hijack log
 
  Tweaks.com
 Home    Members    Calendar    Who's On    
Search
    Main Site
 


Home » Windows & System Security » HiJack This Logs » hijack log


hijack logExpand / Collapse
Rate Topic
Display Mode
Topic Options
Author
Message
antongenius
Posted 11/19/2008 12:59 PM
New Member

New MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew Member

Group: Forum Members
Last Login: 4/23/2008 9:57 PM
Posts: 16, Visits: 27
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:23, on 2008-11-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [VTPreset] VTPreset.exe
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BVRPLiveUpdate] C:\Program Files\Avanquest update\Engine\Setup.exe /PATCH,/SRCUPDATEC:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRPSO~1\MOTORO~1\LIVEUP~1\LISTOF~1.DAT
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 9951 bytes


Genius.....and i mean this!!
Post #245505
RichieUK
Posted 11/19/2008 1:36 PM


Senior Forum Moderator

Senior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum Moderator

Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 29,548, Visits: 54,734
Welcome

Your version of Sun Java is out of date.
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older versions of Sun Java,and then update.
1. Download the latest version of Java Runtime Environment (JRE)
2. Scroll down to where it says 'Java Runtime Environment (JRE) 6u10'.
3. Click the "Download" button to the right.
4. Select the Platform and Language for your download,then check the box that says: "Accept License Agreement".
5. The page will refresh.
6. Click on the link to download 'Windows Offline Installation, Multi-language - jre-6u10-windows-i586-p.exe' [15.52 MB] and save to your desktop.
7. Close any programs you may have running - especially your web browser.
8. Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
9. Check any item with Java Runtime Environment (JRE or J2SE) in the name.
10. Click the Change/Remove button.
11. Repeat as many times as necessary to remove each Java version.
12. Reboot your computer once all Java components are removed.
13. Then from your desktop double-click on jre-6u10-windows-i586-p.exe to install the newest version.

Verify your installation of Sun Java:
http://www.java.com/en/download/help/testvm.xml


Download and scan with CCleaner.
1. Starting with v1.27.260, CCleaner started installing the Yahoo Toolbar as an option which IS checkmarked by default during the installation.
IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the 'No Toolbar' 'Slim' version instead of the 'Standard Build'.

2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"

3. Then select the items you wish to clean up.

In the Windows Tab:
* Clean all entries in the "Internet Explorer" section except Cookies.
* Clean all the entries in the "Windows Explorer" section.
* Clean all entries in the "System" section.
* Clean all entries in the "Advanced" section.
* Clean any others that you choose.

In the Applications Tab:
* Clean all except cookies in the Firefox/Mozilla section if you use it.
* Clean all in the Opera section if you use it.
* Clean Sun Java in the Internet Section.
* Clean any others that you choose.

4. Click the "Run Cleaner" button.
5. A pop up box will appear advising this process will permanently delete files from your system.
6. Click "OK" and it will scan and clean your system.
7. Exit CCleaner.


If you have previously downloaded ComboFix,please delete that version now.
Download Combofix by sUBs and save to your desktop.
Alternative Combofix download link HERE.
Note
It is important that it is saved directly to your desktop

Close any open browsers.
Click on Start/Run,copy and paste the following bold text into the 'Open:' space,then press OK [See image below]:
"%userprofile%\desktop\combofix.exe" /killall



Combofix.exe will start,please follow the prompts.
When it's finished it will produce a log.
Post the entire contents of C:\ComboFix.txt into your next reply.
Note:
Do not mouseclick combofix's window while it's running.
That may cause the program to freeze/hang.
Do NOT post the ComboFix-quarantined-files.txt unless I ask.
*Note*
In case your Antivirus or any other realtime scanner is displaying an alert after you downloaded Combofix or while you use Combofix,please disable your scanner and download Combofix again.
Some scanners may see some combofix related components as suspicious and block or delete them while there's nothing wrong with them.

Also post a new Hijackthis log please.

_______________________________________________


ASAP & UNITE member since 2006





Spreadfirefox Affiliate Button Get Thunderbird!
Post #245506
antongenius
Posted 11/19/2008 10:26 PM
New Member

New MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew Member

Group: Forum Members
Last Login: 4/23/2008 9:57 PM
Posts: 16, Visits: 27
ComboFix 08-11-18.A2 - GENIUS 2008-11-19 23:05:55.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.259 [GMT -5:00]
Running from: c:\documents and settings\GENIUS\desktop\combofix.exe
Command switches used :: /killall
* Created a new restore point

[COLOR=RED]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/COLOR]
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\downld

.
((((((((((((((((((((((((( Files Created from 2008-10-20 to 2008-11-20 )))))))))))))))))))))))))))))))
.

2008-11-18 14:34 . 2008-11-18 14:56d--------C:\tha 1
2008-11-17 14:50 . 2008-11-17 15:48d--------C:\futuristic
2008-11-17 09:58 . 2008-11-17 16:52d--------C:\gettin up
2008-11-16 18:53 . 2008-11-16 18:53d--------c:\documents and settings\GENIUS\Application Data\Waves Preferences
2008-11-16 11:17 . 2008-11-16 11:29d--------C:\can I files
2008-11-16 10:04 . 2008-11-16 10:04d--------c:\documents and settings\GENIUS\Application Data\Juce VST Host
2008-11-15 17:58 . 2008-11-17 06:52d--------C:\can i
2008-11-15 04:44 . 2008-11-15 16:05d--------C:ew j
2008-11-13 19:14 . 2008-11-13 19:14d--------c:\documents and settings\All Users\Application Data\Apple Computer
2008-11-11 19:12 . 2008-11-12 01:32d--------C:\caught up in the moment
2008-11-09 07:02 . 2008-11-09 07:28d--------C:\that's right
2008-11-06 22:21 . 2008-11-06 22:43d--------C:\change
2008-11-02 20:34 . 2008-11-03 14:39d--------C:\cant wait
2008-10-21 06:27 . 2008-10-21 09:23d--------C:\lost my love

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-20 02:50---------d-----wc:\documents and settings\GENIUS\Application Data\skypePM
2008-11-20 01:27---------d-----wc:\documents and settings\GENIUS\Application Data\Skype
2008-11-19 21:33---------d-----wc:\program files\Spectrasonics
2008-11-19 21:32---------d-----wc:\program files\VstPlugins
2008-11-19 16:22---------d-----wc:\program files\Steinberg
2008-11-19 13:13---------d-----wc:\program files\Java
2008-11-19 13:11---------d-----wc:\program files\Philips Upgrade Tool
2008-11-19 13:09---------d-----wc:\program files\eMule
2008-11-19 13:09---------d-----wc:\program files\Arturia
2008-11-18 23:54---------d-----wc:\program files\Common Files\Adobe
2008-11-17 00:20---------d-----wc:\program files\Image-Line
2008-11-16 15:04---------d-----wc:\program files\Waves
2008-11-03 03:19---------d-----wc:\documents and settings\All Users\Application Data\Downloaded Installations
2008-10-14 04:40---------d-----wc:\documents and settings\GENIUS\Application Data\Digidesign
2008-09-22 22:28---------d-----wc:\program files\Sony
2008-09-22 22:27---------d-----wc:\program files\Sony Setup
2008-09-21 20:23---------d-----wc:\program files\Common Files\Adobe Systems Shared
2008-09-21 17:54---------d--h--wc:\program files\InstallShield Installation Information
2008-03-21 03:2132----a-wc:\documents and settings\All Users\Application Data\ezsid.dat
2007-07-16 05:0492,064-c--a-wc:\documents and settings\GENIUS\mqdmmdm.sys
2007-07-16 05:049,232-c--a-wc:\documents and settings\GENIUS\mqdmmdfl.sys
2007-07-16 05:0479,328-c--a-wc:\documents and settings\GENIUS\mqdmserd.sys
2007-07-16 05:0466,656-c--a-wc:\documents and settings\GENIUS\mqdmbus.sys
2007-07-16 05:046,208-c--a-wc:\documents and settings\GENIUS\mqdmcmnt.sys
2007-07-16 05:045,936-c--a-wc:\documents and settings\GENIUS\mqdmwhnt.sys
2007-07-16 05:044,048-c--a-wc:\documents and settings\GENIUS\mqdmcr.sys
2007-07-16 05:0425,600-c--a-wc:\documents and settings\GENIUS\usbsermptxp.sys
2007-07-16 05:0422,768-c--a-wc:\documents and settings\GENIUS\usbsermpt.sys
2007-06-14 05:120-c-ha-wc:\program files\Common Files\MSN
.

------- Sigcheck -------

2006-04-20 06:51 359808 1dbf125862891817f374f407626967f4c:\windows\$hf_mig$\KB917953\SP2GDR\tcpip.sys
2006-04-20 07:18 360576 b2220c618b42a2212a59d91ebd6fc4b4c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
2007-10-30 11:53 360832 64798ecfa43d78c7178375fcdd16d8c8c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
2006-04-20 06:38 340480 b8158e2a6112c0a5ca67bc158fc70218c:\windows\$NtServicePackUninstall$\tcpip.sys
2004-08-04 01:14 359040 9f4b36614a0fc234525ba224957de55cc:\windows\$NtUninstallKB917953$\tcpip.sys
2002-08-28 20:58 332928 244a2f9816bc9b593957281ef577d976c:\windows\$NtUninstallKB917953_0$\tcpip.sys
2006-04-20 06:51 359808 1dbf125862891817f374f407626967f4c:\windows\$NtUninstallKB941644$\tcpip.sys
2004-08-04 01:14 359040 9f4b36614a0fc234525ba224957de55cc:\windows\ServicePackFiles\i386\tcpip.sys
2008-02-27 16:47 360064 3f89432724dc5d72689e16f3354bccfcc:\windows\system32\dllcache\tcpip.sys
2008-02-27 16:47 360064 3f89432724dc5d72689e16f3354bccfcc:\windows\system32\drivers\tcpip.sys

2007-06-13 05:23 975360 9784e0719124e4a23989aef9e7ca02d6c:\windows\explorer.exe
2007-06-13 06:26 1033216 7712df0cdde3a5ac89843e61cd5b3658c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
2002-08-28 22:41 1004032 a82b28bfc2e4455fe43022a498c0ef0ac:\windows\$NtServicePackUninstall$\explorer.exe
2004-08-04 02:56 1032192 a0732187050030ae399b241436565e64c:\windows\$NtUninstallKB938828$\explorer.exe
2007-06-13 05:23 975360 9784e0719124e4a23989aef9e7ca02d6c:\windows\ServicePackFiles\i386\explorer.exe
2007-06-13 05:23 1033216 97bd6515465659ff8f3b7be375b2ea87c:\windows\system32\dllcache\explorer.exe

2002-08-28 22:41 139776 a3763ce319d9eb3ec2ac04901f293b9dc:\windows\$NtServicePackUninstall$\wuauclt.exe
2007-07-30 19:19 68440 84d9a61860272d6177d46c86b8431557c:\windows\ServicePackFiles\i386\wuauclt.exe
2007-07-30 19:19 68440 84d9a61860272d6177d46c86b8431557c:\windows\system32\wuauclt.exe
2007-07-30 19:19 53080 f3e9065eb617a7e3a832a7976bfa021bc:\windows\system32\dllcache\wuauclt.exe
.
((((((((((((((((((((((((((((( snapshot@2008-04-21_ 0.44.04.81 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-26 11:48:44297,984-c--a-wc:\windows\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:22:3614,048-c--a-wc:\windows\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:22:41213,216-c--a-wc:\windows\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:22:3422,752-c--a-wc:\windows\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:22:59716,000-c--a-wc:\windows\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:23:51371,424-c--a-wc:\windows\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2008-01-23 04:56:21554,008-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11518,944-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11326,432-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:111,516,568-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11355,112-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2008-03-27 07:39:13151,583-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:1260,192-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12248,608-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12219,936-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12355,104-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13432,928-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13322,336-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13559,904-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13264,992-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13838,432-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-12-10 12:41:14621,344-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14355,104-c--a-wc:\windows\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:22:3614,048-c--a-wc:\windows\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:22:41213,216-c--a-wc:\windows\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:22:3422,752-c--a-wc:\windows\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:22:59716,000-c--a-wc:\windows\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:23:51371,424-c--a-wc:\windows\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-04-23 03:35:35124,928-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 03:35:35347,136-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 03:35:35214,528-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 03:35:35132,608-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 03:35:3563,488-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:1970,656-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 03:35:35153,088-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 03:35:35230,400-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38161,792-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:382,455,488-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 03:35:35383,488-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 03:35:35388,608-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 03:35:366,068,224-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 03:35:3644,544-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 03:35:36267,776-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:1913,824-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46625,664-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 03:35:3627,648-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 03:35:36459,264-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 03:35:3652,224-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 03:35:363,593,728-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 03:35:36478,208-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 03:35:36193,024-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 03:35:36671,232-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 03:35:36102,912-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 03:35:3644,544-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 03:35:36105,984-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 03:35:361,162,752-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 03:35:36233,472-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 03:35:36827,392-c--a-wc:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:3314,048-c--a-wc:\windows\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:22:39213,216-c--a-wc:\windows\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:22:3122,752-c--a-wc:\windows\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:22:56716,000-c--a-wc:\windows\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:23:51371,424-c--a-wc:\windows\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:2217,272-c--a-wc:\windows\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:22231,288-c--a-wc:\windows\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:2226,488-c--a-wc:\windows\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:22755,576-c--a-wc:\windows\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:22382,840-c--a-wc:\windows\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51203,008-c--a-wc:\windows\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52203,136-c--a-wc:\windows\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17203,136-c--a-wc:\windows\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:2217,272-c--a-wc:\windows\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:22231,288-c--a-wc:\windows\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:2226,488-c--a-wc:\windows\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:22755,576-c--a-wc:\windows\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:22382,840-c--a-wc:\windows\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-04-14 11:00:16272,128-c--a-wc:\windows\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 12:30:49272,128-c--a-wc:\windows\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 12:36:35272,128-c--a-wc:\windows\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:18:5117,272-c--a-wc:\windows\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:18:51231,288-c--a-wc:\windows\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:18:5126,488-c--a-wc:\windows\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:18:51755,576-c--a-wc:\windows\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:18:51382,840-c--a-wc:\windows\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:401,288,192-c--a-wc:\windows\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:401,288,192-c--a-wc:\windows\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:151,288,192-c--a-wc:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:5117,272-c--a-wc:\windows\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:51231,288-c--a-wc:\windows\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:5126,488-c--a-wc:\windows\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:22755,576-c--a-wc:\windows\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:22382,840-c--a-wc:\windows\$hf_mig$\KB951698\update\updspapi.dll
+ 2004-08-04 07:56:42294,400-c----wc:\windows\$NtUninstallKB932823-v3$\msctf.dll
+ 2007-03-06 01:22:41213,216-c----wc:\windows\$NtUninstallKB932823-v3$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51371,424-c----wc:\windows\$NtUninstallKB932823-v3$\spuninst\updspapi.dll
+ 2004-08-04 07:56:42561,179-c----wc:\windows\$NtUninstallKB950749$\dao360.dll
+ 2004-08-04 07:56:43512,029-c----wc:\windows\$NtUninstallKB950749$\msexch40.dll
+ 2004-08-04 07:56:43319,517-c----wc:\windows\$NtUninstallKB950749$\msexcl40.dll
+ 2004-08-04 07:56:431,507,356-c----wc:\windows\$NtUninstallKB950749$\msjet40.dll
+ 2004-07-17 18:34:46358,976-c----wc:\windows\$NtUninstallKB950749$\msjetol1.dll
+ 2004-07-17 18:34:46358,976-c----wc:\windows\$NtUninstallKB950749$\msjetoledb40.dll
+ 2004-08-04 07:56:43151,583-c----wc:\windows\$NtUninstallKB950749$\msjint40.dll
+ 2004-08-04 07:56:4353,279-c----wc:\windows\$NtUninstallKB950749$\msjter40.dll
+ 2004-08-04 07:56:43241,693-c----wc:\windows\$NtUninstallKB950749$\msjtes40.dll
+ 2004-08-04 07:56:43213,023-c----wc:\windows\$NtUninstallKB950749$\msltus40.dll
+ 2004-08-04 07:56:43348,189-c----wc:\windows\$NtUninstallKB950749$\mspbde40.dll
+ 2004-08-04 07:56:43421,919-c----wc:\windows\$NtUninstallKB950749$\msrd2x40.dll
+ 2004-08-04 07:56:43315,423-c----wc:\windows\$NtUninstallKB950749$\msrd3x40.dll
+ 2004-08-04 07:56:43552,989-c----wc:\windows\$NtUninstallKB950749$\msrepl40.dll
+ 2004-08-04 07:56:43258,077-c----wc:\windows\$NtUninstallKB950749$\mstext40.dll
+ 2004-08-04 07:56:44831,519-c----wc:\windows\$NtUninstallKB950749$\mswdat10.dll
+ 2004-08-04 07:56:44614,429-c----wc:\windows\$NtUninstallKB950749$\mswstr10.dll
+ 2004-08-04 07:56:44348,189-c----wc:\windows\$NtUninstallKB950749$\msxbde40.dll
+ 2007-03-06 01:22:41213,216-c----wc:\windows\$NtUninstallKB950749$\spuninst\spuninst.exe
+ 2007-03-06 01:23:51371,424-c----wc:\windows\$NtUninstallKB950749$\spuninst\updspapi.dll
+ 2007-11-30 12:39:22231,288-c----wc:\windows\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22382,840-c----wc:\windows\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2006-07-13 08:48:58202,240-c----wc:\windows\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:39:22231,288-c----wc:\windows\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22382,840-c----wc:\windows\$NtUninstallKB950762$\spuninst\updspapi.dll
+ 2004-08-04 06:10:37274,304-c----wc:\windows\$NtUninstallKB951376$\bthport.sys
+ 2007-11-30 11:18:51231,288-c----wc:\windows\$NtUninstallKB951376$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51382,840-c----wc:\windows\$NtUninstallKB951376$\spuninst\updspapi.dll
+ 2007-10-29 22:43:031,287,680-c----wc:\windows\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:18:51231,288-c----wc:\windows\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22382,840-c----wc:\windows\$NtUninstallKB951698$\spuninst\updspapi.dll
+ 2008-04-14 11:01:02272,128-c----wc:\windows\Driver Cache\i386\bthport.sys
+ 2008-03-01 13:06:20124,928-c----wc:\windows\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 13:06:21347,136-c----wc:\windows\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 13:06:21214,528-c----wc:\windows\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 13:06:21133,120-c----wc:\windows\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 13:06:2163,488-c----wc:\windows\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:55:2370,656-c----wc:\windows\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 13:06:21153,088-c----wc:\windows\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 13:06:21230,400-c----wc:\windows\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25161,792-c----wc:\windows\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 13:06:22383,488-c----wc:\windows\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 13:06:22384,512-c----wc:\windows\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 13:06:246,066,176-c----wc:\windows\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 13:06:2444,544-c----wc:\windows\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 13:06:25267,776-c----wc:\windows\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:5113,824-c----wc:\windows\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:55:46625,664-c----wc:\windows\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 13:06:2527,648-c----wc:\windows\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 13:06:26459,264-c----wc:\windows\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 13:06:2652,224-c----wc:\windows\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 23:36:303,591,680-c----wc:\windows\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 13:06:28478,208-c----wc:\windows\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 13:06:28193,024-c----wc:\windows\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 13:06:29671,232-c----wc:\windows\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 13:06:29102,912-c----wc:\windows\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 13:06:2944,544-c----wc:\windows\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:22:39213,216-c----wc:\windows\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51371,424-c----wc:\windows\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 13:06:29105,984-c----wc:\windows\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 13:06:301,159,680-c----wc:\windows\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 13:06:30233,472-c----wc:\windows\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 13:06:31826,368-c----wc:\windows\ie7updates\KB950759-IE7\wininet.dll
+ 2008-09-21 20:23:1965,536-c--a-rc:\windows\Installer\{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}\ARPPRODUCTICON.exe
+ 2008-09-21 20:23:2065,536-c--a-rc:\windows\Installer\{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}\AuditionCommonShortc_01CEC7E570FD4D068FADBF21DF0CC6DC.exe
+ 2008-09-21 20:23:2065,536-c--a-rc:\windows\Installer\{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}\NewShortcut1_E3A4979EE8C048379F3D271B50BA9E7C_1.exe
+ 2008-09-21 20:23:2065,536-c--a-rc:\windows\Installer\{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}\NewShortcut2_E3A4979EE8C048379F3D271B50BA9E7C_1.exe
+ 2008-09-21 20:23:2065,536-c--a-rc:\windows\Installer\{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}\NewShortcut3_E3A4979EE8C048379F3D271B50BA9E7C.exe
+ 2008-04-23 04:28:1218,944-c--a-rc:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
+ 2008-04-23 04:28:1265,024-c--a-rc:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
- 2000-08-31 13:00:0028,160----a-wc:\windows\Nircmd.exe
+ 2000-08-31 13:00:0028,672-c--a-wc:\windows\Nircmd.exe
- 2008-03-01 13:06:20124,928----a-wc:\windows\system32\advpack.dll
+ 2008-04-23 04:16:28124,928----a-wc:\windows\system32\advpack.dll
- 2004-08-04 07:56:47100,864----a-wc:\windows\system32\ahui.exe
+ 2004-08-04 07:56:4798,304----a-wc:\windows\system32\ahui.exe
- 2001-08-23 21:00:00117,760----a-wc:\windows\system32\calc.exe
+ 2007-07-27 12:00:00114,688----a-wc:\windows\system32\calc.exe
- 2004-08-04 07:56:41448,512----a-wc:\windows\system32\cmdial32.dll
+ 2004-08-04 07:56:41343,040----a-wc:\windows\system32\cmdial32.dll
- 2001-08-23 21:00:0069,632----a-wc:\windows\system32\console.dll
+ 2007-07-27 12:00:0066,560----a-wc:\windows\system32\console.dll
+ 2004-08-04 07:56:47183,808-c--a-wc:\windows\system32\dllcache\accwiz.exe
+ 2004-08-04 07:56:41114,688-c--a-wc:\windows\system32\dllcache\aclui.dll
+ 2004-08-04 06:07:38187,776-c--a-wc:\windows\system32\dllcache\acpi.sys
+ 2004-08-04 07:56:414,255-c--a-wc:\windows\system32\dllcache\adv01nt5.dll
+ 2004-08-04 07:56:413,967-c--a-wc:\windows\system32\dllcache\adv02nt5.dll
+ 2004-08-04 07:56:413,615-c--a-wc:\windows\system32\dllcache\adv05nt5.dll
+ 2004-08-04 07:56:413,647-c--a-wc:\windows\system32\dllcache\adv07nt5.dll
+ 2004-08-04 07:56:413,135-c--a-wc:\windows\system32\dllcache\adv08nt5.dll
+ 2004-08-04 07:56:413,711-c--a-wc:\windows\system32\dllcache\adv09nt5.dll
+ 2004-08-04 07:56:413,775-c--a-wc:\windows\system32\dllcache\adv11nt5.dll
- 2008-03-01 13:06:20124,928-c----wc:\windows\system32\dllcache\advpack.dll
+ 2008-04-23 04:16:28124,928-c----wc:\windows\system32\dllcache\advpack.dll
+ 2004-08-04 07:56:4124,064-c--a-wc:\windows\system32\dllcache\agentpsh.dll
+ 2004-08-04 07:56:4117,408-c--a-wc:\windows\system32\dllcache\alrsvc.dll
+ 2004-08-04 07:56:41167,936-c--a-wc:\windows\system32\dllcache\appmgmts.dll
+ 2004-08-04 07:56:41295,936-c--a-wc:\windows\system32\dllcache\appmgr.dll
+ 2004-08-04 07:56:4165,024-c--a-wc:\windows\system32\dllcache\asycfilt.dll
+ 2004-08-04 07:56:4121,183-c--a-wc:\windows\system32\dllcache\atv01nt5.dll
+ 2004-08-04 07:56:4111,359-c--a-wc:\windows\system32\dllcache\atv02nt5.dll
+ 2004-08-04 07:56:4125,471-c--a-wc:\windows\system32\dllcache\atv04nt5.dll
+ 2004-08-04 07:56:4114,143-c--a-wc:\windows\system32\dllcache\atv06nt5.dll
+ 2004-08-04 07:56:4117,279-c--a-wc:\windows\system32\dllcache\atv10nt5.dll
+ 2004-08-04 07:56:418,704-c--a-wc:\windows\system32\dllcache\batt.dll
+ 2004-08-04 07:56:4120,992-c--a-wc:\windows\system32\dllcache\bthci.dll
+ 2008-04-14 11:01:02272,128-c----wc:\windows\system32\dllcache\bthport.sys
- 2001-08-23 21:00:00117,760-c--a-wc:\windows\system32\dllcache\calc.exe
+ 2007-07-27 12:00:00114,688-c--a-wc:\windows\system32\dllcache\calc.exe
+ 2005-07-26 04:39:42225,792-c--a-wc:\windows\system32\dllcache\catsrv.dll
+ 2005-07-26 04:39:43625,152-c--a-wc:\windows\system32\dllcache\catsrvut.dll
+ 2004-08-04 07:56:4115,423-c--a-wc:\windows\system32\dllcache\ch7xxnt5.dll
+ 2004-08-04 07:56:475,632-c--a-wc:\windows\system32\dllcache\cisvc.exe
+ 2004-08-04 07:56:4733,280-c--a-wc:\windows\system32\dllcache\clipsrv.exe
+ 2004-08-04 07:56:41252,928-c--a-wc:\windows\system32\dllcache\compatui.dll
+ 2004-08-04 07:56:481,032,192-c--a-wc:\windows\system32\dllcache\conf.exe
- 2001-08-23 21:00:0069,632-c--a-wc:\windows\system32\dllcache\console.dll
+ 2007-07-27 12:00:0066,560-c--a-wc:\windows\system32\dllcache\console.dll
- 2004-08-04 07:56:42561,179-c--a-wc:\windows\system32\dllcache\dao360.dll
+ 2008-03-25 04:50:25554,008-c--a-wc:\windows\system32\dllcache\dao360.dll
+ 2004-08-04 07:56:4227,136-c--a-wc:\windows\system32\dllcache\ddrawex.dll
+ 2004-08-04 07:56:42111,104-c--a-wc:\windows\system32\dllcache\dgnet.dll
+ 2004-08-04 07:56:48224,768-c--a-wc:\windows\system32\dllcache\dmadmin.exe
+ 2004-08-04 07:56:4260,928-c--a-wc:\windows\system32\dllcache\dpnhupnp.dll
+ 2004-08-04 07:56:42239,104-c--a-wc:\windows\system32\dllcache\dsquery.dll
+ 2004-08-04 07:56:4251,200-c--a-wc:\windows\system32\dllcache\dssec.dll
+ 2004-08-04 07:56:42113,152-c--a-wc:\windows\system32\dllcache\dsuiext.dll
- 2008-03-01 13:06:21347,136-c--a-wc:\windows\system32\dllcache\dxtmsft.dll
+ 2008-04-23 04:16:28347,136-c--a-wc:\windows\system32\dllcache\dxtmsft.dll
- 2008-03-01 13:06:21214,528-c----wc:\windows\system32\dllcache\dxtrans.dll
+ 2008-04-23 04:16:28214,528-c--a-wc:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-04 07:56:42183,296-c--a-wc:\windows\system32\dllcache\els.dll
- 2008-03-01 13:06:21133,120-c----wc:\windows\system32\dllcache\extmgr.dll
+ 2008-04-23 04:16:28133,120-c--a-wc:\windows\system32\dllcache\extmgr.dll
+ 2004-08-04 07:56:4273,728-c--a-wc:\windows\system32\dllcache\fdeploy.dll
+ 2004-08-04 07:56:4221,504-c--a-wc:\windows\system32\dllcache\feclient.dll
+ 2004-08-04 07:56:42337,920-c--a-wc:\windows\system32\dllcache\filemgmt.dll
+ 2004-08-04 07:56:4232,828-c--a-wc:\windows\system32\dllcache\fp40ext.dll
+ 2004-08-04 07:56:4260,416-c--a-wc:\windows\system32\dllcache\fwcfg.dll
+ 2004-08-04 07:56:42132,608-c--a-wc:\windows\system32\dllcache\fxsocm.dll
+ 2004-08-04 07:56:4939,424-c--a-wc:\windows\system32\dllcache\grpconv.exe
+ 2004-08-04 07:56:42330,752-c--a-wc:\windows\system32\dllcache\hnetwiz.dll
+ 2004-08-04 07:56:4224,576-c--a-wc:\windows\system32\dllcache\httpapi.dll
- 2008-03-01 13:06:2163,488-c----wc:\windows\system32\dllcache\icardie.dll
+ 2008-04-23 04:16:2863,488-c----wc:\windows\system32\dllcache\icardie.dll
+ 2004-08-04 07:56:073,584-c--a-wc:\windows\system32\dllcache\icmp.dll
+ 2004-08-04 07:56:50214,528-c--a-wc:\windows\system32\dllcache\icwconn1.exe
+ 2004-08-04 07:56:5086,016-c--a-wc:\windows\system32\dllcache\icwconn2.exe
+ 2004-08-04 07:56:5024,576-c--a-wc:\windows\system32\dllcache\icwrmind.exe
- 2008-02-29 08:55:2370,656-c----wc:\windows\system32\dllcache\ie4uinit.exe
+ 2008-04-22 07:39:5870,656-c--a-wc:\windows\system32\dllcache\ie4uinit.exe
- 2008-03-01 13:06:21153,088-c----wc:\windows\system32\dllcache\ieakeng.dll
+ 2008-04-23 04:16:28153,088-c--a-wc:\windows\system32\dllcache\ieakeng.dll
- 2008-03-01 13:06:21230,400-c----wc:\windows\system32\dllcache\ieaksie.dll
+ 2008-04-23 04:16:28230,400-c--a-wc:\windows\system32\dllcache\ieaksie.dll
- 2008-02-15 05:44:25161,792-c----wc:\windows\system32\dllcache\ieakui.dll
+ 2008-04-20 05:07:51161,792-c--a-wc:\windows\system32\dllcache\ieakui.dll
- 2008-03-01 13:06:22383,488-c----wc:\windows\system32\dllcache\ieapfltr.dll
+ 2008-04-23 04:16:28383,488-c----wc:\windows\system32\dllcache\ieapfltr.dll
- 2008-03-01 13:06:22384,512-c----wc:\windows\system32\dllcache\iedkcs32.dll
+ 2008-04-23 04:16:28384,512-c--a-wc:\windows\system32\dllcache\iedkcs32.dll
- 2008-03-01 13:06:246,066,176-c----wc:\windows\system32\dllcache\ieframe.dll
+ 2008-04-23 04:16:286,066,176-c----wc:\windows\system32\dllcache\ieframe.dll
- 2008-03-01 13:06:2444,544-c----wc:\windows\system32\dllcache\iernonce.dll
+ 2008-04-23 04:16:2844,544-c--a-wc:\windows\system32\dllcache\iernonce.dll
- 2008-03-01 13:06:25267,776-c----wc:\windows\system32\dllcache\iertutil.dll
+ 2008-04-23 04:16:28267,776-c----wc:\windows\system32\dllcache\iertutil.dll
- 2008-02-22 10:00:5113,824-c----wc:\windows\system32\dllcache\ieudinit.exe
+ 2008-04-22 07:39:5813,824-c----wc:\windows\system32\dllcache\ieudinit.exe
- 2008-02-29 08:55:46625,664-c----wc:\windows\system32\dllcache\iexplore.exe
+ 2008-04-22 07:40:18625,664-c----wc:\windows\system32\dllcache\iexplore.exe
+ 2004-08-04 07:56:42135,680-c--a-wc:\windows\system32\dllcache\ifmon.dll
+ 2004-08-04 07:56:42505,344-c--a-wc:\windows\system32\dllcache\iis.dll
+ 2004-08-04 05:31:4859,392-c--a-wc:\windows\system32\dllcache\imscinst.exe
+ 2004-08-04 07:56:42274,432-c--a-wc:\windows\system32\dllcache\inetcfg.dll
- 2001-08-23 21:00:00280,576-c--a-wc:\windows\system32\dllcache\inetcplc.dll
+ 2007-07-27 12:00:00110,592-c--a-wc:\windows\system32\dllcache\inetcplc.dll
+ 2004-08-04 07:56:5020,480-c--a-wc:\windows\system32\dllcache\inetwiz.exe
+ 2004-08-04 07:56:5055,808-c--a-wc:\windows\system32\dllcache\ipconfig.exe
+ 2004-08-04 07:56:42330,752-c--a-wc:\windows\system32\dllcache\ippromon.dll
+ 2004-08-04 07:56:5053,248-c--a-wc:\windows\system32\dllcache\ipv6.exe
+ 2004-08-04 07:56:4259,904-c--a-wc:\windows\system32\dllcache\ipv6mon.dll
+ 2004-08-04 07:56:4254,272-c--a-wc:\windows\system32\dllcache\ixsso.dll
- 2008-03-01 13:06:2527,648-c----wc:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-23 04:16:2827,648-c--a-wc:\windows\system32\dllcache\jsproxy.dll
+ 2001-08-17 19:55:566,144-c--a-wc:\windows\system32\dllcache\kbd101b.dll
+ 2001-08-17 19:55:566,144-c--a-wc:\windows\system32\dllcache\kbd101c.dll
+ 2001-08-17 19:55:565,632-c--a-wc:\windows\system32\dllcache\kbd103.dll
+ 2001-08-17 19:55:566,144-c--a-wc:\windows\system32\dllcache\kbd106.dll
+ 2001-08-18 03:36:188,704-c--a-wc:\windows\system32\dllcache\kbdjpn.dll
+ 2001-08-18 03:36:188,192-c--a-wc:\windows\system32\dllcache\kbdkor.dll
+ 2004-08-04 05:56:44423,936-c--a-wc:\windows\system32\dllcache\licdll.dll
+ 2004-08-04 07:56:4258,880-c--a-wc:\windows\system32\dllcache\licwmi.dll
+ 2004-08-04 07:56:4297,280-c--a-wc:\windows\system32\dllcache\loadperf.dll
+ 2004-08-04 07:56:5075,264-c--a-wc:\windows\system32\dllcache\locator.exe
+ 2004-08-04 07:56:5072,704-c--a-wc:\windows\system32\dllcache\magnify.exe
+ 2004-08-04 07:56:42118,272-c--a-wc:\windows\system32\dllcache\mdminst.dll
+ 2004-08-04 07:56:4216,896-c--a-wc:\windows\system32\dllcache\medctroc.dll
+ 2004-08-04 07:56:4222,528-c--a-wc:\windows\system32\dllcache\mfcsubs.dll
+ 2004-08-04 07:56:5132,768-c--a-wc:\windows\system32\dllcache\mnmsrvc.exe
+ 2004-08-04 07:56:51143,360-c--a-wc:\windows\system32\dllcache\mobsync.exe
+ 2004-08-04 07:56:42123,904-c--a-wc:\windows\system32\dllcache\mofd.dll
+ 2004-08-04 07:56:524,639-c--a-wc:\windows\system32\dllcache\mplayer2.exe
+ 2008-02-26 11:59:50294,912-c----wc:\windows\system32\dllcache\msctf.dll
+ 2004-08-04 07:56:43151,552-c--a-wc:\windows\system32\dllcache\msdart.dll
+ 2004-08-04 07:56:536,144-c--a-wc:\windows\system32\dllcache\msdtc.exe
+ 2006-03-01 19:42:42161,280-c--a-wc:\windows\system32\dllcache\msdtcuiu.dll
- 2004-08-04 07:56:43512,029-c--a-wc:\windows\system32\dllcache\msexch40.dll
+ 2008-03-25 04:50:28518,944-c--a-wc:\windows\system32\dllcache\msexch40.dll
- 2004-08-04 07:56:43319,517-c--a-wc:\windows\system32\dllcache\msexcl40.dll
+ 2008-03-25 04:50:30326,432-c--a-wc:\windows\system32\dllcache\msexcl40.dll
- 2008-03-01 13:06:26459,264-c----wc:\windows\system32\dllcache\msfeeds.dll
+ 2008-04-23 04:16:28459,264-c----wc:\windows\system32\dllcache\msfeeds.dll
- 2008-03-01 13:06:2652,224-c----wc:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-04-23 04:16:2852,224-c----wc:\windows\system32\dllcache\msfeedsbs.dll
+ 2004-08-04 07:56:4315,360-c--a-wc:\windows\system32\dllcache\msgrocm.dll
+ 2004-08-04 07:56:4333,792-c--a-wc:\windows\system32\dllcache\msgsvc.dll
- 2008-03-01 23:36:303,591,680-c----wc:\windows\system32\dllcache\mshtml.dll
+ 2008-04-24 03:16:303,591,680-c----wc:\windows\system32\dllcache\mshtml.dll
- 2008-03-01 13:06:28478,208-c----wc:\windows\system32\dllcache\mshtmled.dll
+ 2008-04-23 04:16:28478,208-c--a-wc:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-04 07:56:4351,712-c--a-wc:\windows\system32\dllcache\msident.dll
+ 2004-08-04 07:56:43248,832-c--a-wc:\windows\system32\dllcache\msieftp.dll
+ 2004-08-04 07:56:43376,320-c--a-wc:\windows\system32\dllcache\msinfo.dll
- 2004-08-04 07:56:431,507,356-c--a-wc:\windows\system32\dllcache\msjet40.dll
+ 2008-03-25 04:50:341,516,568-c--a-wc:\windows\system32\dllcache\msjet40.dll
- 2004-07-17 18:34:46358,976-c--a-wc:\windows\system32\dllcache\msjetol1.dll
+ 2008-03-25 04:50:40355,112-c--a-wc:\windows\system32\dllcache\msjetol1.dll
- 2004-08-04 07:56:43151,583-c--a-wc:\windows\system32\dllcache\msjint40.dll
+ 2008-03-27 08:12:54151,583-c--a-wc:\windows\system32\dllcache\msjint40.dll
- 2004-08-04 07:56:4353,279-c--a-wc:\windows\system32\dllcache\msjter40.dll
+ 2008-03-25 04:50:4260,192-c--a-wc:\windows\system32\dllcache\msjter40.dll
- 2004-08-04 07:56:43241,693-c--a-wc:\windows\system32\dllcache\msjtes40.dll
+ 2008-03-25 04:50:42248,608-c--a-wc:\windows\system32\dllcache\msjtes40.dll
- 2004-08-04 07:56:43213,023-c--a-wc:\windows\system32\dllcache\msltus40.dll
+ 2008-03-25 04:50:44219,936-c--a-wc:\windows\system32\dllcache\msltus40.dll
+ 2004-08-04 07:56:43169,984-c--a-wc:\windows\system32\dllcache\msmqocm.dll
+ 2004-08-04 07:56:43252,928-c--a-wc:\windows\system32\dllcache\msoeacct.dll
+ 2004-08-04 07:56:182,479,616-c--a-wc:\windows\system32\dllcache\msoeres.dll
- 2004-08-04 07:56:43348,189-c--a-wc:\windows\system32\dllcache\mspbde40.dll
+ 2008-03-25 04:50:45355,104-c--a-wc:\windows\system32\dllcache\mspbde40.dll
- 2008-03-01 13:06:28193,024-c----wc:\windows\system32\dllcache\msrating.dll
+ 2008-04-23 04:16:28193,024-c--a-wc:\windows\system32\dllcache\msrating.dll
- 2004-08-04 07:56:43421,919-c--a-wc:\windows\system32\dllcache\msrd2x40.dll
+ 2008-03-25 04:50:47432,928-c--a-wc:\windows\system32\dllcache\msrd2x40.dll
- 2004-08-04 07:56:43315,423-c--a-wc:\windows\system32\dllcache\msrd3x40.dll
+ 2008-03-25 04:50:49322,336-c--a-wc:\windows\system32\dllcache\msrd3x40.dll
- 2004-08-04 07:56:43552,989-c--a-wc:\windows\system32\dllcache\msrepl40.dll
+ 2008-03-25 04:50:52559,904-c--a-wc:\windows\system32\dllcache\msrepl40.dll
- 2004-08-04 07:56:43258,077-c--a-wc:\windows\system32\dllcache\mstext40.dll
+ 2008-03-25 04:50:55264,992-c--a-wc:\windows\system32\dllcache\mstext40.dll
- 2008-03-01 13:06:29671,232-c----wc:\windows\system32\dllcache\mstime.dll
+ 2008-04-23 04:16:28671,232-c--a-wc:\windows\system32\dllcache\mstime.dll
+ 2004-08-04 05:59:40407,552-c--a-wc:\windows\system32\dllcache\mstsc.exe
+ 2004-08-04 07:56:431,428,480-c--a-wc:\windows\system32\dllcache\msvidctl.dll
- 2004-08-04 07:56:44831,519-c--a-wc:\windows\system32\dllcache\mswdat10.dll
+ 2008-03-25 04:50:57838,432-c--a-wc:\windows\system32\dllcache\mswdat10.dll
- 2004-08-04 07:56:44614,429-c--a-wc:\windows\system32\dllcache\mswstr10.dll
+ 2008-03-25 04:50:58621,344-c--a-wc:\windows\system32\dllcache\mswstr10.dll
- 2004-08-04 07:56:44348,189-c--a-wc:\windows\system32\dllcache\msxbde40.dll
+ 2008-03-25 04:50:58355,104-c--a-wc:\windows\system32\dllcache\msxbde40.dll
+ 2004-08-04 07:56:44701,440-c--a-wc:\windows\system32\dllcache\msxml2.dll
+ 2004-08-04 07:56:5442,496-c--a-wc:\windows\system32\dllcacheet.exe
+ 2004-08-04 07:56:54111,104-c--a-wc:\windows\system32\dllcacheetdde.exe
+ 2004-08-04 07:56:4477,312-c--a-wc:\windows\system32\dllcacheetoc.dll
+ 2004-08-04 07:56:44875,008-c--a-wc:\windows\system32\dllcacheetplwiz.dll
+ 2004-08-04 07:56:5486,016-c--a-wc:\windows\system32\dllcacheetsh.exe
+ 2004-08-04 07:56:5436,864-c--a-wc:\windows\system32\dllcacheetstat.exe
+ 2004-08-04 07:56:44103,936-c--a-wc:\windows\system32\dllcachelhtml.dll
+ 2004-08-04 07:56:44188,416-c--a-wc:\windows\system32\dllcachemwb.dll
+ 2004-08-04 07:56:541,200,128-c--a-wc:\windows\system32\dllcachetbackup.exe
+ 2004-08-04 07:56:44212,992-c--a-wc:\windows\system32\dllcachetevt.dll
+ 2004-08-04 05:45:1434,560-c--a-wc:\windows\system32\dllcachetio404.sys
+ 2004-08-04 05:45:1035,648-c--a-wc:\windows\system32\dllcachetio411.sys
+ 2004-08-04 07:56:4440,960-c--a-wc:\windows\system32\dllcachetmsapi.dll
+ 2004-08-04 07:56:44435,200-c--a-wc:\windows\system32\dllcachetmssvc.dll
+ 2004-08-04 07:56:4462,976-c--a-wc:\windows\system32\dllcachetoc.dll
+ 2004-08-04 07:56:4491,136-c--a-wc:\windows\system32\dllcachetprint.dll
- 2008-03-01 13:06:29102,912-c----wc:\windows\system32\dllcache\occache.dll
+ 2008-04-23 04:16:28102,912-c----wc:\windows\system32\dllcache\occache.dll
+ 2004-08-04 07:56:4415,872-c--a-wc:\windows\system32\dllcache\ocgen.dll
+ 2004-08-04 07:56:4417,408-c--a-wc:\windows\system32\dllcache\ocmsn.dll
+ 2004-08-04 07:56:5432,768-c--a-wc:\windows\system32\dllcache\odbcad32.exe
+ 2004-08-04 07:56:44104,448-c--a-wc:\windows\system32\dllcache\oeimport.dll
+ 2004-08-04 07:56:44120,832-c--a-wc:\windows\system32\dllcache\offfilt.dll
+ 2004-08-04 07:56:44487,424-c--a-wc:\windows\system32\dllcache\oledb32.dll
+ 2004-08-04 07:56:4465,536-c--a-wc:\windows\system32\dllcache\oledb32r.dll
+ 2004-08-04 07:56:55215,552-c--a-wc:\windows\system32\dllcache\osk.exe
+ 2004-08-04 07:56:44116,224-c--a-wc:\windows\system32\dllcache\p2p.dll
+ 2004-08-04 07:56:4486,016-c--a-wc:\windows\system32\dllcache\p2pgasvc.dll
+ 2004-08-04 07:56:4488,064-c--a-wc:\windows\system32\dllcache\p2pnetsh.dll
+ 2004-08-04 07:56:44526,848-c--a-wc:\windows\system32\dllcache\p2psvc.dll
+ 2004-08-04 07:56:4462,976-c--a-wc:\windows\system32\dllcache\pautoenr.dll
+ 2004-08-04 07:56:44102,400-c--a-wc:\windows\system32\dllcache\pchshell.dll
+ 2004-08-04 07:56:4439,936-c--a-wc:\windows\system32\dllcache\perfctrs.dll
+ 2004-08-04 07:56:4426,624-c--a-wc:\windows\system32\dllcache\perfdisk.dll
+ 2004-08-04 07:56:5515,872-c--a-wc:\windows\system32\dllcache\perfmon.exe
+ 2004-08-04 07:56:4434,816-c--a-wc:\windows\system32\dllcache\perfproc.dll
+ 2004-08-04 07:56:44176,128-c--a-wc:\windows\system32\dllcache\photowiz.dll
+ 2004-08-04 07:56:55281,088-c--a-wc:\windows\system32\dllcache\pinball.exe
+ 2004-08-04 05:31:4870,144-c--a-wc:\windows\system32\dllcache\pintlphr.exe
+ 2004-08-04 05:31:4967,584-c--a-wc:\windows\system32\dllcache\pmigrate.dll
- 2008-03-01 13:06:2944,544-c--a-wc:\windows\system32\dllcache\pngfilt.dll
+ 2008-04-23 04:16:2844,544-c--a-wc:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-04 07:56:55109,568-c--a-wc:\windows\system32\dllcache\progman.exe
+ 2004-08-04 07:56:44237,056-c--a-wc:\windows\system32\dllcache\provthrd.dll
+ 2004-08-04 07:56:4443,520-c--a-wc:\windows\system32\dllcache\pstorec.dll
+ 2004-08-04 07:56:44192,512-c--a-wc:\windows\system32\dllcache\qcap.dll
+ 2004-08-04 07:56:4418,944-c--a-wc:\windows\system32\dllcache\qmgrprxy.dll
- 2007-10-29 22:43:031,287,680-c----wc:\windows\system32\dllcache\quartz.dll
+ 2008-05-07 05:18:481,287,680-c----wc:\windows\system32\dllcache\quartz.dll
+ 2004-08-04 07:56:4443,520-c--a-wc:\windows\system32\dllcache\racpldlg.dll
+ 2004-08-04 07:56:4489,088-c--a-wc:\windows\system32\dllcache\rasauto.dll
+ 2004-08-04 07:56:44102,400-c--a-wc:\windows\system32\dllcache\rcbdyctl.dll
+ 2004-08-04 07:56:5535,840-c--a-wc:\windows\system32\dllcache\rcimlby.exe
+ 2004-08-04 07:56:5521,504-c--a-wc:\windows\system32\dllcache\rcp.exe
+ 2004-08-04 07:56:5562,464-c--a-wc:\windows\system32\dllcache\rdpclip.exe
+ 2004-08-04 07:56:5567,072-c--a-wc:\windows\system32\dllcache\rdshost.exe
+ 2004-08-04 07:56:5511,776-c--a-wc:\windows\system32\dllcache\regsvr32.exe
- 2006-07-13 08:48:58202,240-c--a-wc:\windows\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49202,752-c--a-wc:\windows\system32\dllcache\rmcast.sys
+ 2004-08-04 07:56:55380,416-c--a-wc:\windows\system32\dllcache\rstrui.exe
+ 2004-08-04 07:56:5514,336-c--a-wc:\windows\system32\dllcache\runonce.exe
+ 2004-08-04 07:56:4429,696-c--a-wc:\windows\system32\dllcache\safrdm.dll
+ 2004-08-04 07:56:4445,568-c--a-wc:\windows\system32\dllcache\safrslv.dll
+ 2004-08-04 07:56:5513,312-c--a-wc:\windows\system32\dllcache\savedump.exe
+ 2004-08-04 07:56:5595,744-c--a-wc:\windows\system32\dllcache\scardsvr.exe
+ 2004-08-04 07:56:44159,744-c--a-wc:\windows\system32\dllcache\scrobj.dll
+ 2004-08-04 07:56:44151,552-c--a-wc:\windows\system32\dllcache\scrrun.dll
+ 2004-08-04 07:56:4429,184-c--a-wc:\windows\system32\dllcache\sdhcinst.dll
+ 2004-08-04 07:56:56140,800-c--a-wc:\windows\system32\dllcache\sessmgr.exe
+ 2004-08-04 07:56:5673,216-c--a-wc:\windows\system32\dllcache\setup50.exe
+ 2004-08-04 07:56:44101,376-c--a-wc:\windows\system32\dllcache\setupqry.dll
+ 2004-08-04 07:56:5642,496-c--a-wc:\windows\system32\dllcache\shmgrate.exe
+ 2004-08-04 07:56:4527,648-c--a-wc:\windows\system32\dllcache\shscrap.dll
+ 2004-08-04 07:56:453,901-c--a-wc:\windows\system32\dllcache\siint5.dll
+ 2004-08-04 07:56:4525,088-c--a-wc:\windows\system32\dllcache\slayerxp.dll
+ 2004-08-04 07:56:5689,600-c--a-wc:\windows\system32\dllcache\smlogsvc.exe
+ 2004-08-04 07:56:452,134,528-c--a-wc:\windows\system32\dllcache\smtpsnap.dll
+ 2004-08-04 07:56:57538,624-c--a-wc:\windows\system32\dllcache\spider.exe
+ 2001-08-23 21:00:0069,632-c--a-wc:\windows\system32\dllcache\spnike.dll
+ 2004-08-04 05:56:5811,776-c--a-wc:\windows\system32\dllcache\spnpinst.exe
+ 2001-08-23 21:00:0070,656-c--a-wc:\windows\system32\dllcache\sprio600.dll
+ 2004-08-04 07:56:45136,704-c--a-wc:\windows\system32\dllcache\sti_ci.dll
+ 2001-08-23 21:00:008,192-c--a-wc:\windows\system32\dllcache\streamci.dll
+ 2004-08-04 07:56:4575,776-c--a-wc:\windows\system32\dllcache\strmfilt.dll
+ 2004-08-04 07:56:46191,488-c--a-wc:\windows\system32\dllcache\syncui.dll
+ 2004-08-04 07:56:4633,792-c--a-wc:\windows\system32\dllcache\tabletoc.dll
+ 2005-05-10 23:45:4875,776-c--a-wc:\windows\system32\dllcache\telnet.exe
+ 2004-08-04 05:32:1544,032-c--a-wc:\windows\system32\dllcache\tintlphr.exe
+ 2004-08-04 07:56:5773,216-c--a-wc:\windows\system32\dllcache\tlntsvr.exe
+ 2004-08-04 05:32:1310,240-c--a-wc:\windows\system32\dllcache\tmigrate.dll
+ 2004-08-04 07:56:57347,136-c--a-wc:\windows\system32\dllcache\tourstrt.exe
+ 2004-08-04 07:56:5712,288-c--a-wc:\windows\system32\dllcache\tracert.exe
+ 2004-08-04 08:01:0712,168-c--a-wc:\windows\system32\dllcache\tsddd.dll
+ 2004-08-04 07:56:46121,856-c--a-wc:\windows\system32\dllcache\tsoc.dll
+ 2004-08-04 07:56:46275,456-c--a-wc:\windows\system32\dllcache\ulib.dll
+ 2004-08-04 06:04:1176,288-c--a-wc:\windows\system32\dllcache\uniime.dll
+ 2004-08-04 07:56:57150,528-c--a-wc:\windows\system32\dllcache\uploadm.exe
+ 2004-08-04 07:56:5718,432-c--a-wc:\windows\system32\dllcache\ups.exe
- 2008-03-01 13:06:29105,984-c----wc:\windows\system32\dllcache\url.dll
+ 2008-04-23 04:16:28105,984-c----wc:\windows\system32\dllcache\url.dll
- 2008-03-01 13:06:301,159,680-c----wc:\windows\system32\dllcache\urlmon.dll
+ 2008-04-23 04:16:291,159,680-c----wc:\windows\system32\dllcache\urlmon.dll
+ 2004-08-04 07:56:4674,240-c--a-wc:\windows\system32\dllcache\usbui.dll
+ 2004-08-04 07:56:5750,176-c--a-wc:\windows\system32\dllcache\utilman.exe
+ 2004-08-04 07:56:4611,325-c--a-wc:\windows\system32\dllcache\vchnt5.dll
+ 2004-08-04 07:56:57289,792-c--a-wc:\windows\system32\dllcache\vssvc.exe
+ 2004-08-04 07:56:4615,872-c--a-wc:\windows\system32\dllcache\w3ssl.dll
+ 2004-08-04 07:56:5746,080-c--a-wc:\windows\system32\dllcache\wab.exe
+ 2004-08-04 07:56:34249,856-c--a-wc:\windows\system32\dllcache\wab32res.dll
+ 2004-08-04 07:56:4632,768-c--a-wc:\windows\system32\dllcache\wabfind.dll
- 2008-03-01 13:06:30233,472-c----wc:\windows\system32\dllcache\webcheck.dll
+ 2008-04-23 04:16:29233,472-c----wc:\windows\system32\dllcache\webcheck.dll
+ 2004-08-04 07:56:4675,776-c--a-wc:\windows\system32\dllcache\wiascr.dll
- 2008-03-01 13:06:31826,368-c----wc:\windows\system32\dllcache\wininet.dll
+ 2008-04-23 04:16:29826,368-c----wc:\windows\system32\dllcache\wininet.dll
+ 2004-08-04 07:56:57196,608-c--a-wc:\windows\system32\dllcache\wmiadap.exe
+ 2004-08-04 07:56:356,656-c--a-wc:\windows\system32\dllcache\wmiapres.dll
+ 2004-08-04 07:56:4689,088-c--a-wc:\windows\system32\dllcache\wmiaprpl.dll
+ 2004-08-04 07:56:57126,464-c--a-wc:\windows\system32\dllcache\wmiapsrv.exe
+ 2004-08-04 07:56:46156,672-c--a-wc:\windows\system32\dllcache\wmipcima.dll
+ 2004-08-04 07:56:46144,896-c--a-wc:\windows\system32\dllcache\wmiprov.dll
+ 2004-08-04 07:56:46167,936-c--a-wc:\windows\system32\dllcache\wmm2ae.dll
+ 2004-08-04 07:56:464,096-c--a-wc:\windows\system32\dllcache\wmm2eres.dll
+ 2004-08-04 07:56:467,680-c--a-wc:\windows\system32\dllcache\wmm2ext.dll
+ 2004-08-04 07:56:46402,432-c--a-wc:\windows\system32\dllcache\wmm2filt.dll
+ 2004-08-04 07:56:46502,272-c--a-wc:\windows\system32\dllcache\wmm2fxa.dll
+ 2004-08-04 07:56:46325,632-c--a-wc:\windows\system32\dllcache\wmm2fxb.dll
+ 2004-08-04 07:56:464,256,768-c--a-wc:\windows\system32\dllcache\wmm2res.dll
+ 2004-08-04 07:56:465,632-c--a-wc:\windows\system32\dllcache\wmm2res2.dll
+ 2004-08-04 07:56:5713,824-c--a-wc:\windows\system32\dllcache\wscntfy.exe
+ 2004-08-04 07:56:57114,688-c--a-wc:\windows\system32\dllcache\wscript.exe
+ 2004-08-04 07:56:46596,992-c--a-wc:\windows\system32\dllcache\wsecedit.dll
+ 2004-08-04 07:56:46378,368-c--a-wc:\windows\system32\dllcache\wzcdlg.dll
+ 2004-08-04 07:56:4691,648-c--a-wc:\windows\system32\dllcache\xactsrv.dll
+ 2004-08-04 07:56:46129,536-c--a-wc:\windows\system32\dllcache\xmlprov.dll
+ 2004-08-04 07:56:36187,392-c--a-wc:\windows\system32\dllcache\xpsp1res.dll
- 2004-08-04 06:10:37274,304------wc:\windows\system32\drivers\bthport.sys
+ 2008-04-14 11:01:02272,128------wc:\windows\system32\drivers\bthport.sys
- 2006-07-13 08:48:58202,240----a-wc:\windows\system32\drivers\rmcast.sys
+ 2008-05-08 12:28:49202,752----a-wc:\windows\system32\drivers\rmcast.sys
- 2008-03-01 13:06:21347,136----a-wc:\windows\system32\dxtmsft.dll
+ 2008-04-23 04:16:28347,136-c--a-wc:\windows\system32\dxtmsft.dll
- 2008-03-01 13:06:21214,528------wc:\windows\system32\dxtrans.dll
+ 2008-04-23 04:16:28214,528-c----wc:\windows\system32\dxtrans.dll
- 2008-03-01 13:06:21133,120------wc:\windows\system32\extmgr.dll
+ 2008-04-23 04:16:28133,120-c----wc:\windows\system32\extmgr.dll
- 2008-04-10 04:29:021,665,104----a-wc:\windows\system32\FNTCACHE.DAT
+ 2008-09-22 12:40:561,665,216----a-wc:\windows\system32\FNTCACHE.DAT
- 2008-04-04 20:20:06115,880----a-wc:\windows\system32\GDIPFONTCACHEV1.DAT
+ 2008-09-21 20:26:06115,880-c--a-wc:\windows\system32\GDIPFONTCACHEV1.DAT
- 2004-08-04 07:56:42159,744----a-wc:\windows\system32\hotplug.dll
+ 2004-08-04 07:56:42144,896----a-wc:\windows\system32\hotplug.dll
- 2008-03-01 13:06:2163,488----a-wc:\windows\system32\icardie.dll
+ 2008-04-23 04:16:2863,488-c--a-wc:\windows\system32\icardie.dll
- 2008-02-29 08:55:2370,656------wc:\windows\system32\ie4uinit.exe
+ 2008-04-22 07:39:5870,656-c----wc:\windows\system32\ie4uinit.exe
- 2008-03-01 13:06:21153,088------wc:\windows\system32\ieakeng.dll
+ 2008-04-23 04:16:28153,088-c----wc:\windows\system32\ieakeng.dll
- 2008-03-01 13:06:21230,400------wc:\windows\system32\ieaksie.dll
+ 2008-04-23 04:16:28230,400-c----wc:\windows\system32\ieaksie.dll
- 2008-02-15 05:44:25161,792------wc:\windows\system32\ieakui.dll
+ 2008-04-20 05:07:51161,792-c----wc:\windows\system32\ieakui.dll
- 2008-03-01 13:06:22383,488----a-wc:\windows\system32\ieapfltr.dll
+ 2008-04-23 04:16:28383,488----a-wc:\windows\system32\ieapfltr.dll
- 2008-03-01 13:06:22384,512------wc:\windows\system32\iedkcs32.dll
+ 2008-04-23 04:16:28384,512-c----wc:\windows\system32\iedkcs32.dll
- 2008-03-01 13:06:246,066,176----a-wc:\windows\system32\ieframe.dll
+ 2008-04-23 04:16:286,066,176----a-wc:\windows\system32\ieframe.dll
- 2008-03-01 13:06:2444,544------wc:\windows\system32\iernonce.dll
+ 2008-04-23 04:16:2844,544-c----wc:\windows\system32\iernonce.dll
- 2008-03-01 13:06:25267,776----a-wc:\windows\system32\iertutil.dll
+ 2008-04-23 04:16:28267,776----a-wc:\windows\system32\iertutil.dll
- 2008-02-22 10:00:5113,824----a-wc:\windows\system32\ieudinit.exe
+ 2008-04-22 07:39:5813,824-c--a-wc:\windows\system32\ieudinit.exe
- 2001-08-23 21:00:00280,576----a-wc:\windows\system32\inetcplc.dll
+ 2007-07-27 12:00:00110,592----a-wc:\windows\system32\inetcplc.dll
- 2008-02-22 06:23:35135,168----a-wc:\windows\system32\java.exe
+ 2008-03-25 06:28:39135,168----a-wc:\windows\system32\java.exe
- 2008-02-22 06:23:39135,168----a-wc:\windows\system32\javaw.exe
+ 2008-03-25 06:28:43135,168----a-wc:\windows\system32\javaw.exe
- 2008-02-22 07:33:32139,264----a-wc:\windows\system32\javaws.exe
+ 2008-03-25 07:37:01139,264----a-wc:\windows\system32\javaws.exe
- 2008-03-01 13:06:2527,648------wc:\windows\system32\jsproxy.dll
+ 2008-04-23 04:16:2827,648-c----wc:\windows\system32\jsproxy.dll
- 2004-08-04 07:56:42402,944----a-wc:\windows\system32\keymgr.dll
+ 2004-08-04 07:56:42150,528----a-wc:\windows\system32\keymgr.dll
- 2008-04-06 05:56:2019,836,024----a-wc:\windows\system32\MRT.exe
+ 2008-11-03 21:10:2617,318,336-c--a-wc:\windows\system32\MRT.exe
- 2004-08-04 07:56:42294,400----a-wc:\windows\system32\msctf.dll
+ 2008-02-26 11:59:50294,912----a-wc:\windows\system32\msctf.dll
- 2004-08-04 07:56:43512,029-c--a-wc:\windows\system32\msexch40.dll
+ 2008-03-25 04:50:28518,944-c--a-wc:\windows\system32\msexch40.dll
- 2004-08-04 07:56:43319,517-c--a-wc:\windows\system32\msexcl40.dll
+ 2008-03-25 04:50:30326,432-c--a-wc:\windows\system32\msexcl40.dll
- 2008-03-01 13:06:26459,264----a-wc:\windows\system32\msfeeds.dll
+ 2008-04-23 04:16:28459,264-c--a-wc:\windows\system32\msfeeds.dll
- 2008-03-01 13:06:2652,224----a-wc:\windows\system32\msfeedsbs.dll
+ 2008-04-23 04:16:2852,224-c--a-wc:\windows\system32\msfeedsbs.dll
- 2008-03-01 23:36:303,591,680----a-wc:\windows\system32\mshtml.dll
+ 2008-04-24 03:16:303,591,680----a-wc:\windows\system32\mshtml.dll
- 2008-03-01 13:06:28478,208------wc:\windows\system32\mshtmled.dll
+ 2008-04-23 04:16:28478,208-c----wc:\windows\system32\mshtmled.dll
- 2003-02-28 23:26:26947,472----a-wc:\windows\system32\msjava.dll
+ 2007-02-13 21:22:54947,472----a-wc:\windows\system32\msjava.dll
- 2004-08-04 07:56:431,507,356-c--a-wc:\windows\system32\msjet40.dll
+ 2008-03-25 04:50:341,516,568-c--a-wc:\windows\system32\msjet40.dll
- 2004-07-17 18:34:46358,976-c--a-wc:\windows\system32\msjetoledb40.dll
+ 2008-03-25 04:50:40355,112-c--a-wc:\windows\system32\msjetoledb40.dll
- 2004-08-04 07:56:43151,583-c--a-wc:\windows\system32\msjint40.dll
+ 2008-03-27 08:12:54151,583-c--a-wc:\windows\system32\msjint40.dll
- 2004-08-04 07:56:4353,279-c--a-wc:\windows\system32\msjter40.dll
+ 2008-03-25 04:50:4260,192-c--a-wc:\windows\system32\msjter40.dll
- 2004-08-04 07:56:43241,693-c--a-wc:\windows\system32\msjtes40.dll
+ 2008-03-25 04:50:42248,608-c--a-wc:\windows\system32\msjtes40.dll
- 2004-08-04 07:56:43213,023-c--a-wc:\windows\system32\msltus40.dll
+ 2008-03-25 04:50:44219,936-c--a-wc:\windows\system32\msltus40.dll
- 2004-08-04 07:56:43348,189-c--a-wc:\windows\system32\mspbde40.dll
+ 2008-03-25 04:50:45355,104-c--a-wc:\windows\system32\mspbde40.dll
- 2008-03-01 13:06:28193,024------wc:\windows\system32\msrating.dll
+ 2008-04-23 04:16:28193,024-c----wc:\windows\system32\msrating.dll
- 2004-08-04 07:56:43421,919-c--a-wc:\windows\system32\msrd2x40.dll
+ 2008-03-25 04:50:47432,928-c--a-wc:\windows\system32\msrd2x40.dll
- 2004-08-04 07:56:43315,423-c--a-wc:\windows\system32\msrd3x40.dll
+ 2008-03-25 04:50:49322,336-c--a-wc:\windows\system32\msrd3x40.dll
- 2004-08-04 07:56:43552,989-c--a-wc:\windows\system32\msrepl40.dll
+ 2008-03-25 04:50:52559,904-c--a-wc:\windows\system32\msrepl40.dll
- 2004-08-04 07:56:43258,077-c--a-wc:\windows\system32\mstext40.dll
+ 2008-03-25 04:50:55264,992-c--a-wc:\windows\system32\mstext40.dll
- 2008-03-01 13:06:29671,232------wc:\windows\system32\mstime.dll
+ 2008-04-23 04:16:28671,232-c----wc:\windows\system32\mstime.dll
- 2004-08-04 05:59:43657,408----a-wc:\windows\system32\mstscax.dll
+ 2004-08-04 05:59:43655,360----a-wc:\windows\system32\mstscax.dll
- 2004-08-04 07:56:44831,519-c--a-wc:\windows\system32\mswdat10.dll
+ 2008-03-25 04:50:57838,432-c--a-wc:\windows\system32\mswdat10.dll
- 2004-08-04 07:56:44614,429-c--a-wc:\windows\system32\mswstr10.dll
+ 2008-03-25