdm.dll

+ 2007-05-15 13:43:10 1,320,800 ----a-w I:\WINDOWS\system32\msxml6.dll

+ 2007-05-08 15:08:12 86,728 ----a-w I:\WINDOWS\system32\msxml6r.dll

+ 2007-10-23 23:47:44 15,360 ----a-w I:\WINDOWS\system32\mui\0409\mscorees.dll

+ 2005-09-23 05:28:56 32,768 ----a-w I:\WINDOWS\system32\netfxperf.dll

+ 2006-10-22 10:22:00 4,527,488 ----a-w I:\WINDOWS\system32\nv4_disp(3).dll

+ 2006-10-22 10:22:00 35,840 ----a-w I:\WINDOWS\system32\nvcod(2).dll

+ 2007-06-28 21:02:08 1,049,856 ----a-w I:\WINDOWS\system32\oodag.exe

+ 2007-06-28 20:58:50 17,152 ----a-w I:\WINDOWS\system32\oodagmg.dll

+ 2007-06-28 20:58:52 15,616 ----a-w I:\WINDOWS\system32\oodagrs.dll

+ 2007-06-28 21:00:26 193,792 ----a-w I:\WINDOWS\system32\oodbs.exe

+ 2007-06-28 20:58:52 9,984 ----a-w I:\WINDOWS\system32\oodbsrs.dll

+ 2007-06-28 21:01:00 2,512,128 ----a-w I:\WINDOWS\system32\oodtray.exe

+ 2007-06-28 20:59:12 206,080 ----a-w I:\WINDOWS\system32\oodtrrs.dll

+ 2007-06-28 18:19:48 15,104 ----a-w I:\WINDOWS\system32\ootmapi.dll

- 2007-10-28 09:54:07 39,992 ----a-w I:\WINDOWS\system32\perfc009.dat

+ 2008-07-15 15:03:10 90,608 ----a-w I:\WINDOWS\system32\perfc009.dat

- 2007-10-28 09:54:07 48,616 ----a-w I:\WINDOWS\system32\perfc00C.dat

+ 2008-07-15 15:03:10 109,860 ----a-w I:\WINDOWS\system32\perfc00C.dat

- 2007-10-28 09:54:07 311,604 ----a-w I:\WINDOWS\system32\perfh009.dat

+ 2008-07-15 15:03:10 487,864 ----a-w I:\WINDOWS\system32\perfh009.dat

- 2007-10-28 09:54:07 367,658 ----a-w I:\WINDOWS\system32\perfh00C.dat

+ 2008-07-15 15:03:10 563,722 ----a-w I:\WINDOWS\system32\perfh00C.dat

+ 2006-10-24 10:30:20 412,160 ------w I:\WINDOWS\system32\photometadatahandler.dll

+ 2008-03-27 08:49:56 66,872 ----a-w I:\WINDOWS\system32\PnkBstrA.exe

+ 2008-03-29 11:46:17 107,832 ----a-w I:\WINDOWS\system32\PnkBstrB.exe

+ 2006-10-18 19:47:18 284,160 ------w I:\WINDOWS\system32\PortableDeviceApi.dll

+ 2006-10-18 19:47:18 101,888 ------w I:\WINDOWS\system32\PortableDeviceClassExtension.dll

+ 2006-10-18 19:47:18 166,912 ------w I:\WINDOWS\system32\PortableDeviceTypes.dll

+ 2006-10-18 19:47:18 132,096 ------w I:\WINDOWS\system32\PortableDeviceWiaCompat.dll

+ 2006-10-18 19:47:18 199,168 ------w I:\WINDOWS\system32\PortableDeviceWMDRM.dll

+ 2007-03-22 18:25:02 124,928 ------w I:\WINDOWS\system32\prntvpt.dll

- 2005-01-28 12:44:28 221,184 ----a-w I:\WINDOWS\system32\qasf.dll

+ 2006-10-18 19:47:18 211,456 ----a-w I:\WINDOWS\system32\qasf.dll

- 2007-11-03 20:15:29 72,976 ----a-w I:\WINDOWS\system32\Restore\rstrlog.dat

+ 2008-07-17 10:42:19 688,816 ----a-w I:\WINDOWS\system32\Restore\rstrlog.dat

+ 2006-08-24 14:15:06 150,808 ----a-w I:\WINDOWS\system32\rgb9rast_2.dll

+ 1999-07-20 03:38:00 32,256 ----a-r I:\WINDOWS\system32\RNBOSENT\SETUPX86.EXE

+ 1999-07-20 03:38:00 17,920 ----a-w I:\WINDOWS\system32\RNBOVDD.DLL

+ 1999-07-20 03:38:00 47,616 ----a-w I:\WINDOWS\system32\SNTI386.DLL

+ 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\system32\sntnlusb.sys

+ 2003-04-24 12:00:00 1,744 ----a-w I:\WINDOWS\system32\sound.drv

- 2006-11-17 14:14:30 14,640 ------w I:\WINDOWS\system32\spmsg.dll

+ 2006-10-16 14:10:58 14,640 ------w I:\WINDOWS\system32\spmsg.dll

+ 2007-03-22 18:25:42 677,376 ------w I:\WINDOWS\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe

- 2005-06-28 08:21:46 22,752 ----a-w I:\WINDOWS\system32\spupdsvc.exe

+ 2006-10-16 14:10:58 23,856 ----a-w I:\WINDOWS\system32\spupdsvc.exe

+ 2003-04-24 12:00:00 3,360 ----a-w I:\WINDOWS\system32\system.drv

+ 2003-04-24 12:00:00 4,096 ----a-w I:\WINDOWS\system32\timer.drv

- 2005-01-28 12:44:28 47,104 ----a-w I:\WINDOWS\system32\uwdf.exe

+ 2006-10-18 19:58:00 8,704 ----a-w I:\WINDOWS\system32\uwdf.exe

+ 2003-04-24 12:00:00 2,176 ----a-w I:\WINDOWS\system32\vga.drv

- 2005-01-28 12:44:28 15,872 ----a-w I:\WINDOWS\system32\wdfapi.dll

+ 2006-10-18 19:47:18 4,096 ----a-w I:\WINDOWS\system32\wdfapi.dll

- 2005-01-28 12:44:28 38,912 ----a-w I:\WINDOWS\system32\wdfmgr.exe

+ 2006-10-18 19:58:00 8,704 ----a-w I:\WINDOWS\system32\wdfmgr.exe

+ 2004-08-19 23:10:08 23,552 ----a-w I:\WINDOWS\system32\wdmaud(2).drv

+ 2004-08-19 23:10:08 23,552 ----a-w I:\WINDOWS\system32\wdmaud.drv

+ 2003-04-24 12:00:00 13,600 ----a-w I:\WINDOWS\system32\wfwnet.drv

+ 2006-10-24 10:30:06 716,288 ------w I:\WINDOWS\system32\WindowsCodecs.dll

+ 2006-10-24 10:29:50 352,256 ------w I:\WINDOWS\system32\WindowsCodecsExt.dll

+ 2003-04-24 12:00:00 2,864 ----a-w I:\WINDOWS\system32\winsock.dll

+ 2004-08-19 23:10:08 146,944 ----a-w I:\WINDOWS\system32\winspool.drv

+ 2003-04-24 12:00:00 2,112 ----a-w I:\WINDOWS\system32\winspool.exe

- 2005-01-28 12:44:28 396,528 ----a-w I:\WINDOWS\system32\wmadmod.dll

+ 2006-10-18 19:47:18 757,248 ----a-w I:\WINDOWS\system32\wmadmod.dll

- 2005-01-28 12:44:28 716,288 ----a-w I:\WINDOWS\system32\wmadmoe.dll

+ 2006-10-18 19:47:18 1,117,696 ----a-w I:\WINDOWS\system32\WMADMOE.dll

- 2007-10-20 05:01:32 227,328 ----a-w I:\WINDOWS\system32\wmasf.dll

+ 2006-10-18 19:47:18 222,208 ----a-w I:\WINDOWS\system32\wmasf.dll

- 2005-01-28 12:44:28 28,160 ----a-w I:\WINDOWS\system32\WMDMLOG.dll

+ 2006-10-18 19:47:18 33,792 ----a-w I:\WINDOWS\system32\wmdmlog.dll

- 2005-01-28 12:44:28 33,792 ----a-w I:\WINDOWS\system32\WMDMPS.dll

+ 2006-10-18 19:47:18 37,376 ----a-w I:\WINDOWS\system32\wmdmps.dll

- 2005-01-28 12:44:28 335,872 ----a-w I:\WINDOWS\system32\WMDRMdev.dll

+ 2006-10-18 19:47:18 429,056 ----a-w I:\WINDOWS\system32\wmdrmdev.dll

- 2005-01-28 12:44:28 290,816 ----a-w I:\WINDOWS\system32\WMDRMNet.dll

+ 2006-10-18 19:47:20 348,672 ----a-w I:\WINDOWS\system32\wmdrmnet.dll

+ 2006-10-18 19:47:20 535,040 ------w I:\WINDOWS\system32\wmdrmsdk.dll

- 2004-08-19 23:09:07 200,704 ------w I:\WINDOWS\system32\wmerror.dll

+ 2006-11-03 07:58:42 272,384 ------w I:\WINDOWS\system32\wmerror.dll

- 2005-01-28 12:44:28 150,016 ----a-w I:\WINDOWS\system32\wmidx.dll

+ 2006-10-18 19:47:20 157,184 ----a-w I:\WINDOWS\system32\wmidx.dll

- 2005-01-28 12:44:28 1,027,072 ----a-w I:\WINDOWS\system32\wmnetmgr.dll

+ 2006-10-18 19:47:20 937,984 ----a-w I:\WINDOWS\system32\WMNetMgr.dll

- 2007-04-30 00:22:16 4,734,976 ------w I:\WINDOWS\system32\wmp.dll

+ 2006-10-18 19:47:20 10,834,432 ------w I:\WINDOWS\system32\wmp.dll

- 2004-08-19 23:09:49 114,688 ------w I:\WINDOWS\system32\wmpasf.dll

+ 2006-10-18 19:47:20 242,688 ------w I:\WINDOWS\system32\wmpasf.dll

- 2004-08-19 23:09:49 233,472 ------w I:\WINDOWS\system32\wmpdxm.dll

+ 2006-10-18 19:47:20 314,880 ------w I:\WINDOWS\system32\wmpdxm.dll

+ 2006-10-18 19:47:20 295,936 ------w I:\WINDOWS\system32\wmpeffects.dll

+ 2006-10-18 19:47:20 1,661,440 ------w I:\WINDOWS\system32\wmpencen.dll

+ 2006-10-24 10:30:00 276,992 ------w I:\WINDOWS\system32\WMPhoto.dll

- 2004-08-19 23:09:11 2,985,984 ----a-w I:\WINDOWS\system32\wmploc.dll

+ 2006-11-03 08:03:34 8,292,352 ----a-w I:\WINDOWS\system32\wmploc.dll

+ 2006-10-18 19:47:20 613,376 ------w I:\WINDOWS\system32\wmpmde.dll

+ 2006-10-18 19:47:20 130,048 ------w I:\WINDOWS\system32\wmpps.dll

- 2004-08-19 23:09:49 102,400 ----a-w I:\WINDOWS\system32\wmpshell.dll

+ 2006-11-03 07:59:06 99,840 ----a-w I:\WINDOWS\system32\wmpshell.dll

+ 2006-10-18 19:47:20 204,288 ------w I:\WINDOWS\system32\wmpsrcwp.dll

- 2005-01-28 12:44:28 774,904 ----a-w I:\WINDOWS\system32\wmsdmod.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmsdmod.dll

- 2005-01-28 12:44:28 1,119,744 ----a-w I:\WINDOWS\system32\wmsdmoe2.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmsdmoe2.dll

- 2005-01-28 12:44:28 413,944 ----a-w I:\WINDOWS\system32\wmspdmod.dll

+ 2006-10-18 19:47:22 603,648 ----a-w I:\WINDOWS\system32\WMSPDMOD.dll

- 2005-01-28 12:44:28 940,544 ----a-w I:\WINDOWS\system32\wmspdmoe.dll

+ 2006-10-18 19:47:22 1,329,152 ----a-w I:\WINDOWS\system32\WMSPDMOE.dll

- 2005-01-28 12:44:28 1,218,808 ----a-w I:\WINDOWS\system32\wmvadvd.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\WMVADVD.dll

- 2005-01-28 12:44:28 1,512,448 ----a-w I:\WINDOWS\system32\WMVADVE.DLL

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\WMVADVE.DLL

- 2006-12-07 05:29:34 2,374,472 ----a-w I:\WINDOWS\system32\wmvcore.dll

+ 2006-10-18 19:47:22 2,450,944 ----a-w I:\WINDOWS\system32\wmvcore.dll

+ 2006-10-18 19:47:22 1,543,680 ------w I:\WINDOWS\system32\WMVDECOD.dll

- 2005-01-28 12:44:28 895,736 ----a-w I:\WINDOWS\system32\wmvdmod.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmvdmod.dll

- 2005-01-28 12:44:28 1,003,008 ----a-w I:\WINDOWS\system32\wmvdmoe2.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmvdmoe2.dll

+ 2006-10-18 19:47:22 1,574,912 ------w I:\WINDOWS\system32\WMVENCOD.dll

+ 2006-10-18 19:47:22 1,382,912 ------w I:\WINDOWS\system32\WMVSDECD.dll

+ 2006-10-18 19:47:22 767,488 ------w I:\WINDOWS\system32\WMVSENCD.dll

+ 2006-10-18 19:47:22 656,896 ------w I:\WINDOWS\system32\WMVXENCD.dll

+ 2003-04-24 12:00:00 2,736 ----a-w I:\WINDOWS\system32\wowdeb.exe

- 2005-01-28 12:44:28 38,912 ----a-w I:\WINDOWS\system32\wpd_ci.dll

+ 2006-10-18 19:47:22 629,760 ----a-w I:\WINDOWS\system32\wpd_ci.dll

- 2005-01-28 12:44:28 61,952 ----a-w I:\WINDOWS\system32\wpdconns.dll

+ 2006-10-18 19:47:22 35,840 ----a-w I:\WINDOWS\system32\wpdconns.dll

- 2005-01-28 12:44:28 114,176 ----a-w I:\WINDOWS\system32\wpdmtp.dll

+ 2006-10-18 19:47:22 154,624 ----a-w I:\WINDOWS\system32\wpdmtp.dll

- 2005-01-28 12:44:28 66,560 ----a-w I:\WINDOWS\system32\wpdmtpus.dll

+ 2006-10-18 19:47:22 63,488 ----a-w I:\WINDOWS\system32\wpdmtpus.dll

+ 2006-10-18 19:47:22 2,603,008 ------w I:\WINDOWS\system32\WpdShext.dll

+ 2006-10-18 18:00:14 17,408 ------w I:\WINDOWS\system32\wpdshextautoplay.exe

+ 2006-11-02 09:52:12 44,032 ------w I:\WINDOWS\system32\wpdshextres.dll

+ 2006-10-18 19:47:22 133,632 ------w I:\WINDOWS\system32\WPDShServiceObj.dll

- 2005-01-28 12:44:28 331,264 ----a-w I:\WINDOWS\system32\wpdsp.dll

+ 2006-10-18 19:47:22 356,352 ----a-w I:\WINDOWS\system32\wpdsp.dll

+ 2006-09-28 18:13:26 95,344 ------w I:\WINDOWS\system32\WUDFCoinstaller.dll

+ 2006-09-28 16:56:38 146,432 ------w I:\WINDOWS\system32\WudfHost.exe

+ 2006-09-28 16:56:16 165,376 ------w I:\WINDOWS\system32\WudfPlatform.dll

+ 2006-09-28 16:56:14 55,808 ------w I:\WINDOWS\system32\WudfSvc.dll

+ 2006-09-28 16:56:38 316,416 ------w I:\WINDOWS\system32\WUDFx.dll

- 2007-07-30 17:19:28 203,096 ----a-w I:\WINDOWS\system32\wuweb.dll

+ 2007-07-30 17:19:46 203,096 ----a-w I:\WINDOWS\system32\wuweb.dll

+ 2007-03-23 04:07:54 583,504 ------w I:\WINDOWS\system32\XPSSHHDR.dll

+ 2007-03-23 04:07:56 1,683,280 ------w I:\WINDOWS\system32\XpsSvcs.dll

+ 2000-08-31 06:00:00 49,152 ----a-w I:\WINDOWS\VFind.exe

+ 2008-07-15 15:02:50 8,192 ----a-w I:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

+ 2006-12-01 20:56:00 96,256 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll

+ 2007-10-23 23:47:56 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcm80.dll

+ 2007-10-23 23:47:56 558,080 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll

+ 2007-10-23 23:47:56 635,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll

- 2005-09-22 21:48:08 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll

+ 2005-09-23 05:29:16 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll

- 2005-09-22 21:48:08 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll

+ 2005-09-23 05:29:16 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll

- 2005-09-22 21:48:06 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll

+ 2005-09-23 05:29:16 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll

+ 2006-12-01 21:54:32 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll

+ 2006-12-01 21:54:34 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll

+ 2006-12-01 21:54:32 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

+ 2006-12-01 23:25:52 1,101,824 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll

+ 2006-12-01 23:25:56 1,093,120 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll

+ 2006-12-01 23:25:58 69,632 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll

+ 2006-12-01 23:26:00 57,856 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll

+ 2006-12-01 22:08:00 40,960 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll

+ 2006-12-01 22:08:00 45,056 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll

+ 2006-12-01 22:08:00 65,536 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll

+ 2006-12-01 22:08:00 57,344 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll

+ 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll

+ 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll

+ 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll

+ 2006-12-01 22:08:00 49,152 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll

+ 2006-12-01 22:08:00 49,152 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll

+ 2006-12-01 22:46:44 65,536 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll

+ 2007-11-07 15:19:32 161,784 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll

+ 2007-11-07 10:23:58 224,768 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll

+ 2007-11-07 15:19:34 568,832 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll

+ 2007-11-07 15:19:34 655,872 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll

+ 2007-11-07 15:19:38 1,156,600 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll

+ 2007-11-07 15:19:38 1,162,744 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll

+ 2007-11-07 12:51:08 59,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll

+ 2007-11-07 12:51:08 59,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll

+ 2007-11-07 15:19:16 41,472 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll

+ 2007-11-07 15:19:16 41,984 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll

+ 2007-11-07 15:19:28 60,928 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll

+ 2007-11-07 15:19:22 54,272 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll

+ 2007-11-07 15:19:22 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll

+ 2007-11-07 15:19:22 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll

+ 2007-11-07 15:19:28 60,416 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll

+ 2007-11-07 15:19:28 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll

+ 2007-11-07 15:19:16 47,104 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll

+ 2007-11-07 15:19:16 46,592 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll

+ 2007-11-07 15:19:22 54,272 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll

+ 2008-07-15 15:02:57 258,048 ----a-w I:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2008-07-15 15:02:57 113,664 ----a-w I:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

+ 2000-08-31 06:00:00 68,096 ----a-w I:\WINDOWS\zip.exe

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="I:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]

"Steam"="i:\program files\valve\steam\steam.exe" [2008-06-07 17:47 1271032]

"msnmsgr"="I:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352]

"swg"="I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-15 00:11 68856]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PowerStrip"="i:\program files\powerstrip\pstrip.exe" [2007-07-14 11:35 730360]

"NvCplDaemon"="I:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480]

"MessengerPlus3"="I:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-08-14 17:51 190024]

"BigDogPath"="I:\WINDOWS\VM_STI.EXE" [2004-11-29 08:28 40960]

"nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 I:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="NvMCTray.dll" [2006-10-22 12:22 86016 I:\WINDOWS\system32\nvmctray.dll]

"Cmaudio"="cmicnfg.cpl" [N/A]

 

I:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

Outil de mise … jour Google.lnk - I:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-15 00:11:11 124912]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"SENTINEL"= snti386.dll

 

[HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]

path=I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk

backup=I:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]

--a------ 2007-06-11 11:25 6731312 I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-squared]

--a------ 2008-07-14 19:00 2132112 I:\Program Files\a-squared Anti-Malware\a2guard.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]

--a------ 2006-01-18 15:52 229416 I:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

--a------ 2008-04-01 11:39 486856 I:\Program Files\DAEMON Tools Lite\daemon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HiYo]

I:\Program Files\HiYo\bin\HiYo.exe [N/A]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]

--a------ 2008-04-01 12:40 172280 I:\Program Files\ICQ6\ICQ.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

-ra------ 2001-07-09 12:50 155648 I:\WINDOWS\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]

--a------ 2007-06-28 23:01 2512128 I:\WINDOWS\system32\oodtray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]

--a------ 2007-10-23 02:47 360448 I:\Program Files\Winamp Remote\bin\OrbTray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]

--------- 2003-06-24 15:23 61440 I:\Program Files\Home Cinema\PowerCinema\PCMService.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2008-02-22 05:25 144784 I:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]

--a------ 2007-05-15 16:34 3975848 I:\Program Files\TomTom HOME\TomTomHOME.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]

I:\Program Files\Unlocker\UnlockerAssistant.exe [N/A]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

--a------ 2007-10-10 07:28 36352 I:\Program Files\Winamp\winampa.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{7147f2b1-74f9-82c9-6bdd-49be6cbfe9fb}]

I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll [N/A]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Corporation Svchost Service]

mssvc.exe [N/A]

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"I:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=

"I:\\Program Files\\MSN Messenger\\livecall.exe"=

"I:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"=

"I:\\Program Files\\ICQ6\\ICQ.exe"=

"I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\Win32\\RpcDataSrv.exe"=

"I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\RpcSandraSrv.exe"=

"I:\\Program Files\\LimeWire\\LimeWire.exe"=

"I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\PCM.exe"=

"I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\Autorun\\Exe\\Autorun.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3478:UDP"= 3478:UDP:stun

"3479:UDP"= 3479:UDP:stun 2

"6112:UDP"= 6112:UDP:stun 3

"5730:UDP"= 5730:UDP:game

"5739:UDP"= 5739:UDP:game 1

"9001:TCP"= 9001:TCP:game 2

"11881:TCP"= 11881:TCP:game 3

"11881:UDP"= 11881:UDP:game4

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

 

R0 avgntmgr;avgntmgr;I:\WINDOWS\system32\drivers\avgntmgr.sys [2005-07-04 11:58]

R1 appdrv01;Application Driver (01);I:\WINDOWS\system32\Drivers\appdrv01.sys [2008-07-11 20:33]

R1 avgntdd;avgntdd;I:\WINDOWS\system32\DRIVERS\avgntdd.sys [2005-08-23 15:32]

R2 PStrip;PStrip;I:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 03:37]

R3 Cap7134;MEDION (7134) WDM Video Capture;I:\WINDOWS\system32\DRIVERS\Cap7134.sys [2002-11-04 17:29]

R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;I:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2002-11-04 17:32]

S1 hidfltr;HID Filter Driver;I:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 12:20]

S2 appdrvrem01;Application Driver Auto Removal Service (01);I:\WINDOWS\System32\appdrvrem01.exe svc []

S3 ewdmaudn;ewdmaudn;I:\DOCUME~1\BENOIT~1\LOCALS~1\Temp\ewdmaudn.sys []

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2291a4b8-0870-11dd-b659-000c76febb28}]

\Shell\AutoRun\command - K:\Exe\Autorun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{360363b4-0d3b-11dd-b665-000c76febb28}]

\Shell\AutoRun\command - G:\Exe\Autorun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c0f6098-3a40-11dd-b6c8-000c76febb28}]

\Shell\AutoRun\command - L:\InstallTomTomHOME.exe

.

Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

"2008-07-12 22:36:01 I:\WINDOWS\Tasks\At1.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-15 07:00:02 I:\WINDOWS\Tasks\At10.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 08:07:03 I:\WINDOWS\Tasks\At11.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 09:07:14 I:\WINDOWS\Tasks\At12.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 10:07:15 I:\WINDOWS\Tasks\At13.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 11:07:22 I:\WINDOWS\Tasks\At14.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 12:07:21 I:\WINDOWS\Tasks\At15.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 13:00:05 I:\WINDOWS\Tasks\At16.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 14:00:02 I:\WINDOWS\Tasks\At17.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 15:00:01 I:\WINDOWS\Tasks\At18.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 16:00:05 I:\WINDOWS\Tasks\At19.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-12 23:00:01 I:\WINDOWS\Tasks\At2.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 17:00:02 I:\WINDOWS\Tasks\At20.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 18:00:27 I:\WINDOWS\Tasks\At21.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 19:00:03 I:\WINDOWS\Tasks\At22.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 20:00:00 I:\WINDOWS\Tasks\At23.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 21:00:00 I:\WINDOWS\Tasks\At24.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-12 22:56:10 I:\WINDOWS\Tasks\At25.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-12 23:00:10 I:\WINDOWS\Tasks\At26.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 00:00:10 I:\WINDOWS\Tasks\At27.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

- È:\îP˜

"2008-07-13 01:00:10 I:\WINDOWS\Tasks\At28.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 02:00:10 I:\WINDOWS\Tasks\At29.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 00:00:01 I:\WINDOWS\Tasks\At3.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-13 03:00:10 I:\WINDOWS\Tasks\At30.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 04:00:10 I:\WINDOWS\Tasks\At31.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 05:00:00 I:\WINDOWS\Tasks\At32.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 06:00:00 I:\WINDOWS\Tasks\At33.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-15 07:00:00 I:\WINDOWS\Tasks\At34.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 08:00:00 I:\WINDOWS\Tasks\At35.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 09:00:00 I:\WINDOWS\Tasks\At36.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 10:00:00 I:\WINDOWS\Tasks\At37.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 11:00:00 I:\WINDOWS\Tasks\At38.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 12:00:00 I:\WINDOWS\Tasks\At39.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 01:00:01 I:\WINDOWS\Tasks\At4.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 13:00:10 I:\WINDOWS\Tasks\At40.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 14:00:10 I:\WINDOWS\Tasks\At41.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 15:00:10 I:\WINDOWS\Tasks\At42.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 16:00:10 I:\WINDOWS\Tasks\At43.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 17:00:10 I:\WINDOWS\Tasks\At44.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 18:08:50 I:\WINDOWS\Tasks\At45.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 19:07:32 I:\WINDOWS\Tasks\At46.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 20:00:00 I:\WINDOWS\Tasks\At47.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 21:00:00 I:\WINDOWS\Tasks\At48.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-12 22:10:00 I:\WINDOWS\Tasks\At49.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 02:00:01 I:\WINDOWS\Tasks\At5.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-12 23:00:00 I:\WINDOWS\Tasks\At50.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 00:00:00 I:\WINDOWS\Tasks\At51.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 01:00:00 I:\WINDOWS\Tasks\At52.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 02:00:00 I:\WINDOWS\Tasks\At53.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 03:00:00 I:\WINDOWS\Tasks\At54.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 04:00:00 I:\WINDOWS\Tasks\At55.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 05:00:00 I:\WINDOWS\Tasks\At56.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 06:00:00 I:\WINDOWS\Tasks\At57.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-15 07:00:00 I:\WINDOWS\Tasks\At58.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-18 08:00:00 I:\WINDOWS\Tasks\At59.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 03:00:01 I:\WINDOWS\Tasks\At6.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 09:00:00 I:\WINDOWS\Tasks\At60.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-18 10:00:00 I:\WINDOWS\Tasks\At61.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-18 11:00:00 I:\WINDOWS\Tasks\At62.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-18 12:00:00 I:\WINDOWS\Tasks\At63.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 13:00:00 I:\WINDOWS\Tasks\At64.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 14:00:00 I:\WINDOWS\Tasks\At65.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 15:00:00 I:\WINDOWS\Tasks\At66.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 16:00:00 I:\WINDOWS\Tasks\At67.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 17:00:00 I:\WINDOWS\Tasks\At68.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 18:00:25 I:\WINDOWS\Tasks\At69.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 04:00:01 I:\WINDOWS\Tasks\At7.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 19:00:00 I:\WINDOWS\Tasks\At70.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 20:00:00 I:\WINDOWS\Tasks\At71.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 21:00:00 I:\WINDOWS\Tasks\At72.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-12 22:58:01 I:\WINDOWS\Tasks\At73.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-12 23:00:01 I:\WINDOWS\Tasks\At74.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 00:00:01 I:\WINDOWS\Tasks\At75.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 01:00:01 I:\WINDOWS\Tasks\At76.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 02:00:01 I:\WINDOWS\Tasks\At77.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 03:00:01 I:\WINDOWS\Tasks\At78.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 04:00:01 I:\WINDOWS\Tasks\At79.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 05:00:02 I:\WINDOWS\Tasks\At8.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 05:00:02 I:\WINDOWS\Tasks\At80.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 06:00:02 I:\WINDOWS\Tasks\At81.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-15 07:00:02 I:\WINDOWS\Tasks\At82.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 08:00:00 I:\WINDOWS\Tasks\At83.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 09:00:00 I:\WINDOWS\Tasks\At84.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 10:00:00 I:\WINDOWS\Tasks\At85.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 11:00:00 I:\WINDOWS\Tasks\At86.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 12:00:00 I:\WINDOWS\Tasks\At87.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 13:00:10 I:\WINDOWS\Tasks\At88.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 14:00:02 I:\WINDOWS\Tasks\At89.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 06:00:02 I:\WINDOWS\Tasks\At9.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 15:00:01 I:\WINDOWS\Tasks\At90.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 16:00:09 I:\WINDOWS\Tasks\At91.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 17:00:03 I:\WINDOWS\Tasks\At92.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 18:00:27 I:\WINDOWS\Tasks\At93.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 19:00:03 I:\WINDOWS\Tasks\At94.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 20:00:00 I:\WINDOWS\Tasks\At95.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 21:00:00 I:\WINDOWS\Tasks\At96.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 12:40:07 I:\WINDOWS\Tasks\User_Feed_Synchronization-{4274763A-B51A-48F2-A192-02DCE7262C32}.job"

- I:\WINDOWS\system32\msfeedssync.exe

.

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-07-18 14:31:26

Windows 5.1.2600 Service Pack 2 NTFS

 

Balayage processus cachés ...

 

Balayage caché autostart entries ...

 

Balayage des fichiers cachés ...

 

Scan terminé avec succès

Les fichiers cachés: 0

 

**************************************************************************

.

Temps d'accomplissement: 2008-07-18 14:32:53

ComboFix-quarantined-files.txt 2008-07-18 12:32:35

ComboFix2.txt 2008-01-20 20:43:00

 

Pre-Run: 177,256,910,848 octets libres

Post-Run: 177,319,284,736 octets libres

 

1140 --- E O F --- 2008-01-10 00:54:35

ComboFix 08-07-17.4 - benoit pellissier 2008-07-18 14:28:52.2 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.399 [GMT 2:00]

Endroit: I:\Documents and Settings\benoit pellissier\Bureau\Combo-Fix.exe

* Resident AV is active

 

 

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

I:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML

I:\install.exe

I:\WINDOWS\Downloaded Program Files\setup.inf

I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll

 

.

((((((((((((((((((((((((((((( Fichiers créés 2008-06-18 to 2008-07-18 ))))))))))))))))))))))))))))))))))))

.

 

2008-07-17 23:13 . 2008-07-17 23:13 35,842 --a------ I:\WINDOWS\system32\C3DL15v4.exe

2008-07-17 20:50 . 2008-07-17 20:51 1,442,142 --a------ I:\SDFix.exe

2008-07-17 18:36 . 2008-07-17 18:36 <REP> d-------- I:\VundoFix Backups

2008-07-17 18:30 . 2008-07-17 20:25 <REP> d-------- I:\Program Files\Malwarebytes' Anti-Malware

2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Malwarebytes

2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-07-17 18:30 . 2008-07-07 17:35 34,296 --a------ I:\WINDOWS\system32\drivers\mbamcatchme.sys

2008-07-17 18:30 . 2008-07-07 17:35 17,144 --a------ I:\WINDOWS\system32\drivers\mbam.sys

2008-07-17 12:46 . 2007-07-30 19:19 271,224 --a------ I:\WINDOWS\system32\mucltui.dll

2008-07-17 12:46 . 2007-07-30 19:19 207,736 --a------ I:\WINDOWS\system32\muweb.dll

2008-07-17 12:46 . 2007-07-30 19:18 30,072 --a------ I:\WINDOWS\system32\mucltui.dll.mui

2008-07-17 12:42 . 2008-07-17 12:42 <REP> d-------- I:\37697b738c9b3c8639754acaec909457

2008-07-17 12:41 . 2008-07-17 12:41 <REP> d-------- I:\3226aa2ad68ffcc930ef58

2008-07-17 10:35 . 2008-07-17 12:41 <REP> d----c--- I:\Program Files\Fichiers communs\WindowsLiveInstaller

2008-07-17 10:35 . 2008-07-17 10:54 <REP> d-------- I:\Documents and Settings\All Users\Application Data\WLInstaller

2008-07-15 17:05 . 2006-06-29 13:07 14,048 --------- I:\WINDOWS\system32\spmsg2.dll

2008-07-15 08:08 . 2008-07-15 08:08 <REP> d-------- I:\Program Files\TomTom DesktopSuite

2008-07-14 18:47 . 2008-07-17 13:07 <REP> d-------- I:\Program Files\a-squared Anti-Malware

2008-07-14 18:37 . 2008-07-14 18:37 <REP> d-------- I:\WINDOWS\type

2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\InstantTimeZone

2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Documents and Settings\All Users\Application Data\HiYo

2008-07-13 12:26 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\BigFix

2008-07-13 12:10 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\Realtek AC97

2008-07-13 12:10 . 2002-02-05 13:54 141,016 --a------ I:\WINDOWS\system32\alsndmgr.wav

2008-07-13 12:08 . 2008-07-13 12:49 <REP> d-------- I:\WINDOWS\NV35763580.TMP

2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Program Files\ma-config.com

2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Documents and Settings\All Users\Application Data\ma-config.com

2008-07-12 19:17 . 2008-07-15 17:17 <REP> d-------- I:\WINDOWS\system32\XPSViewer

2008-07-12 19:17 . 2008-07-12 19:17 <REP> d-------- I:\Program Files\MSBuild

2008-07-12 19:16 . 2008-07-12 19:16 <REP> d-------- I:\Program Files\Reference Assemblies

2008-07-12 18:02 . 2008-07-12 18:02 <REP> d-------- I:\Program Files\MSXML 6.0

2008-07-12 15:20 . 2008-07-12 19:31 1,374 --a------ I:\WINDOWS\imsins.BAK

2008-07-12 15:04 . 2008-07-12 15:04 0 --a------ I:\WINDOWS\system32\tOgc374C.exe.a_a

2008-07-11 20:33 . 2008-07-11 20:33 3,468,904 --a------ I:\WINDOWS\system32\drivers\appdrv01.sys

2008-07-11 20:33 . 2008-07-11 20:33 304,528 --a------ I:\WINDOWS\system32\appdrvrem01.exe

2008-07-11 18:50 . 2008-07-11 18:55 <REP> d-------- I:\Program Files\BHODemon 2

2008-07-11 17:48 . 2008-07-11 17:48 999 --a------ I:\WINDOWS\unins000.dat

2008-07-11 17:23 . 2008-07-11 18:03 <REP> d-------- I:\54f2d04aeca8b46f3adb319aae

2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Microsoft Visual Studio 8

2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Fichiers communs\Merge Modules

2008-07-11 17:16 . 2008-07-11 18:03 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Microsoft Help

2008-07-11 12:31 . 2008-07-11 18:05 <REP> d-------- I:\Program Files\SpywareGuard

2008-07-11 10:56 . 2008-07-11 10:56 0 --a------ I:\WINDOWS\system32\NW1iG6cU.exe.a_a

2008-07-10 19:32 . 2008-07-10 19:32 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Sandlot Games

2008-07-10 19:31 . 2008-07-10 19:31 <REP> d-------- I:\Program Files\ReflexiveArcade

2008-07-10 19:31 . 2008-07-11 18:04 <REP> d-------- I:\Program Files\Cake Mania

2008-07-07 16:10 . 2008-07-07 16:10 64,846 --a------ I:\WINDOWS\system32\kkkcccypnwb.exe

2008-07-06 12:20 . 2008-07-15 18:06 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Pro Cycling Manager 2008

2008-07-06 07:05 . 2008-07-06 07:25 <REP> d-------- I:\Program Files\Star Downloader

2008-07-03 23:11 . 2008-07-03 23:11 0 --a------ I:\WINDOWS\system32\HJO0GNU5.exe.a_a

2008-07-03 22:03 . 2008-07-03 22:03 <REP> dr------- I:\Documents and Settings\NetworkService\Favoris

2008-07-02 17:10 . 2008-07-02 17:10 0 --a------ I:\WINDOWS\system32\C3DL15v4.exe.a_a

2008-06-30 20:29 . 2006-10-04 16:06 1,197,294 -----c--- I:\WINDOWS\system32\dllcache\sysmain.sdb

2008-06-30 20:29 . 2006-10-04 16:06 764,868 -----c--- I:\WINDOWS\system32\dllcache\apph_sp.sdb

2008-06-30 20:29 . 2006-10-04 16:06 217,118 -----c--- I:\WINDOWS\system32\dllcache\apphelp.sdb

2008-06-30 20:27 . 2008-06-30 20:27 <REP> d-------- I:\Program Files\Windows Media Connect 2

2008-06-30 20:25 . 2008-06-30 20:26 <REP> d-------- I:\WINDOWS\system32\drivers\UMDF

2008-06-28 18:12 . 2008-06-28 18:23 <REP> d-------- I:\Program Files\Yahoo!

2008-06-28 07:37 . 2008-07-18 14:17 107,373 --a------ I:\WINDOWS\system32\oodbs.lor

2008-06-27 20:35 . 2008-06-27 20:35 0 --a------ I:\WINDOWS\oodcnt.INI

2008-06-27 16:04 . 2008-07-16 19:21 <REP> d-------- I:\WINDOWS\system32\oodag

2008-06-27 15:52 . 2008-06-27 15:52 <REP> d-------- I:\Program Files\OO Software

2008-06-27 15:45 . 2008-07-16 20:10 <REP> d-------- I:\Program Files\RamBoost XP

2008-06-27 15:32 . 2008-06-27 15:36 <REP> d-------- I:\Program Files\RegCleaner

2008-06-23 15:21 . 2008-06-23 15:21 0 --a------ I:\WINDOWS\nsreg.dat

2008-06-18 15:44 . 2008-06-18 15:44 <REP> d-------- I:\UDA051_build01(Logo51.3_Standard)

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-07-18 11:58 --------- d-----w I:\Documents and Settings\All Users\Application Data\Google Updater

2008-07-18 11:49 --------- d-----w I:\Program Files\Wanadoo

2008-07-17 17:03 --------- d-----w I:\Program Files\Google

2008-07-17 14:37 --------- d-----w I:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic

2008-07-17 11:04 --------- d-----w I:\Program Files\MSN Messenger

2008-07-17 08:35 --------- d-----w I:\Program Files\Windows Live

2008-07-16 15:53 --------- d-----w I:\Program Files\mIRC

2008-07-15 14:10 --------- d-----w I:\Program Files\TomTom HOME

2008-07-14 18:27 --------- d-----w I:\Program Files\PKR

2008-07-14 18:27 --------- d-----w I:\Program Files\GaNja`Script

2008-07-13 10:10 --------- d--h--w I:\Program Files\InstallShield Installation Information

2008-07-11 17:19 --------- d-----w I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-07-11 16:16 --------- d-----w I:\Program Files\Cyanide

2008-07-11 15:07 --------- d-----w I:\Program Files\Java

2008-07-09 14:02 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\LimeWire

2008-07-09 13:54 --------- d-----w I:\Program Files\eMule

2008-07-07 19:12 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\teamspeak2

2008-06-29 15:14 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\FileZilla

2008-06-28 16:23 --------- d-----w I:\Program Files\Ludiclub

2008-06-27 13:15 --------- d-----w I:\Program Files\RSS Xpress

2008-06-18 16:24 --------- d-----w I:\Program Files\LimeWire

2008-06-18 13:33 --------- d-----w I:\Program Files\Lavalys

2008-06-14 18:33 --------- d-----w I:\Documents and Settings\All Users\Application Data\TomTom

2008-06-14 18:31 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\InstallShield

2008-06-11 18:01 --------- d-----w I:\Program Files\Messenger Plus! Live

2008-06-07 17:45 --------- d-----w I:\Program Files\C-Media 3D Audio

2008-06-07 14:56 --------- d-----w I:\Program Files\Valve

2008-06-07 13:34 43,520 ----a-w I:\WINDOWS\system32\CmdLineExt03.dll

2008-05-22 13:42 107,888 ----a-w I:\WINDOWS\system32\CmdLineExt.dll

2008-05-19 17:04 --------- d-----w I:\Program Files\EA Sports

1999-06-30 13:06 151,552 ----a-r I:\WINDOWS\inf\AGFA\Message.exe

.

<pre>
----a-w         5,109,800 2002-12-07 06:27:30  I:\Program Files\XARA\Xara Menu Maker 1.0 .exe
</pre>

 

 

((((((((((((((((((((((((((((( snapshot@2008-01-20_21.42.48.18 )))))))))))))))))))))))))))))))))))))))))

.

+ 2003-04-24 12:00:00 1,740 -c----w I:\WINDOWS\$NtServicePackUninstall$\dcache.bin

+ 2002-08-29 00:32:34 2,816 -c----w I:\WINDOWS\$NtServicePackUninstall$\drmkaud.sys

+ 2003-04-24 12:00:00 184,320 -c----w I:\WINDOWS\$NtServicePackUninstall$\msh261.drv

+ 2002-08-29 09:45:20 286,720 -c----w I:\WINDOWS\$NtServicePackUninstall$\msh263.drv

+ 2003-04-24 12:00:00 22,016 -c----w I:\WINDOWS\$NtServicePackUninstall$\wdmaud.drv

+ 2003-04-24 12:00:00 132,608 -c----w I:\WINDOWS\$NtServicePackUninstall$\winspool.drv

+ 2006-10-04 14:05:26 39,424 ------w I:\WINDOWS\AppPatch\acadproc.dll

+ 2008-04-14 15:08:31 53,248 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

+ 2008-04-14 15:08:32 12,800 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll

+ 2008-04-14 15:08:32 473,600 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

+ 2008-04-14 15:08:24 2,676,224 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:26 2,846,720 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:27 563,712 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:27 567,296 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:28 576,000 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:28 577,024 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:29 577,536 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:29 577,536 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:30 578,560 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:32 578,560 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2008-04-14 15:08:33 145,920 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

+ 2008-04-14 15:08:33 159,232 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

+ 2008-04-14 15:08:34 364,544 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

+ 2008-04-14 15:08:34 178,176 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

+ 2008-04-14 15:08:31 223,232 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

+ 2008-07-15 15:02:47 69,120 ----a-w I:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2008-07-15 15:02:53 72,192 ----a-w I:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2008-07-15 15:02:34 4,444,160 ----a-w I:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2008-07-15 15:02:55 483,840 ----a-w I:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

+ 2008-07-15 15:02:41 3,036,160 ----a-w I:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

+ 2008-07-15 15:02:57 258,048 ----a-w I:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

+ 2008-07-15 15:02:57 113,664 ----a-w I:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2008-07-15 15:02:53 261,120 ----a-w I:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2008-07-15 15:02:39 5,431,296 ----a-w I:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2008-07-15 15:02:45 10,752 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

+ 2008-07-15 15:02:40 507,904 ----a-w I:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

+ 2008-07-15 15:02:47 13,312 ----a-w I:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2008-07-15 15:02:50 8,192 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2008-07-15 15:02:51 77,824 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

+ 2008-07-15 15:02:51 6,656 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2008-07-15 15:02:58 348,160 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

+ 2008-07-15 15:02:58 36,864 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

+ 2008-07-15 15:02:59 655,360 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

+ 2008-07-15 15:03:00 77,824 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

+ 2008-07-15 15:02:52 749,568 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2008-07-15 15:02:50 110,592 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2008-07-15 15:02:49 372,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2008-07-15 15:02:55 28,672 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2008-07-15 15:02:48 671,744 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2008-07-15 15:02:37 5,632 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2008-07-15 15:02:56 12,800 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2008-07-15 15:02:48 32,768 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

+ 2008-07-15 15:02:47 7,168 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

+ 2008-07-15 15:02:52 110,592 ----a-w I:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

+ 2008-07-15 15:02:53 81,920 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2008-07-15 15:02:40 425,984 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

+ 2008-07-15 15:02:42 741,376 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2008-07-15 15:02:42 933,888 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2008-07-15 15:03:01 5,070,848 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

+ 2008-07-15 15:02:59 188,416 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

+ 2008-07-15 15:02:45 401,408 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2008-07-15 15:02:56 81,920 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

+ 2008-07-15 15:02:37 630,784 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2008-07-15 15:02:57 372,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2008-07-15 15:02:56 258,048 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

+ 2008-07-15 15:02:54 299,008 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

+ 2008-07-15 15:02:54 131,072 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2008-07-15 15:02:38 258,048 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2008-07-15 15:02:38 114,688 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

+ 2008-07-15 15:02:44 884,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

+ 2008-07-15 15:02:44 90,112 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2008-07-15 15:02:44 839,680 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

+ 2008-07-15 15:02:46 5,013,504 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2008-07-15 15:02:39 2,068,480 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

+ 2008-07-15 15:02:43 3,076,096 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

+ 2008-07-17 11:24:49 27,136 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll

+ 2008-07-17 11:24:53 884,736 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\a1d353edc300e3aff0784202f68a657b\AspNetMMCExt.ni.dll

+ 2008-07-17 11:24:53 237,568 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c10ec9b4de2b366236ec83237dc31281\CustomMarshalers.ni.dll

+ 2008-07-17 11:24:54 15,360 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\837fe02bdcf637d5bf1e5ffb935ebb80\dfsvc.ni.exe

+ 2008-07-17 11:24:56 876,544 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9710a3c0d11dd264c3a6b88977699e9b\Microsoft.Build.Engine.ni.dll

+ 2008-07-17 11:24:56 81,920 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e2858a45971fb30b0c0523dbb52c1d4e\Microsoft.Build.Framework.ni.dll

+ 2008-07-17 11:25:00 1,695,744 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\63d69ffdf3c640d2d104a4b74e8115f8\Microsoft.Build.Tasks.ni.dll

+ 2008-07-17 11:25:00 167,936 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\11cb5418c06e30100616fbf205588489\Microsoft.Build.Utilities.ni.dll

+ 2008-07-17 11:25:03 1,740,800 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll

+ 2008-07-17 10:43:45 11,722,752 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll

+ 2008-07-17 11:25:05 1,011,712 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll

+ 2008-07-17 10:44:26 7,049,216 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5f669e819da7010c1dca347a25597c42\System.Data.ni.dll

+ 2008-07-17 11:25:06 1,798,144 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll

+ 2008-07-17 10:45:04 10,969,088 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\c1e16b40e30a05c39be8aee46311841c\System.Design.ni.dll

+ 2008-07-17 11:25:08 1,224,704 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll

+ 2008-07-17 11:25:09 512,000 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll

+ 2008-07-17 10:45:23 229,376 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b974f6c17d17a533adf6e7710c5a62fa\System.Drawing.Design.ni.dll

+ 2008-07-17 10:45:22 1,667,072 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll

+ 2008-07-17 11:25:10 659,456 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll

+ 2008-07-17 11:25:10 294,912 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll

+ 2008-07-17 11:25:11 733,184 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll

+ 2008-07-17 11:25:12 233,472 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll

+ 2008-07-17 11:25:12 679,936 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll

+ 2008-07-17 11:25:29 2,342,912 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\37d87b3cab1c66ec4430ebb2abeaa570\System.Web.Mobile.ni.dll

+ 2008-07-17 11:25:29 237,568 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll

+ 2008-07-17 11:25:31 1,986,560 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll

+ 2008-07-17 11:25:26 12,509,184 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll

+ 2008-07-17 10:46:11 13,193,216 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll

+ 2008-07-17 10:46:29 5,771,264 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll

+ 2008-07-17 10:44:07 8,265,728 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll

- 2007-10-05 13:20:36 181,760 ----a-w I:\WINDOWS\BDOSCAN8\bdcore.dll

+ 2008-02-25 20:52:07 181,760 ----a-w I:\WINDOWS\BDOSCAN8\bdcore.dll

- 2006-05-24 23:21:00 118,784 ----a-w I:\WINDOWS\BDOSCAN8\bdupd.dll

+ 2006-05-25 00:21:00 118,784 ----a-w I:\WINDOWS\BDOSCAN8\bdupd.dll

- 2006-05-24 23:21:14 53,248 ----a-w I:\WINDOWS\BDOSCAN8\ipsupd.dll

+ 2006-05-25 00:21:14 53,248 ----a-w I:\WINDOWS\BDOSCAN8\ipsupd.dll

- 2007-10-05 13:20:39 142,848 ----a-w I:\WINDOWS\BDOSCAN8\libfn.dll

+ 2008-02-25 20:52:08 142,848 ----a-w I:\WINDOWS\BDOSCAN8\libfn.dll

+ 2002-10-18 13:56:06 28,672 ----a-w I:\WINDOWS\CMIRmDriver.dll

+ 2003-07-22 09:15:24 225,280 ----a-w I:\WINDOWS\CmiRmRedundDir.exe

+ 2003-08-05 12:23:24 266,240 ----a-w I:\WINDOWS\CMIUninstall.exe

+ 2006-05-25 00:21:00 118,784 ----a-w I:\WINDOWS\Downloaded Program Files\CONFLICT.1\bdupd.dll

+ 2006-05-25 00:21:14 53,248 ----a-w I:\WINDOWS\Downloaded Program Files\CONFLICT.1\ipsupd.dll

+ 2008-03-24 17:33:02 1,527,056 ----a-w I:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe

+ 2002-01-03 13:54:36 96,768 ----a-w I:\WINDOWS\DRIVER\Sound\C-Media 5.12.01.0036\C-Media 5.12.01.0036\Driver\Win_95\CM9738.DRV

+ 2002-01-03 14:54:36 96,768 ----a-w I:\WINDOWS\DRIVER\Sound\C-Media 5.12.01.0040\C-Media 5.12.01.0040\Driver\Win_95\CM9738.DRV

+ 2005-10-20 18:02:28 163,328 ----a-w I:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE

- 2007-08-23 00:15:50 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE

+ 2008-07-17 10:57:06 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE

- 2007-08-23 21:20:07 2,334,720 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT

+ 2008-07-18 12:11:15 16,211,968 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000001\ntuser.dat

- 2007-08-23 21:20:07 8,192 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat

+ 2008-07-18 12:11:15 548,864 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat

+ 2008-07-17 10:57:06 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE

+ 2008-07-18 12:11:12 16,211,968 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\ntuser.dat

+ 2008-07-18 12:11:13 548,864 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat

+ 2000-08-31 06:00:00 89,504 ----a-w I:\WINDOWS\fdsv.exe

+ 2000-08-31 06:00:00 80,412 ----a-w I:\WINDOWS\grep.exe

- 2004-08-19 23:10:03 208,896 ----a-w I:\WINDOWS\inf\unregmp2.exe

+ 2006-11-03 07:58:34 317,440 ----a-w I:\WINDOWS\inf\unregmp2.exe

+ 2008-04-18 18:00:41 98,304 ----a-r I:\WINDOWS\Installer\{1EC73FB6-97FD-48EE-8100-CA969A56E727}\ARPPRODUCTICON.exe

+ 2008-04-18 18:00:41 98,304 ----a-r I:\WINDOWS\Installer\{1EC73FB6-97FD-48EE-8100-CA969A56E727}\NewShortcut1_1EC73FB697FD48EE8100CA969A56E727.exe

+ 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\ARPPRODUCTICON.exe

+ 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_ds.53480420_ED54_41F1_B802_5A3B83DAF067.exe

+ 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_exe.53480420_ED54_41F1_B802_5A3B83DAF067.exe

+ 2008-06-04 12:31:43 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\ARPPRODUCTICON.exe

+ 2008-06-04 12:31:43 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut1_644D622AEF3D40E290EE92523E2DA87A.exe

+ 2008-06-04 12:31:44 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut2_569C74F853D147C0802E971DD74EC31B.exe

+ 2008-06-04 12:31:44 8,854 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut3_661346DFE29D45B2AB0F791526D873EC.exe

+ 2008-05-19 16:59:17 32,038 ----a-r I:\WINDOWS\Installer\{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}\nhl08.exe

+ 2005-03-18 14:23:10 53,248 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll

+ 2005-03-18 14:23:10 12,800 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll

+ 2005-03-18 14:23:14 473,600 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll

+ 2004-09-29 10:38:58 2,676,224 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-03-18 14:23:10 145,920 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll

+ 2005-03-18 14:23:10 159,232 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll

+ 2005-03-18 14:23:14 364,544 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll

+ 2005-03-18 14:23:12 178,176 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll

+ 2005-03-18 14:23:14 223,232 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll

+ 2004-12-01 13:53:06 2,846,720 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-02-05 17:32:54 563,712 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-03-18 15:23:14 567,296 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-05-26 13:15:56 576,000 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-07-22 15:21:34 577,024 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-09-28 12:11:52 577,536 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll

+ 2005-12-05 15:20:50 577,536 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll

+ 2006-02-03 05:40:48 578,560 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll

+ 2006-03-31 09:27:50 578,560 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll

+ 2007-10-23 23:47:38 82,944 ----a-w I:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_diasymreader.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_iehost.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.jscript.dll

+ 2005-09-23 05:29:04 5,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscordbi.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscorrc.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscorsec.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.configuration.install.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.data.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_VsaVb7rt.dll

+ 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_wminet_utils.dll

+ 2007-10-23 23:47:38 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll

+ 2007-10-23 23:47:40 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll

+ 2007-10-23 23:47:42 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll

+ 2007-10-23 23:47:40 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll

+ 2007-10-23 23:47:38 97,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll

+ 2007-10-23 23:47:26 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll

+ 2007-10-23 23:47:30 145,408 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll

+ 2007-10-23 23:47:32 13,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll

+ 2007-10-23 23:47:48 193,016 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll

+ 2007-10-23 23:47:20 218,112 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll

+ 2007-10-23 23:47:40 10,752 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll

+ 2007-10-23 23:47:42 147,968 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll

+ 2007-10-23 23:47:26 99,320 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll

+ 2007-10-23 23:47:42 59,392 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe

+ 2007-10-23 23:47:22 36,864 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe

+ 2007-10-23 23:47:22 22,024 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll

+ 2007-10-23 23:47:22 17,928 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll

+ 2007-10-23 23:47:22 33,288 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll

+ 2007-10-23 23:47:22 84,480 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll

+ 2007-10-23 23:47:22 24,576 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe

+ 2007-10-23 23:47:22 32,776 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe

+ 2007-10-23 23:47:22 106,496 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe

+ 2007-10-23 23:47:22 33,800 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

+ 2007-10-23 23:47:22 33,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe

+ 2007-10-23 23:47:22 507,904 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll

+ 2007-10-23 23:47:40 106,496 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe

+ 2007-10-23 23:47:40 101,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll

+ 2007-10-23 23:47:30 80,376 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe

+ 2007-10-23 23:47:30 1,162,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll

+ 2007-10-23 23:47:30 13,312 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll

+ 2007-10-23 23:47:42 27,136 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll

+ 2007-10-23 23:47:40 69,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll

+ 2007-10-23 23:47:30 35,320 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe

+ 2007-10-23 23:47:28 66,552 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll

+ 2007-10-23 23:47:28 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe

+ 2007-10-23 23:47:54 572,936 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll

+ 2007-10-23 23:47:40 798,224 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll

+ 2007-10-23 23:47:36 18,936 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll

+ 2007-10-23 23:47:40 9,728 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe

+ 2007-10-23 23:47:40 8,192 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll

+ 2007-10-23 23:47:40 77,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll

+ 2007-10-23 23:47:40 6,656 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll

+ 2007-10-23 23:47:40 230,904 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe

+ 2007-10-23 23:47:40 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe

+ 2007-10-23 23:47:40 65,032 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll

+ 2007-10-23 23:47:40 72,192 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll

+ 2007-10-23 23:47:34 40,960 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe

+ 2007-10-23 23:47:36 348,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll

+ 2007-10-23 23:47:36 36,864 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll

+ 2007-10-23 23:47:36 655,360 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll

+ 2007-10-23 23:47:36 77,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll

+ 2007-10-23 23:47:34 749,568 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll

+ 2007-10-23 23:47:52 110,592 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll

+ 2007-10-23 23:47:52 372,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll

+ 2007-10-23 23:47:50 671,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll

+ 2007-10-23 23:47:20 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll

+ 2007-10-23 23:47:52 5,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll

+ 2007-10-23 23:47:20 32,768 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll

+ 2007-10-23 23:47:20 12,800 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

+ 2007-10-23 23:47:20 7,168 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll

+ 2007-10-23 23:47:22 97,792 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll

+ 2007-10-23 23:47:36 69,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe

+ 2007-10-23 23:47:40 822,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll

+ 2007-10-23 23:47:40 83,456 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll

+ 2007-10-23 23:47:40 308,224 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll

+ 2007-10-23 23:47:40 47,104 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll

+ 2007-10-23 23:47:40 348,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

+ 2007-10-23 23:47:40 94,208 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll

+ 2007-10-23 23:47:40 4,444,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll

+ 2007-10-23 23:47:40 114,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll

+ 2007-10-23 23:47:44 340,992 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll

+ 2007-10-23 23:47:40 77,312 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll

+ 2007-10-23 23:47:36 18,944 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll

+ 2007-10-23 23:47:40 242,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll

+ 2007-10-23 23:47:40 70,144 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

+ 2007-10-23 23:47:40 19,456 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll

+ 2007-10-23 23:47:36 5,814,784 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

+ 2007-10-23 23:47:44 31,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll

+ 2007-10-23 23:47:40 101,880 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe

+ 2007-10-23 23:47:40 24,584 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll

+ 2007-10-23 23:47:40 89,096 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll

+ 2007-10-23 23:47:36 144,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll

+ 2007-10-23 23:47:40 53,248 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe

+ 2007-10-23 23:47:40 32,768 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe

+ 2007-10-23 23:47:46 61,952 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe

+ 2007-10-23 23:47:42 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll

+ 2007-10-23 23:47:40 119,296 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll

+ 2007-10-23 23:47:44 95,232 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll

+ 2007-10-23 23:47:40 392,696 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll

+ 2007-10-23 23:47:40 110,592 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll

+ 2007-10-23 23:47:42 425,984 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll

+ 2007-10-23 23:47:40 81,920 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll

+ 2007-10-23 23:47:40 3,036,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll

+ 2007-10-23 23:47:40 483,840 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll

+ 2007-10-23 23:47:40 741,376 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll

+ 2007-10-23 23:47:28 933,888 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll

+ 2007-10-23 23:47:40 5,070,848 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll

+ 2007-10-23 23:47:40 401,408 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll

+ 2007-10-23 23:47:40 188,416 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll

+ 2007-10-23 23:47:40 3,076,096 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll

+ 2007-10-23 23:47:40 81,920 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll

+ 2007-10-23 23:47:40 630,784 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll

+ 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll

+ 2007-10-23 23:47:40 57,392 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll

+ 2007-10-23 23:47:40 113,664 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll

+ 2007-10-23 23:47:40 372,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll

+ 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll

+ 2007-10-23 23:47:40 299,008 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll

+ 2007-10-23 23:47:40 131,072 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll

+ 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll

+ 2007-10-23 23:47:40 114,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll

+ 2007-10-23 23:47:40 261,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll

+ 2007-10-23 23:47:40 5,431,296 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll

+ 2007-10-23 23:47:40 884,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll

+ 2007-10-23 23:47:40 90,112 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll

+ 2007-10-23 23:47:40 839,680 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll

+ 2007-10-23 23:47:40 5,013,504 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll

+ 2007-10-23 23:47:40 2,068,480 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll

+ 2007-10-23 23:47:40 81,400 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL

+ 2007-10-23 23:47:48 1,172,472 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe

+ 2007-10-23 23:47:20 1,344,000 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll

+ 2007-10-23 23:47:22 434,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll

+ 2007-10-23 23:47:40 37,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll

+ 2008-01-16 23:28:20 28,306 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\baseline.dat

+ 2007-11-07 17:00:02 210,834 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\baseline.dat

- 2000-08-31 07:00:00 51,200 ----a-w I:\WINDOWS\NirCmd.exe

+ 2000-08-31 06:00:00 28,672 ----a-w I:\WINDOWS\NirCmd.exe

+ 2000-08-31 06:00:00 98,816 ----a-w I:\WINDOWS\sed.exe

+ 2004-08-19 23:23:25 1,788 ------w I:\WINDOWS\ServicePackFiles\i386\dcache.bin

+ 2004-08-04 06:07:57 2,944 ------w I:\WINDOWS\ServicePackFiles\i386\drmkaud.sys

+ 2004-08-19 23:10:08 188,416 ------w I:\WINDOWS\ServicePackFiles\i386\msh261.drv

+ 2004-08-19 23:10:08 294,912 ------w I:\WINDOWS\ServicePackFiles\i386\msh263.drv

+ 2004-08-19 23:10:08 23,552 ------w I:\WINDOWS\ServicePackFiles\i386\wdmaud.drv

+ 2004-08-19 23:10:08 146,944 ------w I:\WINDOWS\ServicePackFiles\i386\winspool.drv

+ 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\sntnlusb.sys

+ 1999-07-20 03:38:00 6,944 ----a-r I:\WINDOWS\sntusb95.sys

+ 2008-07-18 05:52:59 7,264 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{5AA70BE6-651E-439A-A4AF-17131AE5A542}.bin

+ 2008-07-17 05:27:06 10,308 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{6F89D190-5113-43C0-A793-8615836436EC}.bin

+ 2008-07-11 16:03:14 15,456 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{927826F8-F827-4CDC-8FB5-BBCF8C530A8F}.bin

+ 2008-07-13 10:41:59 5,892 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{A9BCB0E8-93DC-466D-85B5-6C6FED16BB40}.bin

+ 2008-07-17 09:01:17 4,196 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{DE3AC4AD-8570-4D00-8FBE-DC6CC0A5DC09}.bin

+ 2000-08-31 06:00:00 161,792 ----a-w I:\WINDOWS\swreg.exe

+ 2000-08-31 06:00:00 136,704 ----a-w I:\WINDOWS\swsc.exe

+ 2000-08-31 06:00:00 212,480 ----a-w I:\WINDOWS\swxcacls.exe

+ 2003-04-24 12:00:00 2,000 ----a-w I:\WINDOWS\system\KEYBOARD.DRV

+ 2003-04-24 12:00:00 73,680 ----a-w I:\WINDOWS\system\MCIAVI.DRV

+ 2003-04-24 12:00:00 25,280 ----a-w I:\WINDOWS\system\MCISEQ.DRV

+ 2003-04-24 12:00:00 28,160 ----a-w I:\WINDOWS\system\MCIWAVE.DRV

+ 2003-04-24 12:00:00 2,032 ----a-w I:\WINDOWS\system\MOUSE.DRV

+ 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\system\sntnlusb.sys

+ 1999-07-20 03:38:00 6,944 ----a-r I:\WINDOWS\system\sntusb95.sys

+ 2003-04-24 12:00:00 1,744 ----a-w I:\WINDOWS\system\SOUND.DRV

+ 2003-04-24 12:00:00 3,360 ----a-w I:\WINDOWS\system\SYSTEM.DRV

+ 2003-04-24 12:00:00 4,096 ----a-w I:\WINDOWS\system\TIMER.DRV

+ 2003-04-24 12:00:00 2,176 ----a-w I:\WINDOWS\system\VGA.DRV

+ 2003-04-24 12:00:00 13,600 ----a-w I:\WINDOWS\system\WFWNET.DRV

+ 2004-08-19 23:10:08 146,944 ----a-w I:\WINDOWS\system\winspool.drv

- 2004-08-19 23:08:00 8,704 ----a-w I:\WINDOWS\system32\asferror.dll

+ 2006-11-03 07:56:54 7,680 ----a-w I:\WINDOWS\system32\asferror.dll

+ 2006-10-18 19:47:08 276,992 ------w I:\WINDOWS\system32\audiodev.dll

- 2005-01-28 12:44:28 294,912 ----a-w I:\WINDOWS\system32\blackbox.dll

+ 2006-10-18 19:47:10 542,720 ----a-w I:\WINDOWS\system32\blackbox.dll

+ 2004-02-11 10:11:04 32,768 ----a-w I:\WINDOWS\system32\BlackKey.dll

- 2005-01-28 12:44:28 164,864 ----a-w I:\WINDOWS\system32\cewmdm.dll

+ 2006-10-18 19:47:10 229,376 ----a-w I:\WINDOWS\system32\cewmdm.dll

- 2005-12-15 16:48:20 172,032 ----a-w I:\WINDOWS\system32\cmuda.dll

+ 2006-06-15 16:03:48 172,032 ----a-w I:\WINDOWS\system32\cmuda.dll

+ 2003-04-24 12:00:00 10,544 ----a-w I:\WINDOWS\system32\comm.drv

+ 2008-07-14 18:36:05 262,144 ---ha-w I:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

+ 2004-08-19 23:23:25 1,788 ----a-w I:\WINDOWS\system32\dcache.bin

+ 2007-10-23 23:47:28 96,760 ----a-w I:\WINDOWS\system32\dfshim.dll

+ 2001-11-23 10:08:20 712,704 -c--a-w I:\WINDOWS\system32\dllcache\a3d.dll

- 2005-01-28 12:44:28 294,912 -c--a-w I:\WINDOWS\system32\dllcache\blackbox.dll

+ 2006-10-18 19:47:10 542,720 -c--a-w I:\WINDOWS\system32\dllcache\blackbox.dll

- 2005-01-28 12:44:28 164,864 -c--a-w I:\WINDOWS\system32\dllcache\cewmdm.dll

+ 2006-10-18 19:47:10 229,376 -c--a-w I:\WINDOWS\system32\dllcache\cewmdm.dll

+ 2004-08-04 06:07:58 60,288 -c--a-w I:\WINDOWS\system32\dllcache\drmk.sys

- 2005-01-28 12:44:28 502,272 -c--a-w I:\WINDOWS\system32\dllcache\drmv2clt.dll

+ 2006-10-18 19:47:10 991,744 -c--a-w I:\WINDOWS\system32\dllcache\drmv2clt.dll

+ 2007-03-22 18:24:58 28,160 -c----w I:\WINDOWS\system32\dllcache\FilterPipelinePrintProc.dll

+ 2004-08-19 23:09:28 21,504 -c--a-w I:\WINDOWS\system32\dllcache\hidserv.dll

+ 2004-08-19 23:00:36 14,848 -c--a-w I:\WINDOWS\system32\dllcache\kbdhid.sys

+ 2003-04-24 12:00:00 2,000 -c--a-w I:\WINDOWS\system32\dllcache\keyboard.drv

- 2004-08-04 07:15:22 140,928 -c--a-w I:\WINDOWS\system32\dllcache\ks.sys

+ 2004-08-04 06:15:22 140,928 -c--a-w I:\WINDOWS\system32\dllcache\ks.sys

- 2005-01-28 12:44:28 6,656 -c--a-w I:\WINDOWS\system32\dllcache\laprxy.dll

+ 2006-10-18 19:47:14 11,264 -c--a-w I:\WINDOWS\system32\dllcache\LAPRXY.dll

- 2005-01-28 12:44:28 96,768 -c--a-w I:\WINDOWS\system32\dllcache\logagent.exe

+ 2006-10-18 18:03:58 100,864 -c--a-w I:\WINDOWS\system32\dllcache\logagent.exe

+ 2003-04-24 12:00:00 2,560 -c--a-w I:\WINDOWS\system32\dllcache\lz32.dll

+ 2003-04-24 12:00:00 73,680 -c--a-w I:\WINDOWS\system32\dllcache\mciavi.drv

+ 2003-04-24 12:00:00 25,280 -c--a-w I:\WINDOWS\system32\dllcache\mciseq.drv

+ 2003-04-24 12:00:00 28,160 -c--a-w I:\WINDOWS\system32\dllcache\mciwave.drv

+ 2003-04-24 12:00:00 2,032 -c--a-w I:\WINDOWS\system32\dllcache\mouse.drv

- 2005-01-28 12:44:28 142,336 -c--a-w I:\WINDOWS\system32\dllcache\msnetobj.dll

+ 2006-10-18 19:47:16 179,712 -c--a-w I:\WINDOWS\system32\dllcache\msnetobj.dll

- 2005-01-28 12:44:28 25,088 -c--a-w I:\WINDOWS\system32\dllcache\mspmsnsv.dll

+ 2006-10-18 19:47:16 27,136 -c--a-w I:\WINDOWS\system32\dllcache\mspmsnsv.dll

- 2005-01-28 12:44:28 173,568 -c--a-w I:\WINDOWS\system32\dllcache\mspmsp.dll

+ 2006-10-18 19:47:16 175,616 -c--a-w I:\WINDOWS\system32\dllcache\mspmsp.dll

- 2005-01-28 12:44:28 364,784 -c--a-w I:\WINDOWS\system32\dllcache\msscp.dll

+ 2006-10-18 19:47:16 414,208 -c--a-w I:\WINDOWS\system32\dllcache\msscp.dll

- 2005-01-28 12:44:28 315,904 -c--a-w I:\WINDOWS\system32\dllcache\mswmdm.dll

+ 2006-10-18 19:47:16 321,536 -c--a-w I:\WINDOWS\system32\dllcache\mswmdm.dll

+ 2003-04-24 12:00:00 2,944 -c--a-w I:\WINDOWS\system32\dllcache\null.sys

+ 2004-08-04 06:15:50 145,792 -c--a-w I:\WINDOWS\system32\dllcache\portcls.sys

+ 2007-03-22 18:25:42 677,376 -c----w I:\WINDOWS\system32\dllcache\PrintFilterPipelineSvc.exe

- 2005-01-28 12:44:28 221,184 -c--a-w I:\WINDOWS\system32\dllcache\qasf.dll

+ 2006-10-18 19:47:18 211,456 -c--a-w I:\WINDOWS\system32\dllcache\qasf.dll

+ 2003-04-24 12:00:00 1,744 -c--a-w I:\WINDOWS\system32\dllcache\sound.drv

+ 2004-08-04 06:08:02 48,640 -c--a-w I:\WINDOWS\system32\dllcache\stream.sys

+ 2003-04-24 12:00:00 3,360 -c--a-w I:\WINDOWS\system32\dllcache\system.drv

+ 2003-04-24 12:00:00 4,096 -c--a-w I:\WINDOWS\system32\dllcache\timer.drv

+ 2003-04-24 12:00:00 2,176 -c--a-w I:\WINDOWS\system32\dllcache\vga.drv

+ 2003-04-24 12:00:00 13,600 -c--a-w I:\WINDOWS\system32\dllcache\wfwnet.drv

+ 2003-04-24 12:00:00 2,864 -c--a-w I:\WINDOWS\system32\dllcache\winsock.dll

+ 2003-04-24 12:00:00 2,112 -c--a-w I:\WINDOWS\system32\dllcache\winspool.exe

- 2005-01-28 12:44:28 396,528 -c--a-w I:\WINDOWS\system32\dllcache\wmadmod.dll

+ 2006-10-18 19:47:18 757,248 -c--a-w I:\WINDOWS\system32\dllcache\WMADMOD.dll

- 2005-01-28 12:44:28 716,288 -c--a-w I:\WINDOWS\system32\dllcache\wmadmoe.dll

+ 2006-10-18 19:47:18 1,117,696 -c--a-w I:\WINDOWS\system32\dllcache\WMADMOE.dll

- 2007-10-20 05:01:32 227,328 -c--a-w I:\WINDOWS\system32\dllcache\wmasf.dll

+ 2006-10-18 19:47:18 222,208 -c--a-w I:\WINDOWS\system32\dllcache\WMASF.dll

- 2005-01-28 12:44:28 28,160 -c--a-w I:\WINDOWS\system32\dllcache\wmdmlog.dll

+ 2006-10-18 19:47:18 33,792 -c--a-w I:\WINDOWS\system32\dllcache\wmdmlog.dll

- 2005-01-28 12:44:28 33,792 -c--a-w I:\WINDOWS\system32\dllcache\wmdmps.dll

+ 2006-10-18 19:47:18 37,376 -c--a-w I:\WINDOWS\system32\dllcache\wmdmps.dll

- 2005-01-28 12:44:28 150,016 -c--a-w I:\WINDOWS\system32\dllcache\wmidx.dll

+ 2006-10-18 19:47:20 157,184 -c--a-w I:\WINDOWS\system32\dllcache\wmidx.dll

- 2005-01-28 12:44:28 1,027,072 -c--a-w I:\WINDOWS\system32\dllcache\wmnetmgr.dll

+ 2006-10-18 19:47:20 937,984 -c--a-w I:\WINDOWS\system32\dllcache\WMNetMgr.dll

- 2004-08-19 23:10:05 73,728 -c--a-w I:\WINDOWS\system32\dllcache\wmplayer.exe

+ 2006-11-03 07:59:00 64,000 -c--a-w I:\WINDOWS\system32\dllcache\wmplayer.exe

- 2004-08-19 23:09:11 2,985,984 -c--a-w I:\WINDOWS\system32\dllcache\wmploc.dll

+ 2006-11-03 08:03:34 8,292,352 -c--a-w I:\WINDOWS\system32\dllcache\wmploc.dll

- 2005-01-28 12:44:28 774,904 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmod.dll

+ 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmod.dll

- 2005-01-28 12:44:28 1,119,744 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmoe2.dll

+ 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmoe2.dll

- 2005-01-28 12:44:28 413,944 -c--a-w I:\WINDOWS\system32\dllcache\wmspdmod.dll

+ 2006-10-18 19:47:22 603,648 -c--a-w I:\WINDOWS\system32\dllcache\WMSPDMOD.dll

- 2005-01-28 12:44:28 940,544 -c--a-w I:\WINDOWS\system32\dllcache\wmspdmoe.dll

+ 2006-10-18 19:47:22 1,329,152 -c--a-w I:\WINDOWS\system32\dllcache\WMSPDMOE.dll

- 2006-12-07 05:29:34 2,374,472 -c--a-w I:\WINDOWS\system32\dllcache\wmvcore.dll

+ 2006-10-18 19:47:22 2,450,944 -c--a-w I:\WINDOWS\system32\dllcache\wmvcore.dll

- 2005-01-28 12:44:28 895,736 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmod.dll

+ 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmod.dll

- 2005-01-28 12:44:28 1,003,008 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmoe2.dll

+ 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmoe2.dll

+ 2003-04-24 12:00:00 2,736 -c--a-w I:\WINDOWS\system32\dllcache\wowdeb.exe

- 2007-07-30 17:19:28 203,096 -c--a-w I:\WINDOWS\system32\dllcache\wuweb.dll

+ 2007-07-30 17:19:46 203,096 -c--a-w I:\WINDOWS\system32\dllcache\wuweb.dll

+ 2007-03-23 04:07:54 583,504 -c----w I:\WINDOWS\system32\dllcache\XPSSHHDR.dll

+ 2007-03-23 04:07:56 1,683,280 -c----w I:\WINDOWS\system32\dllcache\XpsSvcs.dll

- 2005-12-15 11:57:46 1,368,000 ----a-w I:\WINDOWS\system32\drivers\cmuda.sys

+ 2006-06-26 10:15:38 1,372,992 ----a-w I:\WINDOWS\system32\drivers\cmuda.sys

+ 2004-08-04 06:07:57 2,944 ----a-w I:\WINDOWS\system32\drivers\drmkaud.sys

+ 2004-08-19 23:00:36 14,848 ----a-w I:\WINDOWS\system32\drivers\kbdhid.sys

- 2004-08-04 07:15:22 140,928 ----a-w I:\WINDOWS\system32\drivers\ks.sys

+ 2004-08-04 06:15:22 140,928 ----a-w I:\WINDOWS\system32\drivers\ks.sys

+ 2001-08-17 21:00:04 2,944 ----a-w I:\WINDOWS\system32\drivers\msmpu401.sys

+ 2004-11-03 10:20:24 13,332 ----a-w I:\WINDOWS\system32\drivers\MWhid.sys

+ 2003-04-24 12:00:00 2,944 ----a-w I:\WINDOWS\system32\drivers\null.sys

+ 2007-06-28 18:20:42 37,896 ----a-w I:\WINDOWS\system32\drivers\oobctm.sys

+ 2008-03-29 11:46:24 22,328 ----a-w I:\WINDOWS\system32\drivers\PnkBstrK.sys

- 2004-08-04 06:15:49 145,792 ----a-w I:\WINDOWS\system32\drivers\portcls.sys

+ 2004-08-04 06:15:50 145,792 ----a-w I:\WINDOWS\system32\drivers\portcls.sys

+ 1999-07-20 03:38:00 73,216 ----a-w I:\WINDOWS\system32\drivers\SENTINEL.SYS

- 2007-08-29 19:24:03 685,816 ----a-w I:\WINDOWS\system32\drivers\sptd.sys

+ 2008-04-18 11:28:31 717,296 ----a-w I:\WINDOWS\system32\drivers\sptd.sys

+ 2008-02-25 18:50:37 102,664 ----a-w I:\WINDOWS\system32\drivers\tmcomm.sys

+ 2006-10-18 19:47:22 671,232 ------w I:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll

- 2005-01-28 12:44:28 18,944 ----a-w I:\WINDOWS\system32\drivers\wpdusb.sys

+ 2006-10-18 18:00:00 38,528 ----a-w I:\WINDOWS\system32\drivers\wpdusb.sys

+ 2006-09-28 16:55:50 77,568 ------w I:\WINDOWS\system32\drivers\WudfPf.sys

+ 2006-09-28 17:00:34 82,944 ------w I:\WINDOWS\system32\drivers\WudfRd.sys

+ 2006-10-18 18:00:46 249,856 ------w I:\WINDOWS\system32\drmupgds.exe

- 2005-01-28 12:44:28 502,272 ----a-w I:\WINDOWS\system32\drmv2clt.dll

+ 2006-10-18 19:47:10 991,744 ----a-w I:\WINDOWS\system32\drmv2clt.dll

- 2007-11-03 10:50:53 1,501,096 ----a-w I:\WINDOWS\system32\FNTCACHE.DAT

+ 2008-07-17 10:43:16 1,528,256 ----a-w I:\WINDOWS\system32\FNTCACHE.DAT

+ 2004-08-19 23:09:28 21,504 ----a-w I:\WINDOWS\system32\hidserv.dll

- 2007-09-24 20:30:28 135,168 ----a-w I:\WINDOWS\system32\java.exe

+ 2008-02-22 00:23:35 135,168 ----a-w I:\WINDOWS\system32\java.exe

- 2007-09-24 20:30:30 135,168 ----a-w I:\WINDOWS\system32\javaw.exe

+ 2008-02-22 00:23:39 135,168 ----a-w I:\WINDOWS\system32\javaw.exe

- 2007-09-24 21:31:42 139,264 ----a-w I:\WINDOWS\system32\javaws.exe

+ 2008-02-22 01:33:32 139,264 ----a-w I:\WINDOWS\system32\javaws.exe

+ 2003-04-24 12:00:00 2,000 ----a-w I:\WINDOWS\system32\keyboard.drv

+ 2004-08-19 23:09:30 4,096 ----a-w I:\WINDOWS\system32\ksuser(2).dll

+ 2003-04-24 12:00:00 224,448 ----a-w I:\WINDOWS\system32\lanman.drv

- 2005-01-28 12:44:28 6,656 ----a-w I:\WINDOWS\system32\laprxy.dll

+ 2006-10-18 19:47:14 11,264 ----a-w I:\WINDOWS\system32\LAPRXY.dll

- 2005-01-28 12:44:28 96,768 ----a-w I:\WINDOWS\system32\logagent.exe

+ 2006-10-18 18:03:58 100,864 ----a-w I:\WINDOWS\system32\logagent.exe

+ 2003-04-24 12:00:00 2,560 ----a-w I:\WINDOWS\system32\lz32.dll

+ 2008-03-25 02:32:44 218,496 ----a-r I:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe

- 2007-11-25 00:14:48 48,749 ----a-w I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

+ 2008-07-17 17:28:03 74,649 ----a-w I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

+ 2003-04-24 12:00:00 73,680 ----a-w I:\WINDOWS\system32\mciavi.drv

+ 2003-04-24 12:00:00 25,280 ----a-w I:\WINDOWS\system32\mciseq.drv

+ 2003-04-24 12:00:00 28,160 ----a-w I:\WINDOWS\system32\mciwave.drv

+ 2004-12-09 15:50:56 2,142,208 ----a-w I:\WINDOWS\system32\MegaStore.exe

+ 2006-10-18 19:47:14 212,992 ------w I:\WINDOWS\system32\MFPLAT.dll

+ 2003-04-24 12:00:00 2,032 ----a-w I:\WINDOWS\system32\mouse.drv

+ 2006-10-18 19:47:14 259,072 ------w I:\WINDOWS\system32\MP43DECD.dll

- 2004-08-19 23:09:31 310,272 ------w I:\WINDOWS\system32\mp43dmod.dll

+ 2006-10-18 19:47:14 4,096 ------w I:\WINDOWS\system32\MP43DMOD.dll

+ 2006-10-18 19:47:14 317,440 ------w I:\WINDOWS\system32\MP4SDECD.dll

- 2004-08-19 23:09:31 384,512 ------w I:\WINDOWS\system32\mp4sdmod.dll

+ 2006-10-18 19:47:14 4,096 ------w I:\WINDOWS\system32\MP4SDMOD.dll

+ 2006-10-18 19:47:14 259,072 ------w I:\WINDOWS\system32\MPG4DECD.dll

- 2004-08-19 23:09:31 240,640 ----a-w I:\WINDOWS\system32\mpg4dmod.dll

+ 2006-10-18 19:47:14 4,096 ----a-w I:\WINDOWS\system32\MPG4DMOD.dll

+ 2003-04-24 12:00:00 20,992 ----a-w I:\WINDOWS\system32\msacm32.drv

+ 2007-10-23 23:47:38 282,112 ----a-w I:\WINDOWS\system32\mscoree.dll

+ 2007-10-23 23:47:38 158,720 ----a-w I:\WINDOWS\system32\mscorier.dll

+ 2007-10-23 23:47:38 84,480 ----a-w I:\WINDOWS\system32\mscories.dll

+ 2006-10-02 13:28:42 312,128 ------w I:\WINDOWS\system32\msdelta.dll

+ 2005-07-26 07:59:48 86,016 ----a-w I:\WINDOWS\system32\MSffdrv.dll

+ 2005-08-23 15:10:02 880,640 ----a-w I:\WINDOWS\system32\MSffpage.dll

+ 2004-08-19 23:10:08 188,416 ----a-w I:\WINDOWS\system32\msh261.drv

+ 2004-08-20 00:10:08 294,912 ----a-w I:\WINDOWS\system32\msh263.drv

- 2005-01-28 12:44:28 142,336 ----a-w I:\WINDOWS\system32\msnetobj.dll

+ 2006-10-18 19:47:16 179,712 ----a-w I:\WINDOWS\system32\msnetobj.dll

- 2005-01-28 12:44:28 25,088 ----a-w I:\WINDOWS\system32\MsPMSNSv.dll

+ 2006-10-18 19:47:16 27,136 ----a-w I:\WINDOWS\system32\mspmsnsv.dll

- 2005-01-28 12:44:28 173,568 ----a-w I:\WINDOWS\system32\MsPMSP.dll

+ 2006-10-18 19:47:16 175,616 ----a-w I:\WINDOWS\system32\mspmsp.dll

- 2005-01-28 12:44:28 364,784 ----a-w I:\WINDOWS\system32\MSSCP.dll

+ 2006-10-18 19:47:16 414,208 ----a-w I:\WINDOWS\system32\msscp.dll

- 2005-01-28 12:44:28 315,904 ----a-w I:\WINDOWS\system32\MSWMDM.dll

+ 2006-10-18 19:47:16 321,536 ----a-w I:\WINDOWS\system32\mswmdm.dll

+ 2007-05-15 13:43:10 1,320,800 ----a-w I:\WINDOWS\system32\msxml6.dll

+ 2007-05-08 15:08:12 86,728 ----a-w I:\WINDOWS\system32\msxml6r.dll

+ 2007-10-23 23:47:44 15,360 ----a-w I:\WINDOWS\system32\mui\0409\mscorees.dll

+ 2005-09-23 05:28:56 32,768 ----a-w I:\WINDOWS\system32\netfxperf.dll

+ 2006-10-22 10:22:00 4,527,488 ----a-w I:\WINDOWS\system32\nv4_disp(3).dll

+ 2006-10-22 10:22:00 35,840 ----a-w I:\WINDOWS\system32\nvcod(2).dll

+ 2007-06-28 21:02:08 1,049,856 ----a-w I:\WINDOWS\system32\oodag.exe

+ 2007-06-28 20:58:50 17,152 ----a-w I:\WINDOWS\system32\oodagmg.dll

+ 2007-06-28 20:58:52 15,616 ----a-w I:\WINDOWS\system32\oodagrs.dll

+ 2007-06-28 21:00:26 193,792 ----a-w I:\WINDOWS\system32\oodbs.exe

+ 2007-06-28 20:58:52 9,984 ----a-w I:\WINDOWS\system32\oodbsrs.dll

+ 2007-06-28 21:01:00 2,512,128 ----a-w I:\WINDOWS\system32\oodtray.exe

+ 2007-06-28 20:59:12 206,080 ----a-w I:\WINDOWS\system32\oodtrrs.dll

+ 2007-06-28 18:19:48 15,104 ----a-w I:\WINDOWS\system32\ootmapi.dll

- 2007-10-28 09:54:07 39,992 ----a-w I:\WINDOWS\system32\perfc009.dat

+ 2008-07-15 15:03:10 90,608 ----a-w I:\WINDOWS\system32\perfc009.dat

- 2007-10-28 09:54:07 48,616 ----a-w I:\WINDOWS\system32\perfc00C.dat

+ 2008-07-15 15:03:10 109,860 ----a-w I:\WINDOWS\system32\perfc00C.dat

- 2007-10-28 09:54:07 311,604 ----a-w I:\WINDOWS\system32\perfh009.dat

+ 2008-07-15 15:03:10 487,864 ----a-w I:\WINDOWS\system32\perfh009.dat

- 2007-10-28 09:54:07 367,658 ----a-w I:\WINDOWS\system32\perfh00C.dat

+ 2008-07-15 15:03:10 563,722 ----a-w I:\WINDOWS\system32\perfh00C.dat

+ 2006-10-24 10:30:20 412,160 ------w I:\WINDOWS\system32\photometadatahandler.dll

+ 2008-03-27 08:49:56 66,872 ----a-w I:\WINDOWS\system32\PnkBstrA.exe

+ 2008-03-29 11:46:17 107,832 ----a-w I:\WINDOWS\system32\PnkBstrB.exe

+ 2006-10-18 19:47:18 284,160 ------w I:\WINDOWS\system32\PortableDeviceApi.dll

+ 2006-10-18 19:47:18 101,888 ------w I:\WINDOWS\system32\PortableDeviceClassExtension.dll

+ 2006-10-18 19:47:18 166,912 ------w I:\WINDOWS\system32\PortableDeviceTypes.dll

+ 2006-10-18 19:47:18 132,096 ------w I:\WINDOWS\system32\PortableDeviceWiaCompat.dll

+ 2006-10-18 19:47:18 199,168 ------w I:\WINDOWS\system32\PortableDeviceWMDRM.dll

+ 2007-03-22 18:25:02 124,928 ------w I:\WINDOWS\system32\prntvpt.dll

- 2005-01-28 12:44:28 221,184 ----a-w I:\WINDOWS\system32\qasf.dll

+ 2006-10-18 19:47:18 211,456 ----a-w I:\WINDOWS\system32\qasf.dll

- 2007-11-03 20:15:29 72,976 ----a-w I:\WINDOWS\system32\Restore\rstrlog.dat

+ 2008-07-17 10:42:19 688,816 ----a-w I:\WINDOWS\system32\Restore\rstrlog.dat

+ 2006-08-24 14:15:06 150,808 ----a-w I:\WINDOWS\system32\rgb9rast_2.dll

+ 1999-07-20 03:38:00 32,256 ----a-r I:\WINDOWS\system32\RNBOSENT\SETUPX86.EXE

+ 1999-07-20 03:38:00 17,920 ----a-w I:\WINDOWS\system32\RNBOVDD.DLL

+ 1999-07-20 03:38:00 47,616 ----a-w I:\WINDOWS\system32\SNTI386.DLL

+ 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\system32\sntnlusb.sys

+ 2003-04-24 12:00:00 1,744 ----a-w I:\WINDOWS\system32\sound.drv

- 2006-11-17 14:14:30 14,640 ------w I:\WINDOWS\system32\spmsg.dll

+ 2006-10-16 14:10:58 14,640 ------w I:\WINDOWS\system32\spmsg.dll

+ 2007-03-22 18:25:42 677,376 ------w I:\WINDOWS\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe

- 2005-06-28 08:21:46 22,752 ----a-w I:\WINDOWS\system32\spupdsvc.exe

+ 2006-10-16 14:10:58 23,856 ----a-w I:\WINDOWS\system32\spupdsvc.exe

+ 2003-04-24 12:00:00 3,360 ----a-w I:\WINDOWS\system32\system.drv

+ 2003-04-24 12:00:00 4,096 ----a-w I:\WINDOWS\system32\timer.drv

- 2005-01-28 12:44:28 47,104 ----a-w I:\WINDOWS\system32\uwdf.exe

+ 2006-10-18 19:58:00 8,704 ----a-w I:\WINDOWS\system32\uwdf.exe

+ 2003-04-24 12:00:00 2,176 ----a-w I:\WINDOWS\system32\vga.drv

- 2005-01-28 12:44:28 15,872 ----a-w I:\WINDOWS\system32\wdfapi.dll

+ 2006-10-18 19:47:18 4,096 ----a-w I:\WINDOWS\system32\wdfapi.dll

- 2005-01-28 12:44:28 38,912 ----a-w I:\WINDOWS\system32\wdfmgr.exe

+ 2006-10-18 19:58:00 8,704 ----a-w I:\WINDOWS\system32\wdfmgr.exe

+ 2004-08-19 23:10:08 23,552 ----a-w I:\WINDOWS\system32\wdmaud(2).drv

+ 2004-08-19 23:10:08 23,552 ----a-w I:\WINDOWS\system32\wdmaud.drv

+ 2003-04-24 12:00:00 13,600 ----a-w I:\WINDOWS\system32\wfwnet.drv

+ 2006-10-24 10:30:06 716,288 ------w I:\WINDOWS\system32\WindowsCodecs.dll

+ 2006-10-24 10:29:50 352,256 ------w I:\WINDOWS\system32\WindowsCodecsExt.dll

+ 2003-04-24 12:00:00 2,864 ----a-w I:\WINDOWS\system32\winsock.dll

+ 2004-08-19 23:10:08 146,944 ----a-w I:\WINDOWS\system32\winspool.drv

+ 2003-04-24 12:00:00 2,112 ----a-w I:\WINDOWS\system32\winspool.exe

- 2005-01-28 12:44:28 396,528 ----a-w I:\WINDOWS\system32\wmadmod.dll

+ 2006-10-18 19:47:18 757,248 ----a-w I:\WINDOWS\system32\wmadmod.dll

- 2005-01-28 12:44:28 716,288 ----a-w I:\WINDOWS\system32\wmadmoe.dll

+ 2006-10-18 19:47:18 1,117,696 ----a-w I:\WINDOWS\system32\WMADMOE.dll

- 2007-10-20 05:01:32 227,328 ----a-w I:\WINDOWS\system32\wmasf.dll

+ 2006-10-18 19:47:18 222,208 ----a-w I:\WINDOWS\system32\wmasf.dll

- 2005-01-28 12:44:28 28,160 ----a-w I:\WINDOWS\system32\WMDMLOG.dll

+ 2006-10-18 19:47:18 33,792 ----a-w I:\WINDOWS\system32\wmdmlog.dll

- 2005-01-28 12:44:28 33,792 ----a-w I:\WINDOWS\system32\WMDMPS.dll

+ 2006-10-18 19:47:18 37,376 ----a-w I:\WINDOWS\system32\wmdmps.dll

- 2005-01-28 12:44:28 335,872 ----a-w I:\WINDOWS\system32\WMDRMdev.dll

+ 2006-10-18 19:47:18 429,056 ----a-w I:\WINDOWS\system32\wmdrmdev.dll

- 2005-01-28 12:44:28 290,816 ----a-w I:\WINDOWS\system32\WMDRMNet.dll

+ 2006-10-18 19:47:20 348,672 ----a-w I:\WINDOWS\system32\wmdrmnet.dll

+ 2006-10-18 19:47:20 535,040 ------w I:\WINDOWS\system32\wmdrmsdk.dll

- 2004-08-19 23:09:07 200,704 ------w I:\WINDOWS\system32\wmerror.dll

+ 2006-11-03 07:58:42 272,384 ------w I:\WINDOWS\system32\wmerror.dll

- 2005-01-28 12:44:28 150,016 ----a-w I:\WINDOWS\system32\wmidx.dll

+ 2006-10-18 19:47:20 157,184 ----a-w I:\WINDOWS\system32\wmidx.dll

- 2005-01-28 12:44:28 1,027,072 ----a-w I:\WINDOWS\system32\wmnetmgr.dll

+ 2006-10-18 19:47:20 937,984 ----a-w I:\WINDOWS\system32\WMNetMgr.dll

- 2007-04-30 00:22:16 4,734,976 ------w I:\WINDOWS\system32\wmp.dll

+ 2006-10-18 19:47:20 10,834,432 ------w I:\WINDOWS\system32\wmp.dll

- 2004-08-19 23:09:49 114,688 ------w I:\WINDOWS\system32\wmpasf.dll

+ 2006-10-18 19:47:20 242,688 ------w I:\WINDOWS\system32\wmpasf.dll

- 2004-08-19 23:09:49 233,472 ------w I:\WINDOWS\system32\wmpdxm.dll

+ 2006-10-18 19:47:20 314,880 ------w I:\WINDOWS\system32\wmpdxm.dll

+ 2006-10-18 19:47:20 295,936 ------w I:\WINDOWS\system32\wmpeffects.dll

+ 2006-10-18 19:47:20 1,661,440 ------w I:\WINDOWS\system32\wmpencen.dll

+ 2006-10-24 10:30:00 276,992 ------w I:\WINDOWS\system32\WMPhoto.dll

- 2004-08-19 23:09:11 2,985,984 ----a-w I:\WINDOWS\system32\wmploc.dll

+ 2006-11-03 08:03:34 8,292,352 ----a-w I:\WINDOWS\system32\wmploc.dll

+ 2006-10-18 19:47:20 613,376 ------w I:\WINDOWS\system32\wmpmde.dll

+ 2006-10-18 19:47:20 130,048 ------w I:\WINDOWS\system32\wmpps.dll

- 2004-08-19 23:09:49 102,400 ----a-w I:\WINDOWS\system32\wmpshell.dll

+ 2006-11-03 07:59:06 99,840 ----a-w I:\WINDOWS\system32\wmpshell.dll

+ 2006-10-18 19:47:20 204,288 ------w I:\WINDOWS\system32\wmpsrcwp.dll

- 2005-01-28 12:44:28 774,904 ----a-w I:\WINDOWS\system32\wmsdmod.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmsdmod.dll

- 2005-01-28 12:44:28 1,119,744 ----a-w I:\WINDOWS\system32\wmsdmoe2.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmsdmoe2.dll

- 2005-01-28 12:44:28 413,944 ----a-w I:\WINDOWS\system32\wmspdmod.dll

+ 2006-10-18 19:47:22 603,648 ----a-w I:\WINDOWS\system32\WMSPDMOD.dll

- 2005-01-28 12:44:28 940,544 ----a-w I:\WINDOWS\system32\wmspdmoe.dll

+ 2006-10-18 19:47:22 1,329,152 ----a-w I:\WINDOWS\system32\WMSPDMOE.dll

- 2005-01-28 12:44:28 1,218,808 ----a-w I:\WINDOWS\system32\wmvadvd.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\WMVADVD.dll

- 2005-01-28 12:44:28 1,512,448 ----a-w I:\WINDOWS\system32\WMVADVE.DLL

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\WMVADVE.DLL

- 2006-12-07 05:29:34 2,374,472 ----a-w I:\WINDOWS\system32\wmvcore.dll

+ 2006-10-18 19:47:22 2,450,944 ----a-w I:\WINDOWS\system32\wmvcore.dll

+ 2006-10-18 19:47:22 1,543,680 ------w I:\WINDOWS\system32\WMVDECOD.dll

- 2005-01-28 12:44:28 895,736 ----a-w I:\WINDOWS\system32\wmvdmod.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmvdmod.dll

- 2005-01-28 12:44:28 1,003,008 ----a-w I:\WINDOWS\system32\wmvdmoe2.dll

+ 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmvdmoe2.dll

+ 2006-10-18 19:47:22 1,574,912 ------w I:\WINDOWS\system32\WMVENCOD.dll

+ 2006-10-18 19:47:22 1,382,912 ------w I:\WINDOWS\system32\WMVSDECD.dll

+ 2006-10-18 19:47:22 767,488 ------w I:\WINDOWS\system32\WMVSENCD.dll

+ 2006-10-18 19:47:22 656,896 ------w I:\WINDOWS\system32\WMVXENCD.dll

+ 2003-04-24 12:00:00 2,736 ----a-w I:\WINDOWS\system32\wowdeb.exe

- 2005-01-28 12:44:28 38,912 ----a-w I:\WINDOWS\system32\wpd_ci.dll

+ 2006-10-18 19:47:22 629,760 ----a-w I:\WINDOWS\system32\wpd_ci.dll

- 2005-01-28 12:44:28 61,952 ----a-w I:\WINDOWS\system32\wpdconns.dll

+ 2006-10-18 19:47:22 35,840 ----a-w I:\WINDOWS\system32\wpdconns.dll

- 2005-01-28 12:44:28 114,176 ----a-w I:\WINDOWS\system32\wpdmtp.dll

+ 2006-10-18 19:47:22 154,624 ----a-w I:\WINDOWS\system32\wpdmtp.dll

- 2005-01-28 12:44:28 66,560 ----a-w I:\WINDOWS\system32\wpdmtpus.dll

+ 2006-10-18 19:47:22 63,488 ----a-w I:\WINDOWS\system32\wpdmtpus.dll

+ 2006-10-18 19:47:22 2,603,008 ------w I:\WINDOWS\system32\WpdShext.dll

+ 2006-10-18 18:00:14 17,408 ------w I:\WINDOWS\system32\wpdshextautoplay.exe

+ 2006-11-02 09:52:12 44,032 ------w I:\WINDOWS\system32\wpdshextres.dll

+ 2006-10-18 19:47:22 133,632 ------w I:\WINDOWS\system32\WPDShServiceObj.dll

- 2005-01-28 12:44:28 331,264 ----a-w I:\WINDOWS\system32\wpdsp.dll

+ 2006-10-18 19:47:22 356,352 ----a-w I:\WINDOWS\system32\wpdsp.dll

+ 2006-09-28 18:13:26 95,344 ------w I:\WINDOWS\system32\WUDFCoinstaller.dll

+ 2006-09-28 16:56:38 146,432 ------w I:\WINDOWS\system32\WudfHost.exe

+ 2006-09-28 16:56:16 165,376 ------w I:\WINDOWS\system32\WudfPlatform.dll

+ 2006-09-28 16:56:14 55,808 ------w I:\WINDOWS\system32\WudfSvc.dll

+ 2006-09-28 16:56:38 316,416 ------w I:\WINDOWS\system32\WUDFx.dll

- 2007-07-30 17:19:28 203,096 ----a-w I:\WINDOWS\system32\wuweb.dll

+ 2007-07-30 17:19:46 203,096 ----a-w I:\WINDOWS\system32\wuweb.dll

+ 2007-03-23 04:07:54 583,504 ------w I:\WINDOWS\system32\XPSSHHDR.dll

+ 2007-03-23 04:07:56 1,683,280 ------w I:\WINDOWS\system32\XpsSvcs.dll

+ 2000-08-31 06:00:00 49,152 ----a-w I:\WINDOWS\VFind.exe

+ 2008-07-15 15:02:50 8,192 ----a-w I:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

+ 2006-12-01 20:56:00 96,256 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll

+ 2007-10-23 23:47:56 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcm80.dll

+ 2007-10-23 23:47:56 558,080 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll

+ 2007-10-23 23:47:56 635,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll

- 2005-09-22 21:48:08 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll

+ 2005-09-23 05:29:16 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll

- 2005-09-22 21:48:08 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll

+ 2005-09-23 05:29:16 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll

- 2005-09-22 21:48:06 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll

+ 2005-09-23 05:29:16 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll

+ 2006-12-01 21:54:32 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll

+ 2006-12-01 21:54:34 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll

+ 2006-12-01 21:54:32 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

+ 2006-12-01 23:25:52 1,101,824 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll

+ 2006-12-01 23:25:56 1,093,120 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll

+ 2006-12-01 23:25:58 69,632 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll

+ 2006-12-01 23:26:00 57,856 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll

+ 2006-12-01 22:08:00 40,960 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll

+ 2006-12-01 22:08:00 45,056 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll

+ 2006-12-01 22:08:00 65,536 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll

+ 2006-12-01 22:08:00 57,344 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll

+ 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll

+ 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll

+ 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll

+ 2006-12-01 22:08:00 49,152 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll

+ 2006-12-01 22:08:00 49,152 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll

+ 2006-12-01 22:46:44 65,536 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll

+ 2007-11-07 15:19:32 161,784 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll

+ 2007-11-07 10:23:58 224,768 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll

+ 2007-11-07 15:19:34 568,832 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll

+ 2007-11-07 15:19:34 655,872 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll

+ 2007-11-07 15:19:38 1,156,600 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll

+ 2007-11-07 15:19:38 1,162,744 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll

+ 2007-11-07 12:51:08 59,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll

+ 2007-11-07 12:51:08 59,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll

+ 2007-11-07 15:19:16 41,472 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll

+ 2007-11-07 15:19:16 41,984 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll

+ 2007-11-07 15:19:28 60,928 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll

+ 2007-11-07 15:19:22 54,272 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll

+ 2007-11-07 15:19:22 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll

+ 2007-11-07 15:19:22 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll

+ 2007-11-07 15:19:28 60,416 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll

+ 2007-11-07 15:19:28 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll

+ 2007-11-07 15:19:16 47,104 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll

+ 2007-11-07 15:19:16 46,592 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll

+ 2007-11-07 15:19:22 54,272 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll

+ 2008-07-15 15:02:57 258,048 ----a-w I:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

+ 2008-07-15 15:02:57 113,664 ----a-w I:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

+ 2000-08-31 06:00:00 68,096 ----a-w I:\WINDOWS\zip.exe

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="I:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]

"Steam"="i:\program files\valve\steam\steam.exe" [2008-06-07 17:47 1271032]

"msnmsgr"="I:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352]

"swg"="I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-15 00:11 68856]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PowerStrip"="i:\program files\powerstrip\pstrip.exe" [2007-07-14 11:35 730360]

"NvCplDaemon"="I:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480]

"MessengerPlus3"="I:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-08-14 17:51 190024]

"BigDogPath"="I:\WINDOWS\VM_STI.EXE" [2004-11-29 08:28 40960]

"nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 I:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="NvMCTray.dll" [2006-10-22 12:22 86016 I:\WINDOWS\system32\nvmctray.dll]

"Cmaudio"="cmicnfg.cpl" [N/A]

 

I:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

Outil de mise … jour Google.lnk - I:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-15 00:11:11 124912]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"SENTINEL"= snti386.dll

 

[HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]

path=I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk

backup=I:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]

--a------ 2007-06-11 11:25 6731312 I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-squared]

--a------ 2008-07-14 19:00 2132112 I:\Program Files\a-squared Anti-Malware\a2guard.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]

--a------ 2006-01-18 15:52 229416 I:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

--a------ 2008-04-01 11:39 486856 I:\Program Files\DAEMON Tools Lite\daemon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HiYo]

I:\Program Files\HiYo\bin\HiYo.exe [N/A]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]

--a------ 2008-04-01 12:40 172280 I:\Program Files\ICQ6\ICQ.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

-ra------ 2001-07-09 12:50 155648 I:\WINDOWS\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]

--a------ 2007-06-28 23:01 2512128 I:\WINDOWS\system32\oodtray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]

--a------ 2007-10-23 02:47 360448 I:\Program Files\Winamp Remote\bin\OrbTray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]

--------- 2003-06-24 15:23 61440 I:\Program Files\Home Cinema\PowerCinema\PCMService.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2008-02-22 05:25 144784 I:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]

--a------ 2007-05-15 16:34 3975848 I:\Program Files\TomTom HOME\TomTomHOME.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]

I:\Program Files\Unlocker\UnlockerAssistant.exe [N/A]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

--a------ 2007-10-10 07:28 36352 I:\Program Files\Winamp\winampa.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{7147f2b1-74f9-82c9-6bdd-49be6cbfe9fb}]

I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll [N/A]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Corporation Svchost Service]

mssvc.exe [N/A]

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"I:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=

"I:\\Program Files\\MSN Messenger\\livecall.exe"=

"I:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"=

"I:\\Program Files\\ICQ6\\ICQ.exe"=

"I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\Win32\\RpcDataSrv.exe"=

"I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\RpcSandraSrv.exe"=

"I:\\Program Files\\LimeWire\\LimeWire.exe"=

"I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\PCM.exe"=

"I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\Autorun\\Exe\\Autorun.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3478:UDP"= 3478:UDP:stun

"3479:UDP"= 3479:UDP:stun 2

"6112:UDP"= 6112:UDP:stun 3

"5730:UDP"= 5730:UDP:game

"5739:UDP"= 5739:UDP:game 1

"9001:TCP"= 9001:TCP:game 2

"11881:TCP"= 11881:TCP:game 3

"11881:UDP"= 11881:UDP:game4

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

 

R0 avgntmgr;avgntmgr;I:\WINDOWS\system32\drivers\avgntmgr.sys [2005-07-04 11:58]

R1 appdrv01;Application Driver (01);I:\WINDOWS\system32\Drivers\appdrv01.sys [2008-07-11 20:33]

R1 avgntdd;avgntdd;I:\WINDOWS\system32\DRIVERS\avgntdd.sys [2005-08-23 15:32]

R2 PStrip;PStrip;I:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 03:37]

R3 Cap7134;MEDION (7134) WDM Video Capture;I:\WINDOWS\system32\DRIVERS\Cap7134.sys [2002-11-04 17:29]

R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;I:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2002-11-04 17:32]

S1 hidfltr;HID Filter Driver;I:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 12:20]

S2 appdrvrem01;Application Driver Auto Removal Service (01);I:\WINDOWS\System32\appdrvrem01.exe svc []

S3 ewdmaudn;ewdmaudn;I:\DOCUME~1\BENOIT~1\LOCALS~1\Temp\ewdmaudn.sys []

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2291a4b8-0870-11dd-b659-000c76febb28}]

\Shell\AutoRun\command - K:\Exe\Autorun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{360363b4-0d3b-11dd-b665-000c76febb28}]

\Shell\AutoRun\command - G:\Exe\Autorun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c0f6098-3a40-11dd-b6c8-000c76febb28}]

\Shell\AutoRun\command - L:\InstallTomTomHOME.exe

.

Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

"2008-07-12 22:36:01 I:\WINDOWS\Tasks\At1.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-15 07:00:02 I:\WINDOWS\Tasks\At10.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 08:07:03 I:\WINDOWS\Tasks\At11.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 09:07:14 I:\WINDOWS\Tasks\At12.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 10:07:15 I:\WINDOWS\Tasks\At13.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 11:07:22 I:\WINDOWS\Tasks\At14.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 12:07:21 I:\WINDOWS\Tasks\At15.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 13:00:05 I:\WINDOWS\Tasks\At16.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 14:00:02 I:\WINDOWS\Tasks\At17.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 15:00:01 I:\WINDOWS\Tasks\At18.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 16:00:05 I:\WINDOWS\Tasks\At19.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-12 23:00:01 I:\WINDOWS\Tasks\At2.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 17:00:02 I:\WINDOWS\Tasks\At20.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 18:00:27 I:\WINDOWS\Tasks\At21.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 19:00:03 I:\WINDOWS\Tasks\At22.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 20:00:00 I:\WINDOWS\Tasks\At23.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 21:00:00 I:\WINDOWS\Tasks\At24.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-12 22:56:10 I:\WINDOWS\Tasks\At25.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-12 23:00:10 I:\WINDOWS\Tasks\At26.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 00:00:10 I:\WINDOWS\Tasks\At27.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

- È:\îP˜

"2008-07-13 01:00:10 I:\WINDOWS\Tasks\At28.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 02:00:10 I:\WINDOWS\Tasks\At29.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 00:00:01 I:\WINDOWS\Tasks\At3.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-13 03:00:10 I:\WINDOWS\Tasks\At30.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 04:00:10 I:\WINDOWS\Tasks\At31.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 05:00:00 I:\WINDOWS\Tasks\At32.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 06:00:00 I:\WINDOWS\Tasks\At33.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-15 07:00:00 I:\WINDOWS\Tasks\At34.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 08:00:00 I:\WINDOWS\Tasks\At35.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 09:00:00 I:\WINDOWS\Tasks\At36.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 10:00:00 I:\WINDOWS\Tasks\At37.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 11:00:00 I:\WINDOWS\Tasks\At38.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-18 12:00:00 I:\WINDOWS\Tasks\At39.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-13 01:00:01 I:\WINDOWS\Tasks\At4.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 13:00:10 I:\WINDOWS\Tasks\At40.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 14:00:10 I:\WINDOWS\Tasks\At41.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 15:00:10 I:\WINDOWS\Tasks\At42.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 16:00:10 I:\WINDOWS\Tasks\At43.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 17:00:10 I:\WINDOWS\Tasks\At44.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 18:08:50 I:\WINDOWS\Tasks\At45.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 19:07:32 I:\WINDOWS\Tasks\At46.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 20:00:00 I:\WINDOWS\Tasks\At47.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-17 21:00:00 I:\WINDOWS\Tasks\At48.job"

- I:\WINDOWS\system32\HJO0GNU5.exe

"2008-07-12 22:10:00 I:\WINDOWS\Tasks\At49.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 02:00:01 I:\WINDOWS\Tasks\At5.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-12 23:00:00 I:\WINDOWS\Tasks\At50.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 00:00:00 I:\WINDOWS\Tasks\At51.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 01:00:00 I:\WINDOWS\Tasks\At52.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 02:00:00 I:\WINDOWS\Tasks\At53.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 03:00:00 I:\WINDOWS\Tasks\At54.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 04:00:00 I:\WINDOWS\Tasks\At55.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 05:00:00 I:\WINDOWS\Tasks\At56.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 06:00:00 I:\WINDOWS\Tasks\At57.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-15 07:00:00 I:\WINDOWS\Tasks\At58.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-18 08:00:00 I:\WINDOWS\Tasks\At59.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 03:00:01 I:\WINDOWS\Tasks\At6.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-18 09:00:00 I:\WINDOWS\Tasks\At60.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-18 10:00:00 I:\WINDOWS\Tasks\At61.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-18 11:00:00 I:\WINDOWS\Tasks\At62.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-18 12:00:00 I:\WINDOWS\Tasks\At63.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 13:00:00 I:\WINDOWS\Tasks\At64.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 14:00:00 I:\WINDOWS\Tasks\At65.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 15:00:00 I:\WINDOWS\Tasks\At66.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 16:00:00 I:\WINDOWS\Tasks\At67.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 17:00:00 I:\WINDOWS\Tasks\At68.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 18:00:25 I:\WINDOWS\Tasks\At69.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-13 04:00:01 I:\WINDOWS\Tasks\At7.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 19:00:00 I:\WINDOWS\Tasks\At70.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 20:00:00 I:\WINDOWS\Tasks\At71.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-17 21:00:00 I:\WINDOWS\Tasks\At72.job"

- I:\WINDOWS\system32\NW1iG6cU.exe

"2008-07-12 22:58:01 I:\WINDOWS\Tasks\At73.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-12 23:00:01 I:\WINDOWS\Tasks\At74.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 00:00:01 I:\WINDOWS\Tasks\At75.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 01:00:01 I:\WINDOWS\Tasks\At76.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 02:00:01 I:\WINDOWS\Tasks\At77.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 03:00:01 I:\WINDOWS\Tasks\At78.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-13 04:00:01 I:\WINDOWS\Tasks\At79.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 05:00:02 I:\WINDOWS\Tasks\At8.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 05:00:02 I:\WINDOWS\Tasks\At80.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 06:00:02 I:\WINDOWS\Tasks\At81.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-15 07:00:02 I:\WINDOWS\Tasks\At82.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 08:00:00 I:\WINDOWS\Tasks\At83.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 09:00:00 I:\WINDOWS\Tasks\At84.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 10:00:00 I:\WINDOWS\Tasks\At85.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 11:00:00 I:\WINDOWS\Tasks\At86.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-18 12:00:00 I:\WINDOWS\Tasks\At87.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 13:00:10 I:\WINDOWS\Tasks\At88.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 14:00:02 I:\WINDOWS\Tasks\At89.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 06:00:02 I:\WINDOWS\Tasks\At9.job"

- I:\WINDOWS\system32\C3DL15v4.exe

"2008-07-17 15:00:01 I:\WINDOWS\Tasks\At90.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 16:00:09 I:\WINDOWS\Tasks\At91.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 17:00:03 I:\WINDOWS\Tasks\At92.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 18:00:27 I:\WINDOWS\Tasks\At93.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 19:00:03 I:\WINDOWS\Tasks\At94.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 20:00:00 I:\WINDOWS\Tasks\At95.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 21:00:00 I:\WINDOWS\Tasks\At96.job"

- I:\WINDOWS\system32\tOgc374C.exe

"2008-07-17 12:40:07 I:\WINDOWS\Tasks\User_Feed_Synchronization-{4274763A-B51A-48F2-A192-02DCE7262C32}.job"

- I:\WINDOWS\system32\msfeedssync.exe

.

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-07-18 14:31:26

Windows 5.1.2600 Service Pack 2 NTFS

 

Balayage processus cachés ...

 

Balayage caché autostart entries ...

 

Balayage des fichiers cachés ...

 

Scan terminé avec succès

Les fichiers cachés: 0

 

**************************************************************************

.

Temps d'accomplissement: 2008-07-18 14:32:53

ComboFix-quarantined-files.txt 2008-07-18 12:32:35

ComboFix2.txt 2008-01-20 20:43:00

 

Pre-Run: 177,256,910,848 octets libres

Post-Run: 177,319,284,736 octets libres

 

1140 --- E O F --- 2008-01-10 00:54:35

 

Drog- Member

Drog-

Posté(e)
  • Auteur
Posté(e)

voici mon nouveau rapport hijackthis :

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:42:37, on 18/07/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Boot mode: Normal

 

Running processes:

I:\WINDOWS\System32\smss.exe

I:\WINDOWS\system32\winlogon.exe

I:\WINDOWS\system32\services.exe

I:\WINDOWS\system32\lsass.exe

I:\WINDOWS\system32\svchost.exe

I:\WINDOWS\System32\svchost.exe

I:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

I:\WINDOWS\system32\spoolsv.exe

I:\Program Files\a-squared Anti-Malware\a2service.exe

I:\Program Files\AntiVir PersonalEdition Classic\sched.exe

I:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

I:\WINDOWS\System32\FTRTSVC.exe

I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

I:\WINDOWS\system32\nvsvc32.exe

I:\WINDOWS\system32\oodag.exe

I:\WINDOWS\system32\PnkBstrA.exe

I:\WINDOWS\System32\svchost.exe

I:\WINDOWS\system32\wscntfy.exe

I:\program files\powerstrip\pstrip.exe

I:\Program Files\MessengerPlus! 3\MsgPlus.exe

I:\WINDOWS\VM_STI.EXE

I:\WINDOWS\system32\ctfmon.exe

I:\program files\valve\steam\steam.exe

I:\Program Files\MSN Messenger\MsnMsgr.Exe

I:\Program Files\Google\Google Updater\GoogleUpdater.exe

I:\Program Files\MSN Messenger\usnsvc.exe

I:\WINDOWS\explorer.exe

I:\Program Files\Internet Explorer\IEXPLORE.EXE

I:\WINDOWS\system32\msiexec.exe

I:\Program Files\Internet Explorer\IEXPLORE.EXE

I:\Program Files\Internet Explorer\IEXPLORE.EXE

I:\Program Files\WinRAR\WinRAR.exe

I:\DOCUME~1\BENOIT~1\LOCALS~1\Temp\Rar$EX00.031\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - I:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [PowerStrip] i:\program files\powerstrip\pstrip.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [MessengerPlus3] "I:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [bigDogPath] I:\WINDOWS\VM_STI.EXE ZSMC USB PC Camera

O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [steam] "i:\program files\valve\steam\steam.exe" -silent

O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - Global Startup: Outil de mise à jour Google.lnk = I:\Program Files\Google\Google Updater\GoogleUpdater.exe

O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - I:\Program Files\a-squared Anti-Malware\a2service.exe

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - I:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - I:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - I:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - I:\WINDOWS\System32\appdrvrem01.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - I:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe

O23 - Service: O&O Defrag - O&O Software GmbH - I:\WINDOWS\system32\oodag.exe

O23 - Service: PnkBstrA - Unknown owner - I:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - I:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe

O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - I:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - I:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

 

--

End of file - 5104 bytes

angelique Devil Member !

angelique

Posté(e)
Posté(e)

• Télécharger OTMoveIt2 par OldTimer.

 

http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

 

* Enregistrer ce fichier sur le Bureau.

* Faire un double clic sur OTMoveIt2.exe pour lancer l'exécution de l'outil. (Note: Si vous utilisez Vista, faire un clic droit sur le fichier puis choisir Exécuter en tant qu'administrateur).

* Copier les lignes de la zone "Code" ci-dessous dans le Presse-papiers en les sélectionnant TOUTES puis en appuyant simultanément sur les touches CTRL et C (ou, après les avoir sélectionnées, en faisant un clic droit puis en choisissant Copier):

I:\WINDOWS\Tasks\At*.job

* Retourner dans la fenêtre de OTMoveIt2, faire un clic droit dans la zone "Paste List of Files/Folders to Move" ) puis choisir Coller.

* Cliquer sur le bouton rouge Moveit!.

* Copier tout ce qui se trouve dans la zone Results (sous la barre verte) dans le Presse-papiers en sélectionnant TOUTES LES LIGNES puis en appuyant simultanément sur les touches CTRL et C (ou, après les avoir sélectionnées, en faisant un clic droit puis en choisissant Copier), et coller ces résulats en réponse sur le forum.

* Fermer OTMoveIt2

 

Note: Si un fichier ou un dossier ne peut pas être déplacé immédiatement, un redémarrage sera peut-être nécessaire afin de terminer le processus de déplacement. Si le redémarrage de la machine vous est demandé, choisir Oui/Yes. Dans ce cas, après le redémarrage, ouvrir le Bloc-notes (Démarrer->Tous les programmes->Accessoires->Bloc-notes), cliquer sur Fichier->Ouvrir, dans la zone "Nom du fichier" taper *.log et appuyer sur la touche Entrée, naviguer jusqu'au dossier C:\_OTMoveIt\MovedFiles, puis ouvrir le fichier .log le plus récent; ensuite faire un copier/coller du contenu de ce document en réponse sur le forum.

 

• ouvre ton bloc note[executer--notepad] et copies/colles le contenu du cadre ci dessous:

 

Driver::
ewdmaudn

File::
I:\WINDOWS\system32\tOgc374C.exe
I:\WINDOWS\system32\NW1iG6cU.exe
I:\WINDOWS\system32\HJO0GNU5.exe
I:\WINDOWS\system32\C3DL15v4.exe
I:\SDFix.exe
I:\WINDOWS\NV35763580.TMP
I:\WINDOWS\system32\tOgc374C.exe.a_a
I:\WINDOWS\system32\NW1iG6cU.exe.a_a
I:\WINDOWS\system32\kkkcccypnwb.exe
I:\WINDOWS\system32\HJO0GNU5.exe.a_a
I:\WINDOWS\system32\C3DL15v4.exe.a_a
I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll

Renv::
I:\Program Files\XARA\Xara Menu Maker 1.0 .exe

Folder::
I:\VundoFix Backups

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{7147f2b1-74f9-82c9-6bdd-49be6cbfe9fb}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Corporation Svchost Service]

 

[*]Va en haut de la page et clique sur le menu"Fichier" , une liste apparait=>

[*]Choisis "Enregistrer sous" et choisis "Bureau"

[*]Dans le champs "Nom du fichier" en bas de page donne le nom suivant:CFScript

[*]Clique sur le bouton "Enregistrer" à droite du champs "nom du fichier"

[*]Quitte le Bloc Notes.

[*]Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture

 

 

CFScript.gif

 

 

* suis les instructions

* Patiente le temps du scan.Le bureau va disparaitre à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

* Si le fichier n'apparait pas, il se trouve ici > C:\ComboFix.txt

Drog- Member

Drog-

Posté(e)
  • Auteur
Posté(e)

resultat pour le 1er code :

 

< I:\WINDOWS\Tasks\At*.job >

I:\WINDOWS\Tasks\At1.job moved successfully.

I:\WINDOWS\Tasks\At10.job moved successfully.

I:\WINDOWS\Tasks\At11.job moved successfully.

I:\WINDOWS\Tasks\At12.job moved successfully.

I:\WINDOWS\Tasks\At13.job moved successfully.

I:\WINDOWS\Tasks\At14.job moved successfully.

I:\WINDOWS\Tasks\At15.job moved successfully.

I:\WINDOWS\Tasks\At16.job moved successfully.

I:\WINDOWS\Tasks\At17.job moved successfully.

I:\WINDOWS\Tasks\At18.job moved successfully.

I:\WINDOWS\Tasks\At19.job moved successfully.

I:\WINDOWS\Tasks\At2.job moved successfully.

I:\WINDOWS\Tasks\At20.job moved successfully.

I:\WINDOWS\Tasks\At21.job moved successfully.

I:\WINDOWS\Tasks\At22.job moved successfully.

I:\WINDOWS\Tasks\At23.job moved successfully.

I:\WINDOWS\Tasks\At24.job moved successfully.

I:\WINDOWS\Tasks\At25.job moved successfully.

I:\WINDOWS\Tasks\At26.job moved successfully.

I:\WINDOWS\Tasks\At27.job moved successfully.

I:\WINDOWS\Tasks\At28.job moved successfully.

I:\WINDOWS\Tasks\At29.job moved successfully.

I:\WINDOWS\Tasks\At3.job moved successfully.

I:\WINDOWS\Tasks\At30.job moved successfully.

I:\WINDOWS\Tasks\At31.job moved successfully.

I:\WINDOWS\Tasks\At32.job moved successfully.

I:\WINDOWS\Tasks\At33.job moved successfully.

I:\WINDOWS\Tasks\At34.job moved successfully.

I:\WINDOWS\Tasks\At35.job moved successfully.

I:\WINDOWS\Tasks\At36.job moved successfully.

I:\WINDOWS\Tasks\At37.job moved successfully.

I:\WINDOWS\Tasks\At38.job moved successfully.

I:\WINDOWS\Tasks\At39.job moved successfully.

I:\WINDOWS\Tasks\At4.job moved successfully.

I:\WINDOWS\Tasks\At40.job moved successfully.

I:\WINDOWS\Tasks\At41.job moved successfully.

I:\WINDOWS\Tasks\At42.job moved successfully.

I:\WINDOWS\Tasks\At43.job moved successfully.

I:\WINDOWS\Tasks\At44.job moved successfully.

I:\WINDOWS\Tasks\At45.job moved successfully.

I:\WINDOWS\Tasks\At46.job moved successfully.

I:\WINDOWS\Tasks\At47.job moved successfully.

I:\WINDOWS\Tasks\At48.job moved successfully.

I:\WINDOWS\Tasks\At49.job moved successfully.

I:\WINDOWS\Tasks\At5.job moved successfully.

I:\WINDOWS\Tasks\At50.job moved successfully.

I:\WINDOWS\Tasks\At51.job moved successfully.

I:\WINDOWS\Tasks\At52.job moved successfully.

I:\WINDOWS\Tasks\At53.job moved successfully.

I:\WINDOWS\Tasks\At54.job moved successfully.

I:\WINDOWS\Tasks\At55.job moved successfully.

I:\WINDOWS\Tasks\At56.job moved successfully.

I:\WINDOWS\Tasks\At57.job moved successfully.

I:\WINDOWS\Tasks\At58.job moved successfully.

I:\WINDOWS\Tasks\At59.job moved successfully.

I:\WINDOWS\Tasks\At6.job moved successfully.

I:\WINDOWS\Tasks\At60.job moved successfully.

I:\WINDOWS\Tasks\At61.job moved successfully.

I:\WINDOWS\Tasks\At62.job moved successfully.

I:\WINDOWS\Tasks\At63.job moved successfully.

I:\WINDOWS\Tasks\At64.job moved successfully.

I:\WINDOWS\Tasks\At65.job moved successfully.

I:\WINDOWS\Tasks\At66.job moved successfully.

I:\WINDOWS\Tasks\At67.job moved successfully.

I:\WINDOWS\Tasks\At68.job moved successfully.

I:\WINDOWS\Tasks\At69.job moved successfully.

I:\WINDOWS\Tasks\At7.job moved successfully.

I:\WINDOWS\Tasks\At70.job moved successfully.

I:\WINDOWS\Tasks\At71.job moved successfully.

I:\WINDOWS\Tasks\At72.job moved successfully.

I:\WINDOWS\Tasks\At73.job moved successfully.

I:\WINDOWS\Tasks\At74.job moved successfully.

I:\WINDOWS\Tasks\At75.job moved successfully.

I:\WINDOWS\Tasks\At76.job moved successfully.

I:\WINDOWS\Tasks\At77.job moved successfully.

I:\WINDOWS\Tasks\At78.job moved successfully.

I:\WINDOWS\Tasks\At79.job moved successfully.

I:\WINDOWS\Tasks\At8.job moved successfully.

I:\WINDOWS\Tasks\At80.job moved successfully.

I:\WINDOWS\Tasks\At81.job moved successfully.

I:\WINDOWS\Tasks\At82.job moved successfully.

I:\WINDOWS\Tasks\At83.job moved successfully.

I:\WINDOWS\Tasks\At84.job moved successfully.

I:\WINDOWS\Tasks\At85.job moved successfully.

I:\WINDOWS\Tasks\At86.job moved successfully.

I:\WINDOWS\Tasks\At87.job moved successfully.

I:\WINDOWS\Tasks\At88.job moved successfully.

I:\WINDOWS\Tasks\At89.job moved successfully.

I:\WINDOWS\Tasks\At9.job moved successfully.

I:\WINDOWS\Tasks\At90.job moved successfully.

I:\WINDOWS\Tasks\At91.job moved successfully.

I:\WINDOWS\Tasks\At92.job moved successfully.

I:\WINDOWS\Tasks\At93.job moved successfully.

I:\WINDOWS\Tasks\At94.job moved successfully.

I:\WINDOWS\Tasks\At95.job moved successfully.

I:\WINDOWS\Tasks\At96.job moved successfully.

 

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07182008_165149

Drog- Member

Drog-

Posté(e)
  • Auteur
Posté(e)

voici le resultat cfscript combix :

 

ComboFix 08-07-17.4 - benoit pellissier 2008-07-18 17:07:47.3 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.449 [GMT 2:00]

Endroit: I:\Documents and Settings\benoit pellissier\Bureau\Combo-Fix.exe

Command switches used :: I:\Documents and Settings\benoit pellissier\Bureau\CFScript.txt

* Resident AV is active

 

 

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

 

FILE ::

I:\SDFix.exe

I:\WINDOWS\NV35763580.TMP

I:\WINDOWS\system32\C3DL15v4.exe

I:\WINDOWS\system32\C3DL15v4.exe.a_a

I:\WINDOWS\system32\HJO0GNU5.exe

I:\WINDOWS\system32\HJO0GNU5.exe.a_a

I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll

I:\WINDOWS\system32\kkkcccypnwb.exe

I:\WINDOWS\system32\NW1iG6cU.exe

I:\WINDOWS\system32\NW1iG6cU.exe.a_a

I:\WINDOWS\system32\tOgc374C.exe

I:\WINDOWS\system32\tOgc374C.exe.a_a

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

I:\WINDOWS\system32\C3DL15v4.exe

I:\WINDOWS\system32\C3DL15v4.exe.a_a

I:\WINDOWS\system32\HJO0GNU5.exe.a_a

I:\WINDOWS\system32\kkkcccypnwb.exe

I:\WINDOWS\system32\NW1iG6cU.exe.a_a

I:\WINDOWS\system32\tOgc374C.exe.a_a

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_EWDMAUDN

-------\Service_ewdmaudn

 

 

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-18 to 2008-07-18 ))))))))))))))))))))))))))))))))))))

.

 

2008-07-18 16:44 . 2008-07-18 16:44 <REP> d-------- I:\_OTMoveIt

2008-07-17 18:30 . 2008-07-17 20:25 <REP> d-------- I:\Program Files\Malwarebytes' Anti-Malware

2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Malwarebytes

2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-07-17 18:30 . 2008-07-07 17:35 34,296 --a------ I:\WINDOWS\system32\drivers\mbamcatchme.sys

2008-07-17 18:30 . 2008-07-07 17:35 17,144 --a------ I:\WINDOWS\system32\drivers\mbam.sys

2008-07-17 12:46 . 2007-07-30 19:19 271,224 --a------ I:\WINDOWS\system32\mucltui.dll

2008-07-17 12:46 . 2007-07-30 19:19 207,736 --a------ I:\WINDOWS\system32\muweb.dll

2008-07-17 12:46 . 2007-07-30 19:18 30,072 --a------ I:\WINDOWS\system32\mucltui.dll.mui

2008-07-17 12:42 . 2008-07-17 12:42 <REP> d-------- I:\37697b738c9b3c8639754acaec909457

2008-07-17 12:41 . 2008-07-17 12:41 <REP> d-------- I:\3226aa2ad68ffcc930ef58

2008-07-17 10:35 . 2008-07-17 12:41 <REP> d----c--- I:\Program Files\Fichiers communs\WindowsLiveInstaller

2008-07-17 10:35 . 2008-07-17 10:54 <REP> d-------- I:\Documents and Settings\All Users\Application Data\WLInstaller

2008-07-15 17:05 . 2006-06-29 13:07 14,048 --------- I:\WINDOWS\system32\spmsg2.dll

2008-07-15 08:08 . 2008-07-15 08:08 <REP> d-------- I:\Program Files\TomTom DesktopSuite

2008-07-14 18:47 . 2008-07-17 13:07 <REP> d-------- I:\Program Files\a-squared Anti-Malware

2008-07-14 18:37 . 2008-07-14 18:37 <REP> d-------- I:\WINDOWS\type

2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\InstantTimeZone

2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Documents and Settings\All Users\Application Data\HiYo

2008-07-13 12:26 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\BigFix

2008-07-13 12:10 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\Realtek AC97

2008-07-13 12:10 . 2002-02-05 13:54 141,016 --a------ I:\WINDOWS\system32\alsndmgr.wav

2008-07-13 12:08 . 2008-07-13 12:49 <REP> d-------- I:\WINDOWS\NV35763580.TMP

2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Program Files\ma-config.com

2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Documents and Settings\All Users\Application Data\ma-config.com

2008-07-12 19:17 . 2008-07-15 17:17 <REP> d-------- I:\WINDOWS\system32\XPSViewer

2008-07-12 19:17 . 2008-07-12 19:17 <REP> d-------- I:\Program Files\MSBuild

2008-07-12 19:16 . 2008-07-12 19:16 <REP> d-------- I:\Program Files\Reference Assemblies

2008-07-12 18:02 . 2008-07-12 18:02 <REP> d-------- I:\Program Files\MSXML 6.0

2008-07-12 15:20 . 2008-07-12 19:31 1,374 --a------ I:\WINDOWS\imsins.BAK

2008-07-11 20:33 . 2008-07-11 20:33 3,468,904 --a------ I:\WINDOWS\system32\drivers\appdrv01.sys

2008-07-11 20:33 . 2008-07-11 20:33 304,528 --a------ I:\WINDOWS\system32\appdrvrem01.exe

2008-07-11 18:50 . 2008-07-11 18:55 <REP> d-------- I:\Program Files\BHODemon 2

2008-07-11 17:48 . 2008-07-11 17:48 999 --a------ I:\WINDOWS\unins000.dat

2008-07-11 17:23 . 2008-07-11 18:03 <REP> d-------- I:\54f2d04aeca8b46f3adb319aae

2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Microsoft Visual Studio 8

2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Fichiers communs\Merge Modules

2008-07-11 17:16 . 2008-07-11 18:03 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Microsoft Help

2008-07-11 12:31 . 2008-07-11 18:05 <REP> d-------- I:\Program Files\SpywareGuard

2008-07-10 19:32 . 2008-07-10 19:32 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Sandlot Games

2008-07-10 19:31 . 2008-07-10 19:31 <REP> d-------- I:\Program Files\ReflexiveArcade

2008-07-10 19:31 . 2008-07-11 18:04 <REP> d-------- I:\Program Files\Cake Mania

2008-07-06 12:20 . 2008-07-18 16:50 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Pro Cycling Manager 2008

2008-07-06 07:05 . 2008-07-06 07:25 <REP> d-------- I:\Program Files\Star Downloader

2008-07-03 22:03 . 2008-07-03 22:03 <REP> dr------- I:\Documents and Settings\NetworkService\Favoris

2008-06-30 20:29 . 2006-10-04 16:06 1,197,294 -----c--- I:\WINDOWS\system32\dllcache\sysmain.sdb

2008-06-30 20:29 . 2006-10-04 16:06 764,868 -----c--- I:\WINDOWS\system32\dllcache\apph_sp.sdb

2008-06-30 20:29 . 2006-10-04 16:06 217,118 -----c--- I:\WINDOWS\system32\dllcache\apphelp.sdb

2008-06-30 20:27 . 2008-06-30 20:27 <REP> d-------- I:\Program Files\Windows Media Connect 2

2008-06-30 20:25 . 2008-06-30 20:26 <REP> d-------- I:\WINDOWS\system32\drivers\UMDF

2008-06-28 18:12 . 2008-06-28 18:23 <REP> d-------- I:\Program Files\Yahoo!

2008-06-28 07:37 . 2008-07-18 17:12 109,927 --a------ I:\WINDOWS\system32\oodbs.lor

2008-06-27 20:35 . 2008-06-27 20:35 0 --a------ I:\WINDOWS\oodcnt.INI

2008-06-27 16:04 . 2008-07-16 19:21 <REP> d-------- I:\WINDOWS\system32\oodag

2008-06-27 15:52 . 2008-06-27 15:52 <REP> d-------- I:\Program Files\OO Software

2008-06-27 15:45 . 2008-07-16 20:10 <REP> d-------- I:\Program Files\RamBoost XP

2008-06-27 15:32 . 2008-06-27 15:36 <REP> d-------- I:\Program Files\RegCleaner

2008-06-23 15:21 . 2008-06-23 15:21 0 --a------ I:\WINDOWS\nsreg.dat

2008-06-18 15:44 . 2008-06-18 15:44 <REP> d-------- I:\UDA051_build01(Logo51.3_Standard)

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-07-18 15:07 --------- d-----w I:\Program Files\XARA

2008-07-18 12:37 --------- d-----w I:\Documents and Settings\All Users\Application Data\Google Updater

2008-07-18 12:36 --------- d-----w I:\Program Files\Google

2008-07-18 11:49 --------- d-----w I:\Program Files\Wanadoo

2008-07-17 14:37 --------- d-----w I:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic

2008-07-17 11:04 --------- d-----w I:\Program Files\MSN Messenger

2008-07-17 08:35 --------- d-----w I:\Program Files\Windows Live

2008-07-16 15:53 --------- d-----w I:\Program Files\mIRC

2008-07-15 14:10 --------- d-----w I:\Program Files\TomTom HOME

2008-07-14 18:27 --------- d-----w I:\Program Files\PKR

2008-07-14 18:27 --------- d-----w I:\Program Files\GaNja`Script

2008-07-13 10:10 --------- d--h--w I:\Program Files\InstallShield Installation Information

2008-07-11 17:19 --------- d-----w I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-07-11 16:16 --------- d-----w I:\Program Files\Cyanide

2008-07-11 15:07 --------- d-----w I:\Program Files\Java

2008-07-09 14:02 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\LimeWire

2008-07-09 13:54 --------- d-----w I:\Program Files\eMule

2008-07-07 19:12 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\teamspeak2

2008-06-29 15:14 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\FileZilla

2008-06-28 16:23 --------- d-----w I:\Program Files\Ludiclub

2008-06-27 13:15 --------- d-----w I:\Program Files\RSS Xpress

2008-06-18 16:24 --------- d-----w I:\Program Files\LimeWire

2008-06-18 13:33 --------- d-----w I:\Program Files\Lavalys

2008-06-14 18:33 --------- d-----w I:\Documents and Settings\All Users\Application Data\TomTom

2008-06-14 18:31 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\InstallShield

2008-06-11 18:01 --------- d-----w I:\Program Files\Messenger Plus! Live

2008-06-07 17:45 --------- d-----w I:\Program Files\C-Media 3D Audio

2008-06-07 14:56 --------- d-----w I:\Program Files\Valve

2008-06-07 13:34 43,520 ----a-w I:\WINDOWS\system32\CmdLineExt03.dll

2008-05-22 13:42 107,888 ----a-w I:\WINDOWS\system32\CmdLineExt.dll

2008-05-19 17:04 --------- d-----w I:\Program Files\EA Sports

1999-06-30 13:06 151,552 ----a-r I:\WINDOWS\inf\AGFA\Message.exe

.

 

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="I:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]

"Steam"="i:\program files\valve\steam\steam.exe" [2008-06-07 17:47 1271032]

"msnmsgr"="I:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352]

"swg"="I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-15 00:11 68856]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PowerStrip"="i:\program files\powerstrip\pstrip.exe" [2007-07-14 11:35 730360]

"NvCplDaemon"="I:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480]

"MessengerPlus3"="I:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-08-14 17:51 190024]

"BigDogPath"="I:\WINDOWS\VM_STI.EXE" [2004-11-29 08:28 40960]

"nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 I:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="NvMCTray.dll" [2006-10-22 12:22 86016 I:\WINDOWS\system32\nvmctray.dll]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"SENTINEL"= snti386.dll

 

[HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]

path=I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk

backup=I:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]

--a------ 2007-06-11 11:25 6731312 I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-squared]

--a------ 2008-07-14 19:00 2132112 I:\Program Files\a-squared Anti-Malware\a2guard.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]

--a------ 2006-01-18 15:52 229416 I:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

--a------ 2008-04-01 11:39 486856 I:\Program Files\DAEMON Tools Lite\daemon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]

--a------ 2008-04-01 12:40 172280 I:\Program Files\ICQ6\ICQ.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

-ra------ 2001-07-09 12:50 155648 I:\WINDOWS\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]

--a------ 2007-06-28 23:01 2512128 I:\WINDOWS\system32\oodtray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]

--a------ 2007-10-23 02:47 360448 I:\Program Files\Winamp Remote\bin\OrbTray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]

--------- 2003-06-24 15:23 61440 I:\Program Files\Home Cinema\PowerCinema\PCMService.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2008-02-22 05:25 144784 I:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]

--a------ 2007-05-15 16:34 3975848 I:\Program Files\TomTom HOME\TomTomHOME.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

--a------ 2007-10-10 07:28 36352 I:\Program Files\Winamp\winampa.exe

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"I:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=

"I:\\Program Files\\MSN Messenger\\livecall.exe"=

"I:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"=

"I:\\Program Files\\ICQ6\\ICQ.exe"=

"I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\Win32\\RpcDataSrv.exe"=

"I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\RpcSandraSrv.exe"=

"I:\\Program Files\\LimeWire\\LimeWire.exe"=

"I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\PCM.exe"=

"I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\Autorun\\Exe\\Autorun.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3478:UDP"= 3478:UDP:stun

"3479:UDP"= 3479:UDP:stun 2

"6112:UDP"= 6112:UDP:stun 3

"5730:UDP"= 5730:UDP:game

"5739:UDP"= 5739:UDP:game 1

"9001:TCP"= 9001:TCP:game 2

"11881:TCP"= 11881:TCP:game 3

"11881:UDP"= 11881:UDP:game4

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

 

R0 avgntmgr;avgntmgr;I:\WINDOWS\system32\drivers\avgntmgr.sys [2005-07-04 11:58]

R1 appdrv01;Application Driver (01);I:\WINDOWS\system32\Drivers\appdrv01.sys [2008-07-11 20:33]

R1 avgntdd;avgntdd;I:\WINDOWS\system32\DRIVERS\avgntdd.sys [2005-08-23 15:32]

R2 PStrip;PStrip;I:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 03:37]

R3 Cap7134;MEDION (7134) WDM Video Capture;I:\WINDOWS\system32\DRIVERS\Cap7134.sys [2002-11-04 17:29]

R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;I:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2002-11-04 17:32]

S1 hidfltr;HID Filter Driver;I:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 12:20]

S2 appdrvrem01;Application Driver Auto Removal Service (01);I:\WINDOWS\System32\appdrvrem01.exe svc []

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2291a4b8-0870-11dd-b659-000c76febb28}]

\Shell\AutoRun\command - K:\Exe\Autorun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{360363b4-0d3b-11dd-b665-000c76febb28}]

\Shell\AutoRun\command - G:\Exe\Autorun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c0f6098-3a40-11dd-b6c8-000c76febb28}]

\Shell\AutoRun\command - L:\InstallTomTomHOME.exe

.

Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'

"2008-07-18 13:21:10 I:\WINDOWS\Tasks\User_Feed_Synchronization-{4274763A-B51A-48F2-A192-02DCE7262C32}.job"

- I:\WINDOWS\system32\msfeedssync.exe

.

- - - - ORPHANS REMOVED - - - -

 

HKLM-Run-Cmaudio - cmicnfg.cpl

MSConfigStartUp-HiYo - I:\Program Files\HiYo\bin\HiYo.exe

MSConfigStartUp-UnlockerAssistant - I:\Program Files\Unlocker\UnlockerAssistant.exe

MSConfigStartUp-Microsoft Corporation Svchost Service - mssvc.exe

 

 

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-07-18 17:13:05

Windows 5.1.2600 Service Pack 2 NTFS

 

Balayage processus cach‚s ...

 

Balayage cach‚ autostart entries ...

 

Balayage des fichiers cach‚s ...

 

 

I:\Documents and Settings\benoit pellissier\Application Data\Microsoft\Windows Live Call\Logs\msncalllog5.txt 690 bytes

 

Scan termin‚ avec succŠs

Les fichiers cach‚s: 1

 

**************************************************************************

.

------------------------ Other Running Processes ------------------------

.

I:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

I:\Program Files\a-squared Anti-Malware\a2service.exe

I:\Program Files\AntiVir PersonalEdition Classic\sched.exe

I:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

I:\WINDOWS\system32\FTRTSVC.exe

I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

I:\WINDOWS\system32\nvsvc32.exe

I:\PROGRA~1\MSNMES~1\msnmsgr.exe

I:\Program Files\Google\Google Updater\GoogleUpdater.exe

I:\WINDOWS\system32\oodag.exe

I:\WINDOWS\system32\PnkBstrA.exe

I:\WINDOWS\system32\wscntfy.exe

I:\Program Files\MSN Messenger\usnsvc.exe

.

**************************************************************************

.

Temps d'accomplissement: 2008-07-18 17:17:36 - machine was rebooted [benoit pellissier]

ComboFix-quarantined-files.txt 2008-07-18 15:17:33

 

Pre-Run: 177,190,830,080 octets libres

Post-Run: 177,136,607,232 octets libres

 

258 --- E O F --- 2008-01-10 00:54:35

angelique Devil Member !

angelique

Posté(e)
Posté(e)

• supprime I:\_OTMoveIt

 

• desinstalle ComboFix en copiant_collant la lignes ci dessous dans executer et valide la, patiente le temps de la desinstallation:

 

ComboFix /u

 

supp si restant c:\bug, c:\combofix , c:\qoobox

 

• recoche dans msconfig\demarrage , antivir [avgnt] que tu as desactivé ,

 

 

ceci me donne cette info comme quoi tu l'as decoché:

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]

--a------ 2006-01-18 15:52 229416 I:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

 

Fait un scan avec antivir et poste le rapport

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...