ComboFix 08-05-19.4 - Michael 2008-05-20 16:19:29.3 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1093 [GMT 1:00] Running from: C:\Users\Michael\Desktop\ComboFix.exe * Resident AV is active . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Windows\System32\gPqtBJjl.ini C:\Windows\System32\gPqtBJjl.ini2 C:\Windows\system32\nxilshwr.ini . ---- Previous Run ------- . C:\Program Files\WebGuide C:\Program Files\WebGuide\WebGuide4\app_data\config_error.txt C:\Program Files\WebGuide\WebGuide4\app_data\config_log.txt C:\Program Files\WebGuide\WebGuide4\app_data\missing_Strings.txt C:\Program Files\WebGuide\WebGuide4\app_data\roles.xml C:\Program Files\WebGuide\WebGuide4\app_data\settings.xml C:\Program Files\WebGuide\WebGuide4\app_data\users.xml C:\Program Files\WebGuide\WebGuide4\app_data\web_error.txt C:\Program Files\WebGuide\WebGuide4\app_data\web_log.txt C:\Program Files\WebGuide\WebGuide4\app_data\wg_connect.xml C:\Program Files\WebGuide\WebGuide4\app_data\WGStreamService_log.txt C:\Program Files\WebGuide\WebGuide4\bin\WebGuideServicedComponent.tlb C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat C:\Users\Michael\AppData\Roaming\inst.exe C:\Windows\System32\gPqtBJjl.ini C:\Windows\System32\gPqtBJjl.ini2 . ((((((((((((((((((((((((( Files Created from 2008-04-20 to 2008-05-20 ))))))))))))))))))))))))))))))) . 2008-05-19 22:12 . 2008-05-19 22:12 d-------- C:\fixwareout 2008-05-19 22:04 . 2008-05-19 22:04 134,656 --a------ C:\Windows\System32\vlowspyj.dll 2008-05-19 22:03 . 2008-05-19 22:03 114,688 --a------ C:\Windows\System32\rwhslixn.dll 2008-05-19 21:34 . 2008-05-19 21:34 2,560 --a------ C:\Windows\System32\toqtdjtl.exe 2008-05-19 21:27 . 2008-05-19 21:27 d-------- C:\VundoFix Backups 2008-05-19 21:25 . 2008-05-19 21:25 124,928 --a------ C:\Windows\System32\drenaore.dll 2008-05-19 21:24 . 2008-05-19 21:24 92,160 --a------ C:\Windows\System32\uvdqvobd.dll 2008-05-19 21:18 . 2008-05-19 18:41 56,320 --a------ C:\Windows\System32\mlJYstSK.dll 2008-05-19 20:45 . 2008-05-19 20:45 d-------- C:\Program Files\Trend Micro 2008-05-19 19:34 . 2008-05-19 19:34 134,656 --a------ C:\Windows\System32\gmklstyu.dll 2008-05-19 18:55 . 2008-05-19 18:55 114,688 --a------ C:\Windows\System32\spxaudwh.dll 2008-05-19 18:52 . 2008-05-19 18:52 2,560 --a------ C:\Windows\System32\oamjyayc.exe 2008-05-19 18:49 . 2008-05-19 18:49 124,928 --a------ C:\Windows\System32\qtakwlwq.dll 2008-05-19 18:48 . 2008-05-19 18:48 92,160 --a------ C:\Windows\System32\vfkwqivg.dll 2008-05-19 18:46 . 2008-05-19 18:46 371,712 --a------ C:\Windows\System32\ljJBtqPg.dll 2008-05-19 18:35 . 2008-05-19 18:38 d-------- C:\Users\Michael\Torrents 2008-05-18 12:51 . 2008-05-18 12:58 524,288 --ahs---- C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{31975520-24c1-11dd-a51f-005056c00008}.TMContainer00000000000000000002.regtrans-ms 2008-05-18 12:51 . 2008-05-20 16:24 524,288 --ahs---- C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{31975520-24c1-11dd-a51f-005056c00008}.TMContainer00000000000000000001.regtrans-ms 2008-05-18 12:51 . 2008-05-18 12:58 524,288 --ahs---- C:\Users\Michael\NTUSER.DAT{31975522-24c1-11dd-a51f-005056c00008}.TMContainer00000000000000000002.regtrans-ms 2008-05-18 12:51 . 2008-05-20 16:24 524,288 --ahs---- C:\Users\Michael\NTUSER.DAT{31975522-24c1-11dd-a51f-005056c00008}.TMContainer00000000000000000001.regtrans-ms 2008-05-18 12:51 . 2008-05-20 16:24 65,536 --ahs---- C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{31975520-24c1-11dd-a51f-005056c00008}.TM.blf 2008-05-18 12:51 . 2008-05-20 16:24 65,536 --ahs---- C:\Users\Michael\NTUSER.DAT{31975522-24c1-11dd-a51f-005056c00008}.TM.blf 2008-05-17 13:36 . 2008-05-17 13:36 d-------- C:\Users\Michael\AppData\Roaming\NCH Swift Sound 2008-05-17 13:36 . 2008-05-17 13:36 d-------- C:\Program Files\NCH Swift Sound 2008-05-16 15:32 . 2008-05-16 15:32 d-------- C:\Program Files\MillieSoft 2008-05-16 15:13 . 2008-05-16 15:13 d-------- C:\Program Files\Devnz 2008-05-15 13:30 . 2008-01-27 01:09 615,424 --a------ C:\Windows\System32\themeui.dll 2008-05-15 13:30 . 2008-01-27 01:09 240,128 --a------ C:\Windows\System32\uxtheme.dll 2008-05-14 15:56 . 2008-05-14 15:56 d-------- C:\merged 2008-05-13 18:18 . 2008-05-13 18:18 d-------- C:\Users\Michael\AppData\Roaming\vlc 2008-05-13 18:16 . 2008-05-13 18:16 d-------- C:\Program Files\VideoLAN 2008-05-13 17:43 . 2008-05-13 17:43 d-------- C:\Program Files\DVD Decrypter 2008-05-13 13:12 . 2008-05-13 13:12 dr------- C:\Windows\System32\config\systemprofile\Videos 2008-05-13 13:12 . 2008-05-13 13:12 dr------- C:\Windows\System32\config\systemprofile\Searches 2008-05-13 13:12 . 2008-05-13 13:12 dr------- C:\Windows\System32\config\systemprofile\Saved Games 2008-05-13 13:12 . 2008-05-13 13:12 dr------- C:\Windows\System32\config\systemprofile\Pictures 2008-05-13 13:12 . 2008-05-13 13:12 dr------- C:\Windows\System32\config\systemprofile\Music 2008-05-13 13:12 . 2008-05-13 13:12 dr------- C:\Windows\System32\config\systemprofile\Links 2008-05-13 13:12 . 2008-05-13 13:12 dr------- C:\Windows\System32\config\systemprofile\Downloads 2008-05-13 13:12 . 2008-05-13 13:12 dr------- C:\Windows\System32\config\systemprofile\Documents 2008-05-13 13:12 . 2008-05-13 13:12 d-------- C:\Users\Michael\AppData\Roaming\Nikon 2008-05-13 13:11 . 2008-05-13 13:11 d-------- C:\Program Files\Nikon 2008-05-13 13:10 . 2008-05-13 13:10 d-------- C:\ProgramData\Ultima_T15 2008-05-13 13:10 . 2008-05-13 13:10 d-------- C:\ProgramData\EnterNHelp 2008-05-13 13:10 . 2008-05-13 13:13 d-------- C:\Program Files\Common Files\Nikon 2008-05-13 13:10 . 2008-05-13 13:10 0 --a------ C:\ProgramData\PKP_DLbz.DAT 2008-05-12 19:19 . 2008-05-12 19:19 d-------- C:\Users\Michael\AppData\Roaming\iPodifier 2008-05-12 19:19 . 2008-05-12 19:19 d-------- C:\Program Files\iPodifier 2008-05-12 19:18 . 2008-05-12 19:18 d-------- C:\Windows\Downloaded Installations 2008-05-08 18:46 . 2008-05-08 18:56 d-------- C:\Users\Michael\AppData\Roaming\Winamp 2008-05-08 18:46 . 2008-05-08 18:47 d-------- C:\Program Files\Winamp 2008-05-07 11:50 . 2008-05-07 11:50 d-------- C:\Program Files\vixy.net 2008-05-04 15:39 . 2008-05-17 12:46 d-------- C:\Program Files\Microsoft Visual Studio 9.0 2008-05-04 15:30 . 2008-05-04 15:30 d-------- C:\temp\ext18866 2008-05-04 15:30 . 2008-05-04 15:30 d-------- C:\temp 2008-05-03 14:26 . 2008-05-17 13:03 d-------- C:\Program Files\Handbrake 2008-04-30 14:06 . 2008-04-30 14:06 d-------- C:\Program Files\Virtual Earth 3D 2008-04-29 13:59 . 2008-05-20 16:25 54,156 --ah----- C:\Windows\QTFont.qfn 2008-04-29 13:59 . 2008-04-29 13:59 1,409 --a------ C:\Windows\QTFont.for 2008-04-29 13:58 . 2008-04-29 13:58 d-------- C:\Program Files\iTunes 2008-04-29 13:58 . 2008-04-29 13:58 d-------- C:\Program Files\iPod 2008-04-29 13:55 . 2008-04-29 13:55 d-------- C:\Program Files\QuickTime 2008-04-29 13:52 . 2008-04-29 13:52 d-------- C:\Program Files\Apple Software Update 2008-04-29 13:21 . 2008-04-29 13:29 d-------- C:\Users\Michael\AppData\Roaming\FrostWire 2008-04-29 13:21 . 2008-04-29 13:22 d-------- C:\Program Files\FrostWire 2008-04-28 16:26 . 2008-04-30 16:16 d-------- C:\Program Files\Shareaza 2008-04-26 20:00 . 2008-04-26 20:00 d-------- C:\Users\Michael\{a58d0d1c-25cd-4b20-a8e0-1308dcfd2b60} 2008-04-26 19:52 . 2008-04-26 19:52 d-------- C:\Hauppauge 2008-04-26 19:52 . 2007-03-23 18:25 57,472 --a------ C:\Windows\System32\drivers\hcwu2dtd.sys 2008-04-26 19:52 . 2007-03-23 18:21 18,560 --a------ C:\Windows\System32\drivers\hcwu2dtl.sys 2008-04-23 18:44 . 2008-04-23 18:45 d-------- C:\Users\Michael\AppData\Roaming\FLV Extract 2008-04-20 21:29 . 2007-10-08 09:27 436,784 --a------ C:\Windows\System32\vnetlib.dll 2008-04-20 21:29 . 2007-10-08 09:26 150,064 --a------ C:\Windows\System32\vmnat.exe 2008-04-20 21:29 . 2007-10-08 09:26 121,392 --a------ C:\Windows\System32\vmnetdhcp.exe 2008-04-20 21:29 . 2007-10-08 09:26 50,992 -ra------ C:\Windows\System32\vmnetbridge.dll 2008-04-20 21:29 . 2007-10-08 09:26 28,592 -ra------ C:\Windows\System32\drivers\vmnetbridge.sys 2008-04-20 21:29 . 2007-10-08 09:27 25,008 --a------ C:\Windows\System32\drivers\vmnetuserif.sys 2008-04-20 21:29 . 2007-10-08 09:26 17,712 -ra------ C:\Windows\System32\drivers\vmnet.sys 2008-04-20 21:29 . 2007-10-08 09:26 16,816 --a------ C:\Windows\System32\drivers\vmnetadapter.sys 2008-04-20 21:29 . 2007-10-08 09:26 13,104 --a------ C:\Windows\System32\vnetinst.dll 2008-04-20 21:28 . 2007-10-08 09:26 30,768 --a------ C:\Windows\System32\drivers\vmusb.sys 2008-04-20 21:28 . 2007-10-08 09:27 20,912 --a------ C:\Windows\System32\drivers\VMkbd.sys 2008-04-20 21:26 . 2008-04-20 21:26 d-------- C:\Program Files\VMware 2008-04-20 21:26 . 2008-04-20 21:26 d-------- C:\Program Files\Common Files\VMware . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-20 15:25 --------- d-----w C:\Users\Michael\AppData\Roaming\VMware 2008-05-20 11:41 --------- d-----w C:\Users\Michael\AppData\Roaming\SiteAdvisor 2008-05-19 19:46 262,144 ----a-w C:\ntuser.dat 2008-05-19 17:53 --------- d-----w C:\Users\Michael\AppData\Roaming\uTorrent 2008-05-17 12:03 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-17 12:03 --------- d-----w C:\Program Files\nLite 2008-05-17 11:46 --------- d-----w C:\ProgramData\Microsoft Help 2008-05-13 17:59 --------- d-----w C:\Users\Michael\AppData\Roaming\Vso 2008-05-04 14:28 --------- d-----w C:\Program Files\Microsoft Silverlight 2008-04-30 14:56 --------- d-----w C:\Program Files\UltiDev 2008-04-29 13:19 --------- d-----w C:\Users\Michael\AppData\Roaming\VideoReDoPlus 2008-04-29 13:16 --------- d---a-w C:\ProgramData\TEMP 2008-04-29 12:21 --------- d-----w C:\Program Files\LimeWire 2008-04-26 15:39 --------- d-----w C:\Program Files\Microsoft Games 2008-04-26 14:21 --------- d-----w C:\Program Files\RocketDock 2008-04-23 10:19 --------- d-----w C:\ProgramData\VMware 2008-04-19 12:59 --------- d-----w C:\Program Files\DivX 2008-04-19 12:44 --------- d-----w C:\Users\Michael\AppData\Roaming\JAM Software 2008-04-19 12:39 --------- d-----w C:\Program Files\vLite 2008-04-15 18:55 --------- d-----w C:\Program Files\Java 2008-04-15 13:13 --------- d-----w C:\Program Files\Google 2008-04-14 20:24 --------- d-----w C:\Users\Michael\AppData\Roaming\Sony Corporation 2008-04-14 12:59 --------- d-----w C:\Program Files\Microsoft SQL Server 2008-04-14 12:57 --------- d-----w C:\Program Files\Microsoft.NET 2008-04-14 12:33 --------- d-----w C:\Users\Michael\AppData\Roaming\LimeWire 2008-04-12 09:55 --------- d-----w C:\ProgramData\Spybot - Search & Destroy 2008-04-11 22:37 --------- d-----w C:\Program Files\InterMute 2008-04-11 21:32 --------- d-----w C:\Program Files\ESET 2008-04-11 21:07 691 ----a-w C:\Users\Michael\AppData\Roaming\GetValue.vbs 2008-04-11 21:07 35 ----a-w C:\Users\Michael\AppData\Roaming\SetValue.bat 2008-04-10 21:34 --------- d-----w C:\ProgramData\NVIDIA Corporation 2008-04-10 21:34 --------- d-----w C:\Program Files\NVIDIA Corporation 2008-04-09 10:44 --------- d-----w C:\Program Files\Vista4Cast 2008-04-09 10:29 --------- d-----w C:\Program Files\Windows Mail 2008-04-05 12:45 --------- d-----w C:\Program Files\Acoustica Mixcraft 4 2008-04-05 12:44 --------- d-----w C:\Program Files\Acoustica Shared Effects 2008-04-05 10:41 --------- d-----w C:\ProgramData\Pinnacle VideoSpin 2008-04-05 10:40 --------- d-----w C:\ProgramData\VideoSpin 2008-04-05 10:40 --------- d-----w C:\Program Files\Pinnacle 2008-04-05 10:40 --------- d-----w C:\Program Files\Common Files\Yahoo! 2008-04-05 10:38 --------- d-----w C:\ProgramData\Pinnacle 2008-04-04 11:12 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2008-04-03 15:53 --------- d-----w C:\Program Files\DVBViewer 2008-04-02 20:21 --------- d-----w C:\Users\Michael\AppData\Roaming\Auslogics 2008-04-02 20:21 --------- d-----w C:\Program Files\Auslogics 2008-04-02 17:21 --------- d-----w C:\ProgramData\Team MediaPortal 2008-04-02 17:21 --------- d-----w C:\Program Files\Team MediaPortal 2008-03-29 15:04 --------- d-----w C:\ProgramData\CMUV 2008-03-29 13:03 --------- d-----w C:\Program Files\Foxit Software 2008-03-28 23:57 --------- d-----w C:\Program Files\Common Files\Adobe 2008-03-28 23:55 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-03-28 16:27 --------- d-----w C:\Program Files\SmartDraw 2008 2008-03-27 21:54 --------- d-----w C:\Users\Michael\AppData\Roaming\SmartDraw 2008-03-27 21:41 --------- d-----w C:\Program Files\MagicISO 2008-03-26 18:51 --------- d-----w C:\Users\Michael\AppData\Roaming\Acronis 2008-03-24 18:37 --------- d-----w C:\Program Files\mackoy 2008-03-24 11:54 --------- d-----w C:\Program Files\Stardock 2008-03-23 16:45 --------- d-----w C:\Program Files\MSN Messenger 2008-03-22 12:26 --------- d-----w C:\ProgramData\Lavasoft 2008-03-22 12:25 --------- d-----w C:\Program Files\Lavasoft 2008-03-22 11:52 --------- d-----w C:\ProgramData\Sony Corporation 2008-03-22 11:51 --------- d-----w C:\Program Files\Sony 2008-03-21 11:54 --------- d-----w C:\Program Files\Microsoft Works 2008-03-19 20:52 174 --sha-w C:\Program Files\desktop.ini 2008-03-03 13:25 5,702 ---ha-w C:\Windows\nod32restoretemdono.reg 2007-12-06 19:24 144 ----a-w C:\Users\Michael\AppData\Roaming\wklnhst.dat 2007-12-02 00:09 604 ---ha-w C:\Program Files\STLL Notifier 2007-11-26 20:31 47,360 ----a-w C:\Users\Michael\AppData\Roaming\pcouffin.sys 2007-12-24 00:21 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat 2007-12-24 00:21 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat 2007-12-24 00:21 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat 2006-05-03 09:06 163,328 --sh--r C:\Windows\System32\flvDX.dll 2007-02-21 10:47 31,232 --sh--r C:\Windows\System32\msfDX.dll . ------- Sigcheck ------- . ((((((((((((((((((((((((((((( snapshot@2008-04-12_11.14.20.19 ))))))))))))))))))))))))))))))))))))))))) . + 2006-11-02 07:11:38 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll - 2007-08-11 22:07:10 53,248 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll + 2008-04-18 15:46:29 53,248 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll - 2007-08-11 22:07:10 12,800 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll + 2008-04-18 15:46:30 12,800 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll - 2007-08-11 22:07:10 473,600 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll + 2008-04-18 15:46:30 473,600 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll + 2008-04-18 15:46:31 578,560 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2007-08-11 22:07:11 145,920 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll + 2008-04-18 15:46:31 145,920 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll - 2007-08-11 22:07:11 159,232 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll + 2008-04-18 15:46:31 159,232 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll - 2007-08-11 22:07:11 364,544 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll + 2008-04-18 15:46:31 364,544 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll - 2007-08-11 22:07:11 178,176 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll + 2008-04-18 15:46:31 178,176 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll - 2007-08-11 22:07:10 223,232 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll + 2008-04-18 15:46:29 223,232 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll - 2007-11-26 08:30:35 8,007,680 ----a-w C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll + 2008-05-04 14:41:20 8,007,680 ----a-w C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll + 2008-04-14 12:37:06 14,184 ----a-w C:\Windows\assembly\GAC_32\ILoader\2.0.5201.0__31bf3856ad364e35\ILoader.dll + 2008-04-14 12:37:06 47,976 ----a-w C:\Windows\assembly\GAC_32\Loader\2.0.5201.0__31bf3856ad364e35\Loader.dll + 2008-04-30 13:06:43 880,640 ----a-w C:\Windows\assembly\GAC_32\Microsoft.MapPoint.GraphicsAPI\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.GraphicsAPI.dll + 2008-04-30 13:06:42 33,808 ----a-w C:\Windows\assembly\GAC_MSIL\GeoCommunityCommon\2.0.0.0__31bf3856ad364e35\GeoCommunityCommon.dll + 2008-05-16 14:32:44 50,176 ----a-w C:\Windows\assembly\GAC_MSIL\iPlayerMCE\1.2.0.0__7a013a56d00e4065\iPlayerMCE.dll + 2008-05-04 14:37:42 106,496 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll + 2008-05-04 14:37:43 737,280 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2008-05-04 14:37:43 36,864 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2008-05-04 14:37:43 794,624 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll + 2008-05-04 14:37:43 94,208 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll + 2008-04-30 13:06:42 163,840 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Data.CompactMapFile\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.Data.CompactMapFile.dll + 2008-04-30 13:06:42 151,552 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Data.VirtualEarthTileDataSource\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.Data.VirtualEarthTileDataSource.dll + 2008-04-30 13:06:42 376,832 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Data\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.Data.dll + 2008-04-30 13:06:42 65,536 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.GeoCommunities.COM\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.GeoCommunities.COM.dll + 2008-04-30 13:06:42 819,200 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.GeoCommunities\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.GeoCommunities.dll + 2008-04-30 13:06:42 208,896 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Geometry\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.Geometry.dll + 2008-04-30 13:06:42 540,672 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Graphics3D\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.Graphics3D.dll + 2008-04-30 13:06:42 143,360 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.MapControl3D\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.MapControl3D.dll + 2008-04-30 13:06:42 270,336 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Modeling\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.Modeling.dll + 2008-04-30 13:06:42 77,824 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Network\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.Network.dll + 2008-04-30 13:06:42 73,728 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Rendering3D.resources\2.5.0.0_es_31bf3856ad364e35\Microsoft.MapPoint.Rendering3D.Resources.dll + 2008-04-30 13:06:42 69,632 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Rendering3D.resources\2.5.0.0_fr-CA_31bf3856ad364e35\Microsoft.MapPoint.Rendering3D.Resources.dll + 2008-04-30 13:06:42 69,632 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Rendering3D.resources\2.5.0.0_fr_31bf3856ad364e35\Microsoft.MapPoint.Rendering3D.Resources.dll + 2008-04-30 13:06:42 73,728 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Rendering3D.resources\2.5.0.0_it_31bf3856ad364e35\Microsoft.MapPoint.Rendering3D.Resources.dll + 2008-04-30 13:06:42 73,728 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Rendering3D.resources\2.5.0.0_ja_31bf3856ad364e35\Microsoft.MapPoint.Rendering3D.Resources.dll + 2008-04-30 13:06:42 131,072 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Rendering3D.Utility\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.Rendering3D.Utility.dll + 2008-04-30 13:06:42 245,760 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Rendering3D.WorldMemoryDataSource\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.Rendering3D.WorldMemoryDataSource.dll + 2008-04-30 13:06:42 770,048 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Rendering3D\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.Rendering3D.dll + 2008-04-30 13:06:42 94,208 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.Utility\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.Utility.dll + 2008-04-30 13:06:42 61,440 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.MapPoint.UtilityPartialTrust\2.5.0.0__31bf3856ad364e35\Microsoft.MapPoint.UtilityPartialTrust.dll + 2008-05-04 14:37:43 41,984 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll + 2008-04-30 13:06:42 200,704 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.WindowsLive.Id.Client\2.5.0.0__31bf3856ad364e35\Microsoft.WindowsLive.Id.Client.dll - 2007-11-26 08:30:34 47,832 ----a-w C:\Windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll + 2008-05-04 14:37:44 40,960 ----a-w C:\Windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll + 2008-05-04 14:37:44 159,744 ----a-w C:\Windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll + 2008-05-04 14:37:45 663,552 ----a-w C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll + 2008-05-04 14:37:45 53,248 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll + 2008-05-04 14:37:41 667,648 ----a-w C:\Windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll + 2008-05-04 14:37:41 282,624 ----a-w C:\Windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll + 2008-05-04 14:37:45 139,264 ----a-w C:\Windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll + 2008-05-04 14:37:46 233,472 ----a-w C:\Windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll + 2008-05-04 14:37:40 496,672 ----a-w C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll + 2008-05-04 14:37:47 327,680 ----a-w C:\Windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll + 2008-05-04 14:37:47 1,253,376 ----a-w C:\Windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll + 2008-05-04 14:37:45 10,240 ----a-w C:\Windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll + 2008-05-04 14:37:40 517,152 ----a-w C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll + 2008-05-04 14:37:46 139,264 ----a-w C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll + 2008-05-04 14:52:52 237,568 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\2867d6975dcacb6ca61bd76045e386cc\Microsoft.Build.Conversion.v3.5.ni.dll + 2008-05-04 14:52:55 1,892,352 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\89b45a645222f9aef19baa9d9a1e5383\Microsoft.Build.Engine.ni.dll + 2008-05-04 14:52:56 94,208 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\497955c1d17648990c3a3bd7cf2ecaa3\Microsoft.Build.Framework.ni.dll + 2008-05-04 14:52:59 1,966,080 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\9c5199d690fd60ed39e8f20730263169\Microsoft.Build.Tasks.v3.5.ni.dll + 2008-05-04 14:53:00 196,608 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\bfdafec92f9d015d995d2f95fffff8bc\Microsoft.Build.Utilities.v3.5.ni.dll + 2008-04-30 13:35:11 372,736 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\[u]0[/u]e3a42a1766381612a5c818d52be4244\Microsoft.MapPoint.MapControl3D.ni.dll + 2008-04-30 13:35:22 1,454,080 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\24f35b5914c7a2d927ebb08e38d5da41\Microsoft.MapPoint.Data.ni.dll + 2008-04-30 13:35:20 249,856 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\63135936a7fe3b6895e14f27fde20e59\Microsoft.MapPoint.UtilityPartialTrust.ni.dll + 2008-04-30 13:35:19 839,680 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\6442fcc524025f28b61833e7ab4f3c72\Microsoft.MapPoint.Geometry.ni.dll + 2008-04-30 13:35:35 856,064 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\714b83ee87e30b2390fcba5e00f78146\Microsoft.MapPoint.Data.VirtualEarthTileDataSource.ni.dll + 2008-04-30 13:35:36 475,136 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\735b19c38a2fd7bb38f0d89de9f8bd34\Microsoft.MapPoint.Data.CompactMapFile.ni.dll + 2008-04-30 13:35:25 2,592,768 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\808e81a7d6d54215ebc7e332baad5b6d\Microsoft.MapPoint.Graphics3D.ni.dll + 2008-04-30 13:35:16 3,588,096 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\8438b6354800987605cc597e92531d02\Microsoft.MapPoint.Rendering3D.ni.dll + 2008-04-30 13:35:17 520,192 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\8aa1658dab6f1f9fd43391372c1fda78\Microsoft.MapPoint.Rendering3D.Utility.ni.dll + 2008-04-30 13:35:37 319,488 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\8b55f14eb8f9106a23e8459b64c9fb0d\Microsoft.MapPoint.Network.ni.dll + 2008-04-30 13:35:26 335,872 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\a2b08596c94ab28f709e306051012a35\Microsoft.MapPoint.Utility.ni.dll + 2008-04-30 13:35:33 1,683,456 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\bef579327b74e5df3745e06b39663b66\Microsoft.MapPoint.Rendering3D.WorldMemoryDataSource.ni.dll + 2008-04-30 13:35:28 1,597,440 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\cce4f0779c7f264f6d3632bda62ecc9c\Microsoft.MapPoint.GraphicsAPI.ni.dll + 2008-04-30 13:35:30 1,863,680 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\e6cf7699954bfd9d0914abd2766f0997\Microsoft.MapPoint.Modeling.ni.dll + 2008-05-04 14:52:43 155,648 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\MSBuild\81d70fca7aaf82c2890bfc5e1e644d8a\MSBuild.ni.exe + 2008-05-04 14:54:26 102,400 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\26e397507b87251fea471bb217afbd0e\System.AddIn.Contract.ni.dll + 2008-05-04 14:54:25 696,320 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\9ccfb52d02fb0d9fa007a36904bf6ff0\System.AddIn.ni.dll + 2008-05-04 14:46:17 2,347,008 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\4c177c394027f9a0da85a3505b2652f7\System.Core.ni.dll + 2008-05-04 14:54:28 184,320 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\8d68b6b50f207e88987467417b230c53\System.Data.DataSetExtensions.ni.dll + 2008-05-04 14:46:23 2,588,672 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\b987c33b348d1679f01ef49efab94201\System.Data.Linq.ni.dll + 2008-05-04 14:54:30 937,984 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\329dfd8debde991c0ba2cd8cba7746d3\System.DirectoryServices.AccountManagement.ni.dll + 2008-05-04 14:54:32 356,352 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\8577eda645bc10a0320a5c51167cc950\System.Management.Instrumentation.ni.dll + 2008-05-04 14:54:34 729,088 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Net\17df725c679fa1953ed2f4916589eca0\System.Net.ni.dll + 2008-05-04 14:54:39 1,556,480 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\336c3a204c86960730758874d4b8ba95\System.ServiceModel.Web.ni.dll + 2008-05-04 14:54:42 2,416,640 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\a8a98eb45853f2b3e88a7ae417718101\System.Web.Extensions.ni.dll + 2008-05-04 14:54:45 880,640 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\feb801113de4e3f679a6b38b256523db\System.Web.Extensions.Design.ni.dll + 2008-05-04 14:54:47 77,824 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\c79ee0048845878426bf6a48fa5d7708\System.Windows.Presentation.ni.dll + 2008-05-04 14:54:51 1,531,904 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\1141e73f795266e186d8305e760dac32\System.WorkflowServices.ni.dll + 2008-05-04 14:54:52 458,752 ----a-w C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\688bcbbcc735398955c9b8706780c955\System.Xml.Linq.ni.dll + 2008-01-05 11:23:07 2,048 ----a-w C:\Windows\Boot\DVD\PCAT\etfsboot.com - 2008-04-12 10:10:04 67,584 --s-a-w C:\Windows\bootstat.dat + 2008-05-20 15:25:04 67,584 --s-a-w C:\Windows\bootstat.dat + 2006-11-02 12:35:47 2,048 ----a-w C:\Windows\Help\Tablet PC\PTRes.dll + 2006-11-02 12:35:43 2,048 ----a-w C:\Windows\Help\Tablet PC\TTRes.dll - 2008-04-09 10:29:55 51,200 ----a-w C:\Windows\inf\infpub.dat + 2008-04-26 19:04:27 51,200 ----a-w C:\Windows\inf\infpub.dat - 2008-04-09 10:29:55 86,016 ----a-w C:\Windows\inf\infstor.dat + 2008-04-26 19:00:44 86,016 ----a-w C:\Windows\inf\infstor.dat - 2008-04-09 10:29:44 143,360 ----a-w C:\Windows\inf\infstrng.dat + 2008-04-26 19:04:27 143,360 ----a-w C:\Windows\inf\infstrng.dat + 2007-08-28 23:38:10 500,648 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.6215\MORPH9.DLL + 2007-08-28 23:38:46 9,584,512 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.6215\MSPUB.EXE + 2007-08-24 03:43:28 138,648 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.6215\PRTF9.DLL + 2007-08-28 23:39:14 625,560 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.6215\PTXT9.DLL + 2007-08-24 03:43:36 593,296 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.6215\PUBCONV.DLL + 2007-08-28 23:16:00 350,064 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.6215\WINWORD.EXE + 2007-09-06 18:03:02 4,280,176 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.6215\WRD12CNV.DLL + 2007-08-29 00:07:58 24,928 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.6215\WRD12EXE.EXE + 2007-09-06 17:56:32 17,490,800 ----a-r C:\Windows\Installer\$PatchCache$\Managed\[u]0[/u]0002109030000000000000000F01FEC\12.0.6215\WWLIB.DLL + 2008-04-29 12:52:14 27,136 ----a-r C:\Windows\Installer\{02DFF6B1-1654-411C-8D7B-FD6052EF016F}\AppleSoftwareUpdateIco.exe + 2008-04-29 12:59:04 102,400 ----a-r C:\Windows\Installer\{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}\iTunesIco.exe - 2008-04-09 10:26:48 1,165,584 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2008-05-14 13:15:41 1,165,584 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe - 2008-04-09 10:26:48 20,240 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2008-05-14 13:15:41 20,240 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe - 2008-04-09 10:26:48 159,504 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2008-05-14 13:15:41 159,504 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe - 2008-04-09 10:26:48 184,080 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2008-05-14 13:15:41 184,080 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2008-04-09 10:26:48 217,864 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2008-05-14 13:15:41 217,864 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2008-04-09 10:26:48 18,704 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2008-05-14 13:15:41 18,704 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2008-04-09 10:26:48 35,088 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe + 2008-05-14 13:15:41 35,088 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2008-04-09 10:26:48 845,584 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2008-05-14 13:15:41 845,584 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe - 2008-04-09 10:26:48 922,384 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2008-05-14 13:15:41 922,384 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2008-04-09 10:26:48 272,648 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2008-05-14 13:15:41 272,648 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2008-04-09 10:26:48 888,080 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2008-05-14 13:15:41 888,080 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2008-04-09 10:26:48 1,172,240 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2008-05-14 13:15:41 1,172,240 ----a-r C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2008-04-14 12:37:06 25,214 ----a-r C:\Windows\Installer\{A939D341-5A04-4E0A-BB55-3E65B386432D}\ARPPRODUCTICON.exe + 2008-05-12 18:19:32 49,152 ----a-r C:\Windows\Installer\{D4163F73-AAE4-4E4F-9E9E-70828C2ADB58}\NewShortcut1_5F8FC2C3050E490EAD5176EB2D31BFF6.exe + 2008-05-12 18:19:32 49,152 ----a-r C:\Windows\Installer\{D4163F73-AAE4-4E4F-9E9E-70828C2ADB58}\NewShortcut2_5F8FC2C3050E490EAD5176EB2D31BFF6.exe + 2006-03-31 10:27:50 578,560 ----a-w C:\Windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll + 2008-04-30 15:04:15 32,768 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\[u]0[/u]b4fc74b\[u]0[/u]0bc29f1_e9d9c701\WGUsers.DLL + 2008-04-30 15:04:15 8,192 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\129f5e12\[u]0[/u]0eb914a_ead9c701\App_global.asax.DLL + 2008-04-30 15:04:15 7,680 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\13252534\[u]0[/u]099de77_ead9c701\Theme.DLL + 2008-04-30 15:04:15 126,976 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\13756cc6\[u]0[/u]00865ec_e9d9c701\Toub.MediaCenter.Dvrms.DLL + 2008-04-30 15:04:14 331,776 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\1fda4447\[u]0[/u]0995df9_fae2c601\WMPLib.DLL + 2008-04-30 15:04:15 199,168 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\2a765422\[u]0[/u]099de77_ead9c701\mobile.DLL + 2008-04-30 15:04:15 24,576 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\2e57dec9\[u]0[/u]062c7ee_e9d9c701\WebGuideServicedComponent.DLL + 2008-04-30 15:04:15 104,448 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\487ef622\[u]0[/u]099de77_ead9c701\controls.DLL + 2008-04-30 15:04:15 225,280 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\5668ece4\[u]0[/u]09cf96d_2010c501\UPnP.DLL + 2008-04-30 15:04:15 36,864 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\68deea75\[u]0[/u]0e0262f_ead9c701\Interop.COMAdmin.DLL + 2008-04-30 15:04:15 61,440 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\77b76504\[u]0[/u]0db33eb_e9d9c701\StreamServer.DLL + 2008-04-30 15:04:15 276,992 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\7b700eb7\[u]0[/u]0c60f79_ead9c701\mce.DLL + 2008-04-30 15:04:15 53,248 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\8b61e30c\[u]0[/u]0e95af2_e9d9c701\WGUPnP.DLL + 2008-04-30 15:04:14 147,456 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\8e84912d\[u]0[/u]062c7ee_e9d9c701\RemoteConnection.DLL + 2008-04-30 15:04:14 131,072 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\94f830c1\[u]0[/u]0ae02ea_e9d9c701\WGStream.DLL + 2008-04-30 15:04:15 30,720 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\a1d20e18\[u]0[/u]0c60f79_ead9c701\mobile.controls.DLL + 2008-04-30 15:04:15 16,384 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\a84e8f3c\[u]0[/u]0bc29f1_e9d9c701\UPnP_WHS.DLL + 2008-04-30 15:04:15 701,816 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\ab8e7efb\[u]0[/u]0485e51_bc3cc701\System.Web.Extensions.DLL + 2008-04-30 15:04:14 225,280 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\b856c6bb\[u]0[/u]0be6049_ead9c701\App_Code.DLL + 2008-04-30 15:04:15 53,248 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\babb5216\[u]0[/u]03596ed_e9d9c701\Interop.Shell32.DLL + 2008-04-30 15:04:15 12,288 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\c4400840\[u]0[/u]00d5830_ead9c701\Interop.NetFwTypeLib.DLL + 2008-04-30 15:04:15 118,784 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\cc518572\[u]0[/u]07a180a_b6d9c701\WindowsMediaLib.DLL + 2008-04-30 15:04:14 32,768 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\d046f88a\[u]0[/u]081d1e8_e9d9c701\ExtractThumb.DLL + 2008-04-30 15:04:14 45,056 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\d3c1c8c8\[u]0[/u]064fe46_ead9c701\App_WebReferences.DLL + 2008-04-30 15:04:15 28,672 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\e1efbb7f\[u]0[/u]049ee11_c348c701\UltiDevCassiniServerConfiguration.DLL + 2008-04-30 15:04:15 49,152 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\e4e8e3af\[u]0[/u]08ff8ef_e9d9c701\XmlProviders.DLL + 2008-04-30 15:04:15 8,704 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\f6a62be1\[u]0[/u]0156612_4fc8c701\Interop.WHSInfoIF.DLL + 2008-04-30 15:04:15 681,472 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\guide\e3c9ec4e\c6cc82fc\assembly\dl3\fe866b3c\[u]0[/u]06cad76_ead9c701\Root.DLL + 2008-04-29 12:44:25 331,776 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\d7b1a03a\5f5f5212\assembly\dl3\[u]0[/u]0840920\[u]0[/u]0995df9_fae2c601\WMPLib.DLL + 2008-04-29 12:44:25 32,768 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\d7b1a03a\5f5f5212\assembly\dl3\2f14df52\[u]0[/u]081d1e8_e9d9c701\ExtractThumb.DLL + 2008-04-29 12:44:25 24,576 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\d7b1a03a\5f5f5212\assembly\dl3\3721cc82\[u]0[/u]062c7ee_e9d9c701\WebGuideServicedComponent.DLL + 2008-04-29 12:44:25 147,456 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\d7b1a03a\5f5f5212\assembly\dl3\5b341e75\[u]0[/u]062c7ee_e9d9c701\RemoteConnection.DLL + 2008-04-29 12:44:25 53,248 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\d7b1a03a\5f5f5212\assembly\dl3\72bfa021\[u]0[/u]03596ed_e9d9c701\Interop.Shell32.DLL + 2008-04-29 12:44:25 701,816 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\d7b1a03a\5f5f5212\assembly\dl3\81ff24ae\[u]0[/u]0485e51_bc3cc701\System.Web.Extensions.DLL + 2008-04-29 12:44:25 126,976 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\d7b1a03a\5f5f5212\assembly\dl3\8c506fb0\[u]0[/u]00865ec_e9d9c701\Toub.MediaCenter.Dvrms.DLL + 2008-04-29 12:44:25 225,280 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\d7b1a03a\5f5f5212\assembly\dl3\a3ffd526\[u]0[/u]0be6049_ead9c701\App_Code.DLL + 2008-04-29 12:44:26 8,192 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\d7b1a03a\5f5f5212\assembly\dl3\ba6182b9\[u]0[/u]0eb914a_ead9c701\App_global.asax.DLL + 2008-04-29 12:44:25 45,056 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\d7b1a03a\5f5f5212\assembly\dl3\da9fb95b\[u]0[/u]064fe46_ead9c701\App_WebReferences.DLL + 2008-04-29 12:44:25 131,072 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\d7b1a03a\5f5f5212\assembly\dl3\dbf5cb1e\[u]0[/u]0ae02ea_e9d9c701\WGStream.DLL + 2008-04-30 15:03:50 701,816 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\[u]0[/u]1d6c0e2\[u]0[/u]0485e51_bc3cc701\System.Web.Extensions.DLL + 2008-04-30 15:03:53 53,248 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\[u]0[/u]4397202\[u]0[/u]0e95af2_e9d9c701\WGUPnP.DLL + 2008-04-30 15:03:53 118,784 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\1c1292c9\[u]0[/u]07a180a_b6d9c701\WindowsMediaLib.DLL + 2008-04-30 15:03:52 199,168 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\256b7bb5\[u]0[/u]099de77_ead9c701\mobile.DLL + 2008-04-30 15:03:50 126,976 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\29e497a6\[u]0[/u]00865ec_e9d9c701\Toub.MediaCenter.Dvrms.DLL + 2008-04-30 15:03:53 61,440 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\47456926\[u]0[/u]0db33eb_e9d9c701\StreamServer.DLL + 2008-04-30 15:03:49 45,056 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\4c34a242\[u]0[/u]064fe46_ead9c701\App_WebReferences.DLL + 2008-04-30 15:03:53 32,768 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\4fd4a6ee\[u]0[/u]0bc29f1_e9d9c701\WGUsers.DLL + 2008-04-30 15:03:53 16,384 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\50b36446\[u]0[/u]0bc29f1_e9d9c701\UPnP_WHS.DLL + 2008-04-30 15:03:52 8,704 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\54091acc\[u]0[/u]0156612_4fc8c701\Interop.WHSInfoIF.DLL + 2008-04-30 15:03:52 36,864 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\5caa16c4\[u]0[/u]0e0262f_ead9c701\Interop.COMAdmin.DLL + 2008-04-30 15:03:53 49,152 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\5d01c1e0\[u]0[/u]08ff8ef_e9d9c701\XmlProviders.DLL + 2008-04-30 15:03:50 331,776 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\60a67046\[u]0[/u]0995df9_fae2c601\WMPLib.DLL + 2008-04-30 15:03:52 276,992 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\7dfb0915\[u]0[/u]0c60f79_ead9c701\mce.DLL + 2008-04-30 15:03:53 225,280 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\8905615f\[u]0[/u]09cf96d_2010c501\UPnP.DLL + 2008-04-30 15:03:50 24,576 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\8dbf88e9\[u]0[/u]062c7ee_e9d9c701\WebGuideServicedComponent.DLL + 2008-04-30 15:03:52 12,288 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\9587c59e\[u]0[/u]00d5830_ead9c701\Interop.NetFwTypeLib.DLL + 2008-04-30 15:03:49 147,456 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\95d2dbba\[u]0[/u]062c7ee_e9d9c701\RemoteConnection.DLL + 2008-04-30 15:03:53 681,472 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\a8e4046e\[u]0[/u]06cad76_ead9c701\Root.DLL + 2008-04-30 15:03:52 104,448 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\b8b3a89a\[u]0[/u]099de77_ead9c701\controls.DLL + 2008-04-30 15:03:49 225,280 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\be979880\[u]0[/u]0be6049_ead9c701\App_Code.DLL + 2008-04-30 15:03:53 7,680 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\d1cf3aa5\[u]0[/u]099de77_ead9c701\Theme.DLL + 2008-04-30 15:03:50 53,248 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\da7b83f7\[u]0[/u]03596ed_e9d9c701\Interop.Shell32.DLL + 2008-04-30 15:03:50 131,072 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\e362c405\[u]0[/u]0ae02ea_e9d9c701\WGStream.DLL + 2008-04-30 15:03:53 28,672 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\e5d871ad\[u]0[/u]049ee11_c348c701\UltiDevCassiniServerConfiguration.DLL + 2008-04-30 15:03:50 32,768 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\f0de112e\[u]0[/u]081d1e8_e9d9c701\ExtractThumb.DLL + 2008-04-30 15:03:51 8,192 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\f97ce7ea\[u]0[/u]0eb914a_ead9c701\App_global.asax.DLL + 2008-04-30 15:03:52 30,720 ----a-w C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\webguide\[u]0[/u]2ee5f64\d85e7465\assembly\dl3\fa19618c\[u]0[/u]0c60f79_ead9c701\mobile.controls.DLL + 2008-01-19 07:31:57 2,560 ----a-w C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll + 2006-11-02 12:36:02 2,560 ----a-w C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll + 2007-11-07 18:02:38 168,448 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll + 2007-11-07 18:02:38 233,976 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll + 2007-11-07 18:02:38 41,992 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe + 2007-11-07 18:02:38 41,992 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe + 2007-11-07 18:02:38 28,672 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe + 2007-11-07 18:02:38 1,545,720 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\csc.exe + 2007-11-07 18:00:02 210,834 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\baseline.dat + 2007-11-07 15:26:34 97,280 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\DeleteTemp.exe + 2007-11-07 15:26:34 276,472 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\dlmgr.dll + 2007-11-07 15:26:34 1,059,328 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\gencomp.dll + 2007-11-07 15:26:34 177,152 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\HtmlLite.dll + 2007-11-07 15:26:34 269,304 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe + 2007-11-07 15:26:34 112,128 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1025.dll + 2007-11-07 15:26:34 84,992 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1028.dll + 2007-11-07 15:26:34 124,416 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1029.dll + 2007-11-07 15:26:34 125,440 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1030.dll + 2007-11-07 15:26:34 129,536 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1031.dll + 2007-11-07 15:26:34 136,192 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1032.dll + 2007-11-07 15:26:34 120,832 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1035.dll + 2007-11-07 15:26:34 132,096 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1036.dll + 2007-11-07 15:26:34 110,080 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1037.dll + 2007-11-07 15:26:34 131,072 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1038.dll + 2007-11-07 15:26:34 127,488 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1040.dll + 2007-11-07 15:26:34 96,768 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1041.dll + 2007-11-07 15:26:34 93,696 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1042.dll + 2007-11-07 15:26:34 127,488 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1043.dll + 2007-11-07 15:26:34 120,320 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1044.dll + 2007-11-07 15:26:34 126,976 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1045.dll + 2007-11-07 15:26:34 121,856 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1046.dll + 2007-11-07 15:26:34 122,368 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1049.dll + 2007-11-07 15:26:34 120,320 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1053.dll + 2007-11-07 15:26:34 119,808 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.1055.dll + 2007-11-07 15:26:34 83,456 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.2052.dll + 2007-11-07 15:26:34 130,048 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.2070.dll + 2007-11-07 15:26:34 130,560 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.3082.dll + 2007-11-07 15:26:34 109,568 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setupres.dll + 2007-11-07 15:26:34 1,361,920 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\SITSetup.dll + 2007-11-07 15:26:34 1,045,504 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\vs_setup.dll + 2007-11-07 15:26:34 627,712 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\vs70uimgr.dll + 2007-11-07 15:26:34 411,136 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\vsbasereqs.dll + 2007-11-07 15:26:34 687,104 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\vsscenario.dll + 2007-11-07 15:26:34 102,904 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1025.dll + 2007-11-07 15:26:34 90,104 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1028.dll + 2007-11-07 15:26:34 108,536 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1029.dll + 2007-11-07 15:26:34 108,536 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1030.dll + 2007-11-07 15:26:34 111,608 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1031.dll + 2007-11-07 15:26:34 113,656 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1032.dll + 2007-11-07 15:26:34 106,488 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1035.dll + 2007-11-07 15:26:34 112,120 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1036.dll + 2007-11-07 15:26:34 101,368 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1037.dll + 2007-11-07 15:26:34 111,096 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1038.dll + 2007-11-07 15:26:34 110,072 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1040.dll + 2007-11-07 15:26:34 95,736 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1041.dll + 2007-11-07 15:26:34 92,664 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1042.dll + 2007-11-07 15:26:34 108,536 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1043.dll + 2007-11-07 15:26:34 106,488 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1044.dll + 2007-11-07 15:26:34 109,048 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1045.dll + 2007-11-07 15:26:34 107,512 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1046.dll + 2007-11-07 15:26:34 107,000 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1049.dll + 2007-11-07 15:26:34 105,976 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1053.dll + 2007-11-07 15:26:34 106,488 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.1055.dll + 2007-11-07 15:26:34 89,080 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.2052.dll + 2007-11-07 15:26:34 110,072 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.2070.dll + 2007-11-07 15:26:34 111,096 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.3082.dll + 2007-11-07 15:26:34 107,512 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapRes.dll + 2007-11-07 15:26:34 982,008 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\WapUI.dll + 2007-11-07 18:02:38 794,624 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll + 2007-11-07 18:02:38 41,984 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll + 2007-11-07 18:02:38 91,136 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\MSBuild.exe + 2007-11-07 18:02:38 1,710,584 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\vbc.exe + 2007-10-19 01:58:38 182,288 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe + 2007-11-07 18:02:38 71,160 ----a-w C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll + 2006-11-02 08:12:29 2,048 ----a-w C:\Windows\MSAgent\AgtUI.dll + 2007-06-29 09:24:48 2,134 ----a-w C:\Windows\OEMCert\oem_demo.vbs + 2007-07-20 00:02:39 2,085 ----a-w C:\Windows\Panther\SetWinRE\SetWinRE.cmd + 2008-02-01 20:03:38 2,173,440 ----a-w C:\Windows\Resources\Themes\Royale FINAL\Shell\NormalColor\shellstyle.dll + 2007-10-15 23:00:00 418,304 ----a-w C:\Windows\Resources\Themes\Royale_Candara\Shell\NormalColor\ShellStyle.dll + 2007-10-15 23:00:00 418,304 ----a-w C:\Windows\Resources\Themes\Royale_Corbel\Shell\NormalColor\ShellStyle.dll + 2007-10-15 23:00:00 418,304 ----a-w C:\Windows\Resources\Themes\Royale_Segoe UI\Shell\NormalColor\ShellStyle.dll - 2008-04-10 22:57:15 2,247,344 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2008-04-23 22:04:41 2,247,344 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2008-04-12 09:56:31 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat + 2008-05-14 12:15:37 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat + 2008-05-14 12:15:37 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat.LOG1 - 2008-04-12 10:10:28 212,992 ----a-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-05-20 15:25:24 217,088 ----a-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT - 2008-04-12 10:02:24 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat + 2008-05-14 13:12:43 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat - 2008-03-29 20:23:24 2,641,332 -c--a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing\tokens.dat + 2008-04-30 15:21:07 2,641,332 -c--a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing\tokens.dat - 2008-04-12 10:10:28 241,664 ----a-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-05-20 15:25:23 241,664 ----a-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2006-11-02 07:10:15 2,000 ----a-w C:\Windows\system\keyboard.drv + 2006-11-02 07:10:18 2,032 ----a-w C:\Windows\system\mouse.drv + 2006-11-02 07:10:16 1,744 ----a-w C:\Windows\system\sound.drv + 2006-11-02 07:10:17 2,176 ----a-w C:\Windows\system\vga.drv + 2006-11-02 07:11:39 2,048 ----a-w C:\Windows\System32\acprgwiz.dll + 2006-11-02 12:35:57 2,048 ----a-w C:\Windows\System32\asferror.dll - 2008-03-14 19:35:28 1,392,304 ----a-w C:\Windows\System32\AutoPartNt.exe + 2008-05-14 14:57:16 1,392,304 ----a-w C:\Windows\System32\AutoPartNt.exe + 2008-01-19 05:27:25 2,560 ----a-w C:\Windows\System32\bootstr.dll + 2006-11-02 07:38:48 2,048 ----a-w C:\Windows\System32\bridgeres.dll - 2008-03-29 13:18:42 116,960 ----a-w C:\Windows\System32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT + 2008-04-28 19:52:59 123,232 ----a-w C:\Windows\System32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT - 2008-04-11 22:58:49 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-05-20 15:19:07 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-04-11 22:58:49 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-05-20 15:19:07 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-04-11 22:58:49 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-05-20 15:19:07 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-04-12 10:02:43 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat + 2008-05-20 15:19:26 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat + 2007-03-12 15:42:30 1,123,696 ----a-w C:\Windows\System32\D3DCompiler_33.dll + 2007-05-16 15:45:16 1,124,720 ----a-w C:\Windows\System32\D3DCompiler_34.dll + 2007-07-19 17:14:42 1,358,192 ----a-w C:\Windows\System32\D3DCompiler_35.dll + 2007-10-12 14:14:00 1,374,232 ----a-w C:\Windows\System32\D3DCompiler_36.dll + 2008-03-05 14:56:58 1,420,824 ----a-w C:\Windows\System32\D3DCompiler_37.dll + 2006-11-29 12:06:18 440,080 ----a-w C:\Windows\System32\d3dx10.dll + 2007-03-15 15:57:58 443,752 ----a-w C:\Windows\System32\d3dx10_33.dll + 2007-05-16 15:45:16 443,752 ----a-w C:\Windows\System32\d3dx10_34.dll + 2007-07-19 17:14:42 444,776 ----a-w C:\Windows\System32\d3dx10_35.dll + 2007-10-02 08:56:34 444,776 ----a-w C:\Windows\System32\d3dx10_36.dll + 2008-02-05 22:07:36 462,864 ----a-w C:\Windows\System32\d3dx10_37.dll + 2006-03-31 11:40:58 2,388,176 ----a-w C:\Windows\System32\d3dx9_30.dll + 2006-09-28 15:05:20 2,414,360 ----a-w C:\Windows\System32\d3dx9_31.dll + 2006-11-29 12:06:18 3,426,072 ----a-w C:\Windows\System32\d3dx9_32.dll + 2007-03-12 15:42:30 3,495,784 ----a-w C:\Windows\System32\d3dx9_33.dll + 2007-05-16 15:45:16 3,497,832 ----a-w C:\Windows\System32\d3dx9_34.dll + 2007-07-19 17:14:42 3,727,720 ----a-w C:\Windows\System32\d3dx9_35.dll + 2007-10-12 14:14:00 3,734,536 ----a-w C:\Windows\System32\d3dx9_36.dll + 2008-03-05 14:56:58 3,786,760 ----a-w C:\Windows\System32\D3DX9_37.dll + 2006-11-02 12:36:25 2,048 ----a-w C:\Windows\System32\dfsrres.dll - 2007-07-12 20:00:18 740,442 ----a-w C:\Windows\System32\DivX.dll + 2007-12-04 01:33:16 682,496 ----a-w C:\Windows\System32\DivX.dll - 2007-07-12 20:00:18 823,296 ----a-w C:\Windows\System32\divx_xx07.dll + 2007-12-04 01:33:18 823,296 ----a-w C:\Windows\System32\divx_xx07.dll - 2007-07-12 20:00:18 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll + 2007-12-04 01:33:18 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll - 2007-07-12 20:00:18 802,816 ----a-w C:\Windows\System32\divx_xx11.dll + 2007-12-04 01:33:18 802,816 ----a-w C:\Windows\System32\divx_xx11.dll + 2007-11-28 21:55:18 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe - 2007-07-12 20:02:50 524,288 ----a-w C:\Windows\System32\DivXsm.exe + 2007-11-29 22:30:42 524,288 ----a-w C:\Windows\System32\DivXsm.exe - 2007-07-12 19:59:38 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll + 2007-11-28 21:52:32 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll + 2008-01-19 05:49:54 2,048 ----a-w C:\Windows\System32\dmdskres2.dll - 2007-07-12 20:00:26 81,920 ----a-w C:\Windows\System32\dpl100.dll + 2007-11-29 22:28:24 81,920 ----a-w C:\Windows\System32\dpl100.dll - 2007-07-12 20:00:20 294,912 ----a-w C:\Windows\System32\dpu10.dll + 2007-11-28 21:53:18 294,912 ----a-w C:\Windows\System32\dpu10.dll - 2007-07-12 20:00:20 294,912 ----a-w C:\Windows\System32\dpu11.dll + 2007-11-28 21:53:18 294,912 ----a-w C:\Windows\System32\dpu11.dll - 2007-07-12 20:00:22 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll + 2007-11-28 21:53:18 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll - 2007-07-12 20:00:20 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll + 2007-11-28 21:53:18 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll - 2007-07-12 20:00:20 344,064 ----a-w C:\Windows\System32\dpus11.dll + 2007-11-28 21:53:18 344,064 ----a-w C:\Windows\System32\dpus11.dll - 2007-07-12 20:00:20 57,344 ----a-w C:\Windows\System32\dpv11.dll + 2007-11-28 21:53:18 57,344 ----a-w C:\Windows\System32\dpv11.dll - 2006-09-19 21:44:04 15,664 ----a-w C:\Windows\System32\drivers\GEARAspiWDM.sys + 2008-01-29 11:01:28 16,168 ----a-w C:\Windows\System32\drivers\GEARAspiWDM.sys - 2007-10-08 09:27:34 34,864 ----a-w C:\Windows\System32\drivers\hcmon.sys + 2007-10-08 08:27:34 34,864 ----a-w C:\Windows\System32\drivers\hcmon.sys - 2007-06-26 09:53:36 1,776,128 ----a-w C:\Windows\System32\drivers\igdkmd32.sys + 2008-02-11 10:36:10 2,302,976 ----a-w C:\Windows\System32\drivers\igdkmd32.sys - 2007-08-07 12:34:38 64,960 ----a-w C:\Windows\System32\drivers\stcp2v30.sys + 2007-08-07 11:34:38 64,960 ----a-w C:\Windows\System32\drivers\stcp2v30.sys + 2008-02-20 19:17:32 40,928 ----a-w C:\Windows\System32\drivers\VBoxDrv.sys + 2008-02-20 19:17:40 27,776 ----a-w C:\Windows\System32\drivers\VBoxUSBMon.sys - 2006-11-02 08:53:56 26,112 ----a-w C:\Windows\System32\drivers\vgapnp.sys + 2008-01-19 05:52:06 26,112 ----a-w C:\Windows\System32\drivers\vgapnp.sys - 2007-10-08 09:27:34 924,976 ----a-w C:\Windows\System32\drivers\vmx86.sys + 2007-10-08 08:27:34 924,976 ----a-w C:\Windows\System32\drivers\vmx86.sys - 2007-03-23 20:25:34 57,472 ----a-w C:\Windows\System32\DriverStore\FileRepository\hcwu2dtd.inf_276a5a5d\Driver93\hcwu2dtd.sys + 2007-03-23 17:25:34 57,472 ----a-w C:\Windows\System32\DriverStore\FileRepository\hcwu2dtd.inf_276a5a5d\Driver93\hcwu2dtd.sys - 2007-03-23 20:21:26 18,560 ----a-w C:\Windows\System32\DriverStore\FileRepository\hcwu2dtd.inf_276a5a5d\Driver93\hcwu2dtl.sys + 2007-03-23 17:21:26 18,560 ----a-w C:\Windows\System32\DriverStore\FileRepository\hcwu2dtd.inf_276a5a5d\Driver93\hcwu2dtl.sys + 2005-12-13 13:45:18 33,024 ----a-w C:\Windows\System32\DriverStore\FileRepository\hcwu2dtd.inf_f04141ea\hcwu2dtd.sys + 2005-11-29 11:50:52 17,920 ----a-w C:\Windows\System32\DriverStore\FileRepository\hcwu2dtd.inf_f04141ea\hcwu2dtl.sys + 2004-06-08 00:03:40 36,921 ----a-w C:\Windows\System32\DriverStore\FileRepository\hcwu2dtd.inf_f04141ea\hcwutl32.dll + 2008-02-11 09:46:50 106,496 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\hccutils.dll + 2008-02-22 09:34:46 166,424 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\hkcmd.exe + 2008-02-11 10:01:44 2,174,976 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\ig4dev32.dll + 2008-02-11 10:01:30 2,420,736 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\ig4icd32.dll + 2008-02-11 10:36:10 2,302,976 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igdkmd32.sys + 2008-02-11 10:36:08 3,301,376 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igdumd32.dll + 2008-02-22 09:34:50 539,160 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igfxcfg.exe + 2008-02-11 09:46:44 204,800 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igfxdev.dll + 2008-02-11 09:46:58 135,168 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igfxdo.dll + 2008-02-11 09:47:26 24,576 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igfxexps.dll + 2008-02-22 09:34:56 170,520 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igfxext.exe + 2008-02-22 09:34:58 133,656 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igfxpers.exe + 2008-02-11 09:47:34 204,800 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igfxpph.dll + 2008-02-11 09:46:32 3,293,184 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igfxress.dll + 2008-02-11 09:47:14 48,640 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igfxsrvc.dll + 2008-02-22 09:35:02 256,536 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igfxsrvc.exe + 2008-02-11 09:48:00 245,760 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igfxTMM.dll + 2008-02-22 09:35:06 141,848 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igfxtray.exe + 2008-02-22 09:35:10 170,520 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igfxzoom.exe + 2008-02-11 10:34:48 2,215,364 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igklg400.bin + 2008-02-11 10:34:48 1,971,732 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igklg450.bin + 2008-02-11 10:34:48 29,932 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igmedcompkrn.bin + 2008-02-11 10:55:18 147,456 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\igxpco32.dll + 2008-02-11 09:47:38 69,632 ----a-w C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_982f122f\oemdspif.dll - 2007-10-08 09:26:06 17,712 ------w C:\Windows\System32\DriverStore\FileRepository\netadapter.inf_c3a8bfaf\vmnet.sys + 2007-10-08 08:26:06 17,712 ------w C:\Windows\System32\DriverStore\FileRepository\netadapter.inf_c3a8bfaf\vmnet.sys - 2007-10-08 09:26:06 16,816 ------w C:\Windows\System32\DriverStore\FileRepository\netadapter.inf_c3a8bfaf\vmnetadapter.sys + 2007-10-08 08:26:06 16,816 ------w C:\Windows\System32\DriverStore\FileRepository\netadapter.inf_c3a8bfaf\vmnetadapter.sys - 2007-10-08 09:26:06 13,104 ------w C:\Windows\System32\DriverStore\FileRepository\netadapter.inf_c3a8bfaf\vnetinst.dll + 2007-10-08 08:26:06 13,104 ------w C:\Windows\System32\DriverStore\FileRepository\netadapter.inf_c3a8bfaf\vnetinst.dll - 2007-10-08 09:26:06 17,712 ------w C:\Windows\System32\DriverStore\FileRepository\netbridge.inf_91493ffa\vmnet.sys + 2007-10-08 08:26:06 17,712 ------w C:\Windows\System32\DriverStore\FileRepository\netbridge.inf_91493ffa\vmnet.sys - 2007-10-08 09:26:06 50,992 ------w C:\Windows\System32\DriverStore\FileRepository\netbridge.inf_91493ffa\vmnetbridge.dll + 2007-10-08 08:26:06 50,992 ------w C:\Windows\System32\DriverStore\FileRepository\netbridge.inf_91493ffa\vmnetbridge.dll - 2007-10-08 09:26:06 28,592 ------w C:\Windows\System32\DriverStore\FileRepository\netbridge.inf_91493ffa\vmnetbridge.sys + 2007-10-08 08:26:06 28,592 ------w C:\Windows\System32\DriverStore\FileRepository\netbridge.inf_91493ffa\vmnetbridge.sys + 2006-11-02 08:27:54 2,048 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnca001.inf_92fbd03f\I386\CNBPGR02.DLL + 2006-11-02 09:41:10 2,560 ----a-w C:\Windows\System32\DriverStore\FileRepository\prndc001.inf_79bb12be\I386\DICONRES.DLL + 2006-09-18 21:40:29 1,960 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE11.DAT + 2006-09-18 21:40:29 1,778 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE12.DAT + 2006-09-18 21:40:29 1,960 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE16.DAT + 2006-09-18 21:40:29 1,992 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE2J.DAT + 2006-09-18 21:40:29 1,948 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE2K.DAT + 2006-09-18 21:40:29 2,128 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE2M.DAT + 2006-09-18 21:40:29 2,398 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3N.DAT + 2006-09-18 21:40:29 1,976 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3O.DAT + 2006-09-18 21:40:29 1,764 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3P.DAT + 2006-09-18 21:40:29 2,398 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3Q.DAT + 2006-09-18 21:40:29 2,618 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3T.DAT + 2006-09-18 21:40:29 2,188 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3V.DAT + 2006-09-18 21:40:29 2,984 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE4A.DAT + 2006-09-18 21:40:29 2,632 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE4D.DAT + 2006-09-18 21:40:30 2,496 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE4S.DAT - 2007-10-08 09:26:06 30,768 ------w C:\Windows\System32\DriverStore\FileRepository\vmusb.inf_76c94f0e\vmusb.sys + 2007-10-08 08:26:06 30,768 ------w C:\Windows\System32\DriverStore\FileRepository\vmusb.inf_76c94f0e\vmusb.sys + 2007-03-23 17:25:34 57,472 ----a-w C:\Windows\System32\DriverStore\Temp\hcwu2dtd.inf_276a5a5d\Driver93\hcwu2dtd.sys + 2007-03-23 17:21:26 18,560 ----a-w C:\Windows\System32\DriverStore\Temp\hcwu2dtd.inf_276a5a5d\Driver93\hcwu2dtl.sys - 2007-07-12 20:00:26 196,608 ----a-w C:\Windows\System32\dtu100.dll + 2007-11-29 22:28:24 196,608 ----a-w C:\Windows\System32\dtu100.dll - 2008-04-09 10:31:59 1,764,376 ----a-w C:\Windows\System32\FNTCACHE.DAT + 2008-05-13 12:24:23 1,764,376 ----a-w C:\Windows\System32\FNTCACHE.DAT - 2006-10-04 02:47:52 109,360 ----a-w C:\Windows\System32\GEARAspi.dll + 2008-01-29 11:02:30 107,368 ----a-w C:\Windows\System32\GEARAspi.dll - 2007-06-26 08:53:54 102,400 ----a-w C:\Windows\System32\hccutils.dll + 2008-02-11 09:46:50 106,496 ----a-w C:\Windows\System32\hccutils.dll - 2007-07-03 09:05:42 154,136 ----a-w C:\Windows\System32\hkcmd.exe + 2008-02-22 09:34:46 166,424 ----a-w C:\Windows\System32\hkcmd.exe - 2007-06-26 09:06:48 1,589,248 ----a-w C:\Windows\System32\ig4dev32.dll + 2008-02-11 10:01:44 2,174,976 ----a-w C:\Windows\System32\ig4dev32.dll - 2007-06-26 09:12:24 2,392,064 ----a-w C:\Windows\System32\ig4icd32.dll + 2008-02-11 10:01:30 2,420,736 ----a-w C:\Windows\System32\ig4icd32.dll - 2007-06-26 09:53:54 2,555,904 ----a-w C:\Windows\System32\igdumd32.dll + 2008-02-11 10:36:08 3,301,376 ----a-w C:\Windows\System32\igdumd32.dll - 2007-07-03 09:06:22 524,624 ----a-w C:\Windows\System32\igfxcfg.exe + 2008-02-22 09:34:50 539,160 ----a-w C:\Windows\System32\igfxcfg.exe + 2008-02-11 10:55:18 147,456 ----a-w C:\Windows\System32\igfxCoIn_v1437.dll - 2007-06-26 08:53:48 200,704 ----a-w C:\Windows\System32\igfxdev.dll + 2008-02-11 09:46:44 204,800 ----a-w C:\Windows\System32\igfxdev.dll - 2007-06-26 08:54:00 135,168 ----a-w C:\Windows\System32\igfxdo.dll + 2008-02-11 09:46:58 135,168 ----a-w C:\Windows\System32\igfxdo.dll - 2007-06-26 08:54:28 24,576 ----a-w C:\Windows\System32\igfxexps.dll + 2008-02-11 09:47:26 24,576 ----a-w C:\Windows\System32\igfxexps.dll - 2007-07-03 09:07:46 166,424 ----a-w C:\Windows\System32\igfxext.exe + 2008-02-22 09:34:56 170,520 ----a-w C:\Windows\System32\igfxext.exe - 2007-06-26 10:28:38 137,752 ----a-w C:\Windows\System32\igfxpers.exe + 2008-02-22 09:34:58 133,656 ----a-w C:\Windows\System32\igfxpers.exe - 2007-06-26 08:54:36 204,800 ----a-w C:\Windows\System32\igfxpph.dll + 2008-02-11 09:47:34 204,800 ----a-w C:\Windows\System32\igfxpph.dll - 2007-06-26 08:53:36 3,293,184 ----a-w C:\Windows\System32\igfxress.dll + 2008-02-11 09:46:32 3,293,184 ----a-w C:\Windows\System32\igfxress.dll - 2007-06-26 08:54:18 47,616 ----a-w C:\Windows\System32\igfxsrvc.dll + 2008-02-11 09:47:14 48,640 ----a-w C:\Windows\System32\igfxsrvc.dll - 2007-07-03 09:09:28 252,440 ----a-w C:\Windows\System32\igfxsrvc.exe + 2008-02-22 09:35:02 256,536 ----a-w C:\Windows\System32\igfxsrvc.exe - 2007-06-26 08:55:00 249,856 ----a-w C:\Windows\System32\igfxTMM.dll + 2008-02-11 09:48:00 245,760 ----a-w C:\Windows\System32\igfxTMM.dll - 2007-07-03 09:10:32 141,848 ----a-w C:\Windows\System32\igfxtray.exe + 2008-02-22 09:35:06 141,848 ----a-w C:\Windows\System32\igfxtray.exe - 2007-06-26 10:28:48 170,520 ----a-w C:\Windows\System32\igfxzoom.exe + 2008-02-22 09:35:10 170,520 ----a-w C:\Windows\System32\igfxzoom.exe + 2008-02-11 10:34:48 2,215,364 ----a-w C:\Windows\System32\igklg400.bin + 2008-02-11 10:34:48 1,971,732 ----a-w C:\Windows\System32\igklg450.bin + 2008-02-11 10:34:48 29,932 ----a-w C:\Windows\System32\igmedcompkrn.bin + 2006-11-02 09:39:39 2,048 ----a-w C:\Windows\System32\iologmsg.dll - 2007-09-24 22:30:28 135,168 ----a-w C:\Windows\System32\java.exe + 2008-02-22 00:23:35 135,168 ----a-w C:\Windows\System32\java.exe - 2007-09-24 22:30:30 135,168 ----a-w C:\Windows\System32\javaw.exe + 2008-02-22 00:23:39 135,168 ----a-w C:\Windows\System32\javaw.exe - 2007-09-24 23:31:42 139,264 ----a-w C:\Windows\System32\javaws.exe + 2008-02-22 01:33:32 139,264 ----a-w C:\Windows\System32\javaws.exe + 2006-11-02 07:10:15 2,000 ----a-w C:\Windows\System32\keyboard.drv + 2008-03-20 17:06:36 1,480,232 ----a-w C:\Windows\System32\LegitCheckControl.DLL - 2007-07-12 20:02:38 1,044,480 ----a-w C:\Windows\System32\libdivx.dll + 2007-11-29 22:30:16 1,044,480 ----a-w C:\Windows\System32\libdivx.dll + 2006-11-02 07:38:59 2,048 ----a-w C:\Windows\System32\lltdres.dll - 2007-11-21 00:52:38 2,884,992 ----a-w C:\Windows\System32\Macromed\Flash\NPSWF32.dll + 2008-03-25 03:21:18 2,889,088 ----a-w C:\Windows\System32\Macromed\Flash\NPSWF32.dll - 2007-11-21 00:52:40 218,496 ----a-w C:\Windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe + 2008-03-25 03:21:20 218,496 ----a-w C:\Windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe - 2008-02-04 11:52:10 70,264 ----a-w C:\Windows\System32\Macromed\Flash\uninstall_plugin.exe + 2008-05-02 22:27:41 70,264 ----a-w C:\Windows\System32\Macromed\Flash\uninstall_plugin.exe + 2006-11-02 12:35:51 2,048 ----a-w C:\Windows\System32\mferror.dll + 2006-11-02 07:10:18 2,032 ----a-w C:\Windows\System32\mouse.drv - 2008-04-06 05:56:20 19,836,024 ----a-w C:\Windows\System32\mrt.exe + 2008-05-09 21:35:04 16,863,864 ----a-w C:\Windows\System32\mrt.exe + 2006-11-02 07:15:56 2,560 ----a-w C:\Windows\System32\msimsg.dll + 2006-11-02 07:18:28 2,048 ----a-w C:\Windows\System32\msprivs.dll + 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\System32\msxml3r.dll + 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\System32\msxml6r.dll + 2006-11-02 09:41:16 2,048 ----a-w C:\Windows\System32\neth.dll + 2006-11-02 09:41:17 2,048 ----a-w C:\Windows\System32\netmsg.dll + 2008-02-29 16:13:17 2,456 ----a-w C:\Windows\System32\networklist\icons\{757DC8F2-25A6-45DE-9DDC-46A6917DFF05}_24.bin + 2008-03-04 18:30:48 2,456 ----a-w C:\Windows\System32\networklist\icons\{FF272D3B-5F4E-45FB-B63C-B51B8352347D}_24.bin + 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\System32\networklist\icons\StockIcons\bench_24.bin + 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\System32\networklist\icons\StockIcons\house_24.bin + 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\System32\networklist\icons\StockIcons\office_24.bin + 2006-11-02 08:33:06 2,560 ----a-w C:\Windows\System32\normaliz.dll - 2007-06-26 08:54:44 69,632 ----a-w C:\Windows\System32\oemdspif.dll + 2008-02-11 09:47:38 69,632 ----a-w C:\Windows\System32\oemdspif.dll + 2006-11-02 07:08:53 2,048 ----a-w C:\Windows\System32\oleaccrc.dll - 2008-04-12 09:48:39 133,686 ----a-w C:\Windows\System32\perfc009.dat + 2008-05-14 11:39:06 141,384 ----a-w C:\Windows\System32\perfc009.dat - 2008-04-12 09:48:40 686,766 ----a-w C:\Windows\System32\perfh009.dat + 2008-05-14 11:39:06 715,266 ----a-w C:\Windows\System32\perfh009.dat - 2007-01-09 11:00:00 72,440 ----a-w C:\Windows\System32\pxhpinst.exe + 2007-03-07 23:51:00 72,440 ------w C:\Windows\System32\pxhpinst.exe - 2007-01-09 11:00:00 64,760 ----a-w C:\Windows\System32\pxinsa64.exe + 2007-03-07 23:51:00 64,760 ------w C:\Windows\System32\pxinsa64.exe - 2007-07-12 20:02:46 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll + 2007-11-29 22:30:28 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll + 2006-11-02 07:10:00 2,842 ----a-w C:\Windows\System32\redir.exe + 2006-11-02 09:43:00 2,560 ----a-w C:\Windows\System32\rnr20.dll + 2006-11-02 12:34:48 2,048 ----a-w C:\Windows\System32\SampleRes.dll - 2008-04-10 16:07:17 247,296 ----a-w C:\Windows\System32\shsvcs.dll + 2008-01-27 00:09:24 247,296 ----a-w C:\Windows\System32\shsvcs.dll - 2008-04-11 17:58:27 6,553,600 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT + 2008-05-17 23:54:56 6,553,600 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT + 2006-11-02 07:10:16 1,744 ----a-w C:\Windows\System32\sound.drv - 2007-07-12 20:02:38 200,704 ----a-w C:\Windows\System32\ssldivx.dll + 2007-11-29 22:30:16 200,704 ----a-w C:\Windows\System32\ssldivx.dll + 2007-07-03 02:42:32 2,017 ----a-w C:\Windows\System32\sysprep\snyDtScUtil.vbs + 2007-07-03 02:42:32 1,883 ----a-w C:\Windows\System32\sysprep\Snytools\[u]0[/u]1_DRD\DRD.vbs + 2007-07-03 02:42:32 1,754 ----a-w C:\Windows\System32\sysprep\Snytools\[u]0[/u]4_OF7\WIME2007.vbs + 2006-11-02 06:58:59 2,048 ----a-w C:\Windows\System32\tzres.dll - 2007-03-23 10:05:16 5,451,776 ----a-r C:\Windows\System32\V2iDiskLib.dll + 2007-03-23 09:05:16 5,451,776 ----a-r C:\Windows\System32\V2iDiskLib.dll + 2006-11-02 07:10:17 2,176 ----a-w C:\Windows\System32\vga.drv - 2007-10-08 08:07:06 219,696 ----a-w C:\Windows\System32\vmnc.dll + 2007-10-08 07:07:06 219,696 ----a-w C:\Windows\System32\vmnc.dll + 2006-11-02 07:15:27 2,048 ----a-w C:\Windows\System32\wbem\WmiApRes.dll - 2008-04-12 09:44:35 13,908 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3390100157-130006372-542817148-1000_UserData.bin + 2008-05-20 09:13:20 16,336 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3390100157-130006372-542817148-1000_UserData.bin - 2008-04-12 09:44:34 71,940 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-05-20 09:13:19 74,350 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-05-20 15:24:05 5,934 ----a-w C:\Windows\System32\WDI\ERCQueuedResolutions.dat - 2008-04-12 09:44:26 63,526 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2008-05-20 09:13:14 71,974 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin - 2008-04-11 19:58:05 305,674 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2008-05-20 15:07:51 338,230 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2006-11-02 07:10:22 2,864 ----a-w C:\Windows\System32\WINSOCK.DLL + 2006-11-02 07:10:18 2,112 ----a-w C:\Windows\System32\WINSPOOL.EXE + 2006-11-02 12:35:54 2,048 ----a-w C:\Windows\System32\wmerror.dll + 2006-11-02 07:10:27 2,864 ----a-w C:\Windows\System32\WOWDEB.EXE + 2008-01-19 05:39:36 1,536 ----a-w C:\Windows\System32\WsmCl.dll + 2007-03-05 11:42:18 15,128 ----a-w C:\Windows\System32\x3daudio1_1.dll + 2007-10-22 02:37:16 17,928 ----a-w C:\Windows\System32\X3DAudio1_2.dll + 2008-03-05 15:00:06 25,608 ----a-w C:\Windows\System32\X3DAudio1_3.dll + 2006-03-31 11:39:48 229,584 ----a-w C:\Windows\System32\xactengine2_1.dll + 2007-10-22 02:39:54 267,272 ----a-w C:\Windows\System32\xactengine2_10.dll + 2006-05-31 06:24:16 230,168 ----a-w C:\Windows\System32\xactengine2_2.dll + 2006-07-28 08:30:32 236,824 ----a-w C:\Windows\System32\xactengine2_3.dll + 2006-09-28 15:05:56 237,848 ----a-w C:\Windows\System32\xactengine2_4.dll + 2006-12-08 11:02:00 251,672 ----a-w C:\Windows\System32\xactengine2_5.dll + 2007-01-24 14:27:30 255,848 ----a-w C:\Windows\System32\xactengine2_6.dll + 2007-04-04 17:55:00 261,480 ----a-w C:\Windows\System32\xactengine2_7.dll + 2007-06-20 19:46:04 266,088 ----a-w C:\Windows\System32\xactengine2_8.dll + 2007-07-19 23:57:12 267,112 ----a-w C:\Windows\System32\xactengine2_9.dll + 2008-03-05 15:03:20 238,088 ----a-w C:\Windows\System32\xactengine3_0.dll + 2008-03-05 15:03:54 479,752 ----a-w C:\Windows\System32\XAudio2_0.dll + 2006-03-31 11:39:24 62,672 ----a-w C:\Windows\System32\xinput1_1.dll + 2006-07-28 08:30:14 62,744 ----a-w C:\Windows\System32\xinput1_2.dll + 2007-04-04 17:53:42 81,768 ----a-w C:\Windows\System32\xinput1_3.dll + 2008-05-13 12:10:52 384,208,613 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin + 2007-08-01 18:16:49 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16444_none_0a14b72ff542b5ae\AcRes.dll + 2007-08-01 18:20:05 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16485_none_09ea77c9f5623ec9\AcRes.dll + 2008-01-29 00:15:55 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16633_none_0a1e8a9df53b7ab4\AcRes.dll + 2007-08-01 18:16:49 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.20543_none_0a9d53b10e613c21\AcRes.dll + 2007-08-01 18:20:05 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.20597_none_0a6b453d0e862d32\AcRes.dll + 2008-01-30 00:29:13 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.20762_none_0a86b75b0e7254fa\AcRes.dll + 2006-11-02 07:11:38 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6001.18000_none_0c223829f24c6bcd\AcRes.dll + 2006-11-02 07:11:39 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6001.18000_none_94ca2703a87213b1\acprgwiz.dll + 2006-11-02 08:12:29 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-agent0409_31bf3856ad364e35_6.0.6000.16386_none_cba6dc9d9ccc4898\AgtUI.dll + 2008-01-19 05:27:25 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..environment-strings_31bf3856ad364e35_6.0.6001.18000_none_f8820fad0cee5a7c\bootstr.dll + 2008-01-05 11:23:07 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..onment-dvd-etfsboot_31bf3856ad364e35_6.0.6001.18000_none_827be8b16a696de9\etfsboot.com + 2006-11-02 09:41:17 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-basic-misc-tools_31bf3856ad364e35_6.0.6001.18000_none_175cb770bf6b8f77\netmsg.dll + 2006-11-02 12:36:25 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-dfsr-core-clientonly_31bf3856ad364e35_6.0.6001.18000_none_b6798caa9a04157b\dfsrres.dll + 2008-01-19 05:49:54 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-diskmanagement_31bf3856ad364e35_6.0.6001.18000_none_0197b5b76fbd3f60\dmdskres2.dll + 2007-08-01 18:15:49 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16483_none_130d95820ca9b131\tzres.dll + 2007-11-24 15:28:37 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16520_none_134b76120c7bbaad\tzres.dll + 2007-12-12 14:59:55 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16589_none_131399240ca44662\tzres.dll + 2007-08-01 18:15:49 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.20594_none_138d62ab25ce8643\tzres.dll + 2007-11-24 15:28:37 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.20636_none_13d044ad259c0e72\tzres.dll + 2007-12-12 14:59:54 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.20712_none_13e1e543258f6e5b\tzres.dll + 2006-11-02 06:58:59 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18000_none_15475676099210e3\tzres.dll + 2006-11-02 12:36:24 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-legacysnapin_31bf3856ad364e35_6.0.6001.18000_none_8120d407b205fdca\iismui.dll + 2006-11-02 07:15:56 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.0.6001.18000_none_037a7e2bb384bf01\msimsg.dll + 2006-11-02 08:33:06 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-international-core_31bf3856ad364e35_6.0.6000.16386_none_e773a28cdcd5ef62\normaliz.dll + 2006-11-02 08:33:06 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-international-core_31bf3856ad364e35_6.0.6001.18000_none_e9aa6488d9c10036\normaliz.dll + 2006-11-02 09:39:39 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iologgingdll_31bf3856ad364e35_6.0.6000.16386_none_b4a74430ff7bd85d\iologmsg.dll + 2006-11-02 07:18:28 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-lsa-msprivs_31bf3856ad364e35_6.0.6000.16386_none_09e22f167e7ac9b3\msprivs.dll + 2006-11-02 12:35:51 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18000_none_9c5f2f3c0cc1aa83\mferror.dll + 2007-12-12 15:04:04 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmasf_31bf3856ad364e35_6.0.6000.16585_none_a57e3226437ddd6f\asferror.dll + 2007-12-12 15:04:04 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmasf_31bf3856ad364e35_6.0.6000.20708_none_a66151155c57e6dd\asferror.dll + 2006-11-02 12:35:57 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmasf_31bf3856ad364e35_6.0.6001.18000_none_a7b5f0a040680d4c\asferror.dll + 2006-11-02 12:35:54 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmerror_31bf3856ad364e35_6.0.6000.16386_none_351e30f1ba0b5cbe\wmerror.dll + 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16386_none_86377e9e99eb1168\msxml3r.dll + 2007-11-24 15:26:59 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16500_none_8688000e99af9424\msxml3r.dll + 2007-11-24 15:26:59 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.20613_none_8709cdcbb2d29be4\msxml3r.dll + 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.18000_none_886e409a96d6223c\msxml3r.dll + 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16386_none_86373a4699eb5e4b\msxml6r.dll + 2007-11-24 15:24:14 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16472_none_863e0af099e6da25\msxml6r.dll + 2007-11-24 15:24:14 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.20582_none_86bcd7cfb30c95e0\msxml6r.dll + 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.18000_none_886dfc4296d66f1f\msxml6r.dll + 2006-11-02 09:41:16 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-net-command-line-tool_31bf3856ad364e35_6.0.6001.18000_none_5232518072770fdb\neth.dll + 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\bench_24.bin + 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\house_24.bin + 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\office_24.bin + 2006-11-02 07:38:48 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6001.18000_none_07e9f0db06159927\bridgeres.dll + 2006-11-02 07:38:59 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networktopology_31bf3856ad364e35_6.0.6001.18000_none_d155f734fa7d6b4f\lltdres.dll + 2006-11-02 07:10:15 2,000 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\keyboard.drv + 2006-11-02 07:10:18 2,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\mouse.drv + 2006-11-02 07:10:16 1,744 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\sound.drv + 2006-11-02 07:10:17 2,176 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\vga.drv + 2006-11-02 07:10:15 2,000 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\keyboard.drv + 2006-11-02 07:10:18 2,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\mouse.drv + 2006-11-02 07:10:00 2,842 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\redir.exe + 2006-11-02 07:10:16 1,744 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\sound.drv + 2006-11-02 07:10:17 2,176 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\vga.drv + 2006-11-02 07:10:22 2,864 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WINSOCK.DLL + 2006-11-02 07:10:18 2,112 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WINSPOOL.EXE + 2006-11-02 07:10:27 2,864 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WOWDEB.EXE + 2006-11-02 07:08:53 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oleaccrc_31bf3856ad364e35_6.0.6000.16386_none_76f32d528a780cf2\oleaccrc.dll + 2006-11-02 12:34:48 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-photosamples_31bf3856ad364e35_6.0.6000.16386_none_95425ac284e42b43\SampleRes.dll + 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\penchs.dll + 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\pencht.dll + 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\penjpn.dll + 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\penkor.dll + 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\penusa.dll + 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\pipres.dll + 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\skchobj.dll + 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\skchui.dll + 2006-11-02 12:35:47 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6001.18000_none_3fac12f5c6543548\IPSEventLogMsg.dll + 2006-11-02 12:35:47 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-tabletpc-pentraining_31bf3856ad364e35_6.0.6000.16386_none_dfb8647a7b1e856b\PTRes.dll + 2006-11-02 12:35:43 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-tabletpc-touchtraining_31bf3856ad364e35_6.0.6000.16386_none_c41ca1245ce8094b\TTRes.dll + 2008-01-19 05:39:36 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.0.6001.18000_none_ca65755fad07cc55\WsmCl.dll + 2006-11-02 09:43:00 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-winsock-legacy_31bf3856ad364e35_6.0.6001.18000_none_e36536a91186bed0\rnr20.dll + 2006-11-02 07:15:27 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\WmiApRes.dll + 2008-01-19 05:39:14 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6001.18000_none_aabb7e89c6bfbe76\smierrsm.dll + 2008-01-19 05:39:16 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6001.18000_none_aabb7e89c6bfbe76\smierrsy.dll + 2008-01-19 05:39:17 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6001.18000_none_aabb7e89c6bfbe76\smimsgif.dll + 2008-05-04 14:36:25 161,784 ----a-w C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.8_none_bdf22a22ab9e15d5\ATL90.dll + 2008-05-04 14:36:33 224,768 ----a-w C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcm90.dll + 2008-05-04 14:36:33 568,832 ----a-w C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcp90.dll + 2008-05-04 14:36:33 655,872 ----a-w C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcr90.dll + 2008-05-04 14:42:10 311,808 ----a-w C:\Windows\winsxs\x86_microsoft.vc90.debugcrt_1fc8b3b9a1e18e3b_9.0.21022.8_none_96748342450f6aa2\msvcm90d.dll + 2008-05-04 14:42:10 868,864 ----a-w C:\Windows\winsxs\x86_microsoft.vc90.debugcrt_1fc8b3b9a1e18e3b_9.0.21022.8_none_96748342450f6aa2\msvcp90d.dll + 2008-05-04 14:42:10 1,180,672 ----a-w C:\Windows\winsxs\x86_microsoft.vc90.debugcrt_1fc8b3b9a1e18e3b_9.0.21022.8_none_96748342450f6aa2\msvcr90d.dll + 2008-05-04 14:42:21 1,156,600 ----a-w C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b81d038aaf540e86\mfc90.dll + 2008-05-04 14:42:21 1,162,744 ----a-w C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b81d038aaf540e86\mfc90u.dll + 2008-05-04 14:42:21 59,904 ----a-w C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b81d038aaf540e86\mfcm90.dll + 2008-05-04 14:42:21 59,904 ----a-w C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b81d038aaf540e86\mfcm90u.dll + 2008-01-19 07:31:57 2,560 ----a-w C:\Windows\winsxs\x86_wcf-m_sm_evt_dll_vista_31bf3856ad364e35_6.0.6001.18000_none_786a30e49861a093\ServiceModelEvents.dll + 2006-11-02 12:36:02 2,560 ----a-w C:\Windows\winsxs\x86_wcf-m_sm_ins_rc_dll_31bf3856ad364e35_6.0.6000.16386_none_c6c5835b4cd99252\ServiceModelInstallRC.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ae3562a7-394e-467b-97aa-d7b30313d2f8}] 2008-05-19 22:04 134656 --a------ C:\Windows\system32\vlowspyj.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E0868935-B823-4077-99E5-A1026BA1DB43}] 2008-05-19 18:46 371712 --a------ C:\Windows\system32\ljJBtqPg.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 08:33 125952] "RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 13:58 495616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-19 08:38 1008184] "RtHDVCpl"="RtHDVCpl.exe" [2007-06-26 01:39 4489216 C:\Windows\RtHDVCpl.exe] "Apoint"="C:\Program Files\Apoint\Apoint.exe" [2007-06-10 01:12 118784] "ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2007-06-12 02:27 317560] "Samsung PanelMgr"="C:\Windows\Samsung\PanelMgr\SSMMgr.exe" [2007-01-03 05:47 520192] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 11:06 1443072] "IgfxTray"="C:\Windows\system32\igfxtray.exe" [2008-02-22 10:35 141848] "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2008-02-22 10:34 166424] "Persistence"="C:\Windows\system32\igfxpers.exe" [2008-02-22 10:34 133656] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048] "vmware-tray"="C:\Program Files\VMware\VMware Workstation\vmware-tray.exe" [2007-10-08 09:27 72240] "56cb42d7"="C:\Windows\system32\rwhslixn.dll" [2008-05-19 22:03 114688] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "LogonHoursAction"= 2 (0x2) "DontDisplayLogonHoursWarnings"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "TaskbarNoThumbnail"= 0 (0x0) "NoWinKeys"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{E23136A1-1AC4-4D1B-926F-5D537CFFF359}"= C:\Windows\system32\mlJYstSK.dll [2008-05-19 18:41 56320] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] VESWinlogon.dll 2007-07-25 03:26 98304 C:\Windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.i420"= i420vfw.dll "VIDC.dvsd"= C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll "vidc.mjpg"= pvmjpg30.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 relog_ap [HKLM\~\startupfolder\C:^Users^Michael^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk] path=C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk backup=C:\Windows\pss\Adobe Gamma.lnk.Startup backupExtension=.Startup [HKLM\~\startupfolder\C:^Users^Michael^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service] --a------ 2007-10-30 21:07 140568 C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor] --a------ 2007-10-30 21:11 909208 C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2007-09-25 02:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2007-11-29 15:03 185632 C:\Program Files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe] --a------ 2007-10-30 21:06 2595616 C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray] --a------ 2007-10-08 09:26 55856 C:\Program Files\VMware\VMware Workstation\hqtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray] --a------ 2007-10-08 09:27 72240 C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WPCUMI] --a------ 2006-11-02 13:35 176128 C:\Windows\system32\WpcUmi.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3390100157-130006372-542817148-1000] "EnableNotificationsRef"=dword:00000002 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "DefaultOutboundAction"= 0 (0x0) "DefaultInboundAction"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{9296F22B-990F-42B6-9EF4-8198383B6147}"= UDP:C:\Program Files\Google\Google Talk\googletalk.exe:Google Talk "{FE1E8A57-C32A-4159-B035-CADDFF2191F4}"= TCP:C:\Program Files\Google\Google Talk\googletalk.exe:Google Talk "{2DE4B469-CCE9-4DE8-82BF-09634B239122}"= Disabled:UDP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media "{DDDA5625-5F0C-413A-B168-E7908AEF23CC}"= Disabled:TCP:C:\Program Files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media "{DB867C86-FD55-4636-B14A-F74F4C59CB16}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "{1585C0CE-D192-4D20-BAD8-27CFB0D6A663}"= UDP:6884:utor "TCP Query User{9FF671CF-4AD7-4EF3-980E-FCB28FD4FD19}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent "UDP Query User{A714B1AF-03AF-4474-B38B-2D648941DB86}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent "{1C434C2F-0EEC-4984-873D-2734AE01E688}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{3AD5EC32-740B-4C96-9884-99D27B51C0DC}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{2E49F8EF-E5D4-49DD-924E-EC8A3A93DAF5}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "TCP Query User{DAC93052-72FE-4847-825E-F90433CB4208}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox "UDP Query User{972873BC-8C51-4050-8081-F2C5DA044F98}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox "TCP Query User{583244E3-9D8C-45BA-BB08-6C567BE6F1D3}C:\\program files\\intervideo\\dvd8\\windvd.exe"= UDP:C:\program files\intervideo\dvd8\windvd.exe:WinDVD "UDP Query User{CED32301-D66D-4B92-8EFD-35BA23E23011}C:\\program files\\intervideo\\dvd8\\windvd.exe"= TCP:C:\program files\intervideo\dvd8\windvd.exe:WinDVD "95aea77c-e579-4903-b8b2-91e6c95fe2e1"= UDP:17989:lw "{8217D371-5D20-4C4D-AC68-2217CFBB8973}"= TCP:6884:utor2 "TCP Query User{5C95ADE3-33B4-4263-858B-634C4C21B777}C:\\program files\\quicktime\\quicktimeplayer.exe"= UDP:C:\program files\quicktime\quicktimeplayer.exe:QuickTime Player "UDP Query User{DAFBA970-A89D-475C-B0D0-B7BBB459B8D8}C:\\program files\\quicktime\\quicktimeplayer.exe"= TCP:C:\program files\quicktime\quicktimeplayer.exe:QuickTime Player "TCP Query User{B4A7984F-4D85-47BD-8D9D-57F6EB5557C6}C:\\users\\michael\\desktop\\xampp-win32-1.6.5\\xampp\\apache\\bin\\apache.exe"= UDP:C:\users\michael\desktop\xampp-win32-1.6.5\xampp\apache\bin\apache.exe:apache.exe "UDP Query User{237CD129-391E-4BD9-9F5C-E4916FA8D224}C:\\users\\michael\\desktop\\xampp-win32-1.6.5\\xampp\\apache\\bin\\apache.exe"= TCP:C:\users\michael\desktop\xampp-win32-1.6.5\xampp\apache\bin\apache.exe:apache.exe "TCP Query User{FF2EE3CC-8D8A-450C-9E22-551AEF4AEBB6}C:\\users\\michael\\desktop\\xampp-win32-1.6.5\\xampp\\mysql\\bin\\mysqld.exe"= UDP:C:\users\michael\desktop\xampp-win32-1.6.5\xampp\mysql\bin\mysqld.exe:mysqld.exe "UDP Query User{FF920B09-4E47-4F1F-BA04-71E0383994D6}C:\\users\\michael\\desktop\\xampp-win32-1.6.5\\xampp\\mysql\\bin\\mysqld.exe"= TCP:C:\users\michael\desktop\xampp-win32-1.6.5\xampp\mysql\bin\mysqld.exe:mysqld.exe "{150F7F7B-EB14-4571-8EE7-4C602BBFC975}"= UDP:6346:limewire "TCP Query User{953D4D3D-68A7-4CE3-99B2-94B04EDEC72F}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{3C274CC5-1E39-4289-80CE-DE585AA54EC8}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{81A1BB1F-3FBD-4547-BE74-C4CFA0392623}C:\\program files\\soundspectrum\\whitecap\\whitecap standalone.exe"= UDP:C:\program files\soundspectrum\whitecap\whitecap standalone.exe:WhiteCap Standalone "UDP Query User{ACA2F011-BB40-4635-BA9A-919C8AF446BA}C:\\program files\\soundspectrum\\whitecap\\whitecap standalone.exe"= TCP:C:\program files\soundspectrum\whitecap\whitecap standalone.exe:WhiteCap Standalone "{82EA312B-8A8E-4DFE-B0FD-E524F590EA3C}"= UDP:C:\Users\Michael\AppData\Local\Temp\Installer.exe:SpeedTouch Home Install Wizard "{B0D1672B-5DAF-4A2F-87A3-7A18AAB88C51}"= TCP:C:\Users\Michael\AppData\Local\Temp\Installer.exe:SpeedTouch Home Install Wizard "{1A8F7EB9-452F-4D8C-9197-9871B3E0143D}"= UDP:C:\Users\Michael\Desktop\Vista41C\Installer.exe:SpeedTouch Home Install Wizard "{06642459-4E0C-437B-AE32-83D39D64A5D1}"= TCP:C:\Users\Michael\Desktop\Vista41C\Installer.exe:SpeedTouch Home Install Wizard "{F37B408F-DA2F-4FF9-B47E-7D5F3185BF9F}"= UDP:C:\Program Files\Thomson\ST330\service\st330service.exe:ST330 service "{063408C1-BF23-4DD0-B3B9-6DA838CF1F83}"= TCP:C:\Program Files\Thomson\ST330\service\st330service.exe:ST330 service "{F6F74C65-3A73-4B84-8857-92513DF73FFC}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{A14EFE97-6446-4866-A7F4-B599702140D4}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{A1825DD4-27E2-43BD-857B-BAEA57146C07}"= UDP:C:\Program Files\Thomson\ST330\service\st330service.exe:ST330 service "{63AC1D89-B914-4FE1-A18B-5DDB13BCBB4E}"= TCP:C:\Program Files\Thomson\ST330\service\st330service.exe:ST330 service "{45501F5D-A395-4DE3-A7EC-DE116AAE957F}"= UDP:C:\Users\Michael\AppData\Local\Temp\Installer.exe:SpeedTouch Home Install Wizard "{E8A7670B-239E-4219-939F-A2529797D29B}"= TCP:C:\Users\Michael\AppData\Local\Temp\Installer.exe:SpeedTouch Home Install Wizard "{4BFA30EE-436F-4FC8-B3F8-065AECFCCEDF}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent "{77EE46B7-1AB9-4775-9B0D-29BCAA965A62}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent "TCP Query User{83148997-93AA-451F-AE8B-C668C57D6EEA}C:\\program files\\webguide\\webguide4\\bin\\webguide_configuration.exe"= UDP:C:\program files\webguide\webguide4\bin\webguide_configuration.exe:WebGuide_Configuration "UDP Query User{81BF9D4F-ABE8-47FB-85D9-0DD40E5A22D2}C:\\program files\\webguide\\webguide4\\bin\\webguide_configuration.exe"= TCP:C:\program files\webguide\webguide4\bin\webguide_configuration.exe:WebGuide_Configuration "{4DE093D7-728D-4862-BE28-A77E95B2C659}"= UDP:51394:WebGuide "{2780D502-22EB-42D7-89F0-3D070A31DE35}"= UDP:51395:WebGuide "{4EA9575A-B3D0-4216-B6C9-6E9D458ADABF}"= UDP:51393:WebGuide "{A7B9B0F2-3558-4908-8B97-B3E35EFA364C}"= UDP:51861:WebGuide "{21392598-91B2-4215-B0E6-B113E9D2ED1A}"= UDP:51862:WebGuide "4f0bed32-b4f7-4e09-9db8-eed16d6d4fbb"= UDP:Profile=Public|51861:webguide "TCP Query User{A19E772A-970A-40C4-8400-45A44A27C55D}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox "UDP Query User{DB0B7526-3B2B-48C8-85E6-35978BD32B6E}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox "{1131D2C5-AA0A-4E05-8510-D94A1D00C0DF}"= UDP:51861:WebGuide "TCP Query User{170FE7D8-16F7-4788-918F-5730D78219B4}C:\\program files\\itunes\\itunes.exe"= UDP:C:\program files\itunes\itunes.exe:iTunes "UDP Query User{5E74932F-034D-423F-B43F-BB5E49AE899C}C:\\program files\\itunes\\itunes.exe"= TCP:C:\program files\itunes\itunes.exe:iTunes "{A8E9F08E-D658-4C85-A5E4-0C16887423AE}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "TCP Query User{577D78FE-871A-4202-8C60-A9AE3F3E45D0}C:\\program files\\webguide\\webguide4\\bin\\webguide_configuration.exe"= UDP:C:\program files\webguide\webguide4\bin\webguide_configuration.exe:WebGuide_Configuration "UDP Query User{D65A53FC-45F3-44D1-913B-9AB25D2486DD}C:\\program files\\webguide\\webguide4\\bin\\webguide_configuration.exe"= TCP:C:\program files\webguide\webguide4\bin\webguide_configuration.exe:WebGuide_Configuration "{3E559374-AE81-41C8-BD5F-797A347B30B3}"= UDP:8077:WebGuide "{31A32B1D-84A2-48C5-BCDC-76AC9E77FE88}"= UDP:51862:WebGuide "TCP Query User{E232EA43-CB3A-407D-9563-29611CBFB951}C:\\program files\\dvbviewer\\dvbserver.exe"= UDP:C:\program files\dvbviewer\dvbserver.exe:DVBViewer Pro NetworkServer "UDP Query User{CD21EAAE-F392-45B5-A1A4-F5929EECECF1}C:\\program files\\dvbviewer\\dvbserver.exe"= TCP:C:\program files\dvbviewer\dvbserver.exe:DVBViewer Pro NetworkServer "{C2ED6B95-2BF7-4AE8-860C-969D638B1502}"= UDP:C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager "{C14E5698-9A55-43D5-B66C-E8F06BDD3438}"= TCP:C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager "{26C78D71-7F9F-4963-A1AC-4A1CB5997A52}"= UDP:C:\Program Files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe:PMSRegisterFile "{5AAC07C4-138C-4B9A-823D-EDC970610946}"= TCP:C:\Program Files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe:PMSRegisterFile "{9DAAB247-9066-4F80-8B20-3B85E800D0B4}"= UDP:C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:umi "{E509E8E9-238D-4C86-B976-4A4E9A9E3D24}"= TCP:C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:umi "{6D9832D3-D98D-4036-B09A-1DC45D0A63C3}"= UDP:C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:Pinnacle VideoSpin "{26A282B5-D175-4FC6-89A0-CCF7D6DEE158}"= TCP:C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:Pinnacle VideoSpin "TCP Query User{3095738F-EB4C-42F3-964F-0924B36FDF7B}C:\\program files\\pinnacle\\videospin\\programs\\videospin.exe"= UDP:C:\program files\pinnacle\videospin\programs\videospin.exe:Pinnacle VideoSpin program file "UDP Query User{8E2A3B31-22DF-4B47-ADD7-284661AF7094}C:\\program files\\pinnacle\\videospin\\programs\\videospin.exe"= TCP:C:\program files\pinnacle\videospin\programs\videospin.exe:Pinnacle VideoSpin program file "9091af9d-727e-42b5-8e51-5fc989ed6f68"= %USERPROFILE%\Desktop\Wubi-8.04-beta-rev487.exe:wubi "{ED021FA3-21EB-4596-A56F-3F5FDA6A46B5}"= UDP:62056:WebGuide "{6DCF84A3-2720-443D-9AED-27F724836805}"= UDP:62057:WebGuide "TCP Query User{8342B1F8-8248-4B9D-AE37-8060BC3B6E0F}C:\\webguide4\\bin\\webguide_configuration.exe"= UDP:C:\webguide4\bin\webguide_configuration.exe:WebGuide_Configuration "UDP Query User{F31778A9-257B-4049-B6A6-E6C608528469}C:\\webguide4\\bin\\webguide_configuration.exe"= TCP:C:\webguide4\bin\webguide_configuration.exe:WebGuide_Configuration "{00A9E808-471D-4EBB-809F-AA82FD27ABDC}"= UDP:2141:WebGuide "{85D1CE6D-2DEE-4AB7-B310-6225C63CB884}"= UDP:2142:WebGuide "{053F3FF0-57EF-429D-9B7C-0C2515F8B98A}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{7D16CFA0-69D2-4E47-AED2-8EF444AA99E1}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "{460AD5BF-2CE4-4F3B-948E-4AD0FA192A9A}"= UDP:8295:WebGuide "{D0C72269-38B0-4AC1-B93C-EA35E31B814D}"= UDP:8296:WebGuide "{BDB40C80-3BC0-400A-853B-FF0F07268ED3}"= UDP:C:\Program Files\FrostWire\FrostWire.exe:LimeWire "{5768C715-C908-4746-A127-515705D37A32}"= TCP:C:\Program Files\FrostWire\FrostWire.exe:LimeWire "TCP Query User{A4D27B99-8857-4C57-9454-1C2F1AFB189A}C:\\program files\\freewire\\freewire television\\freewire television.exe"= UDP:C:\program files\freewire\freewire television\freewire television.exe:Freewire Television "UDP Query User{BA37426A-5F8C-4FBB-B4E3-F92818A620E2}C:\\program files\\freewire\\freewire television\\freewire television.exe"= TCP:C:\program files\freewire\freewire television\freewire television.exe:Freewire Television "{73988511-E7F8-4F5C-B6F2-7AE6C085F293}"= UDP:C:\Program Files\Orb Networks\Orb\bin\Orb.exe:Orb "{017D949D-1E25-4D44-93D5-1742B90016F7}"= TCP:C:\Program Files\Orb Networks\Orb\bin\Orb.exe:Orb "{2DE80A82-011C-4806-8782-DD79E49D1C3A}"= UDP:C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe:OrbTray "{42B74061-B596-4C99-A5DD-57E85E6D3744}"= TCP:C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe:OrbTray "{674B8D4C-0F38-406B-B61B-97B45A52B26A}"= UDP:C:\Program Files\Orb Networks\Orb\bin\OrbIR.exe:OrbIR "{054037E3-48F1-4FBF-9906-8E8480691464}"= TCP:C:\Program Files\Orb Networks\Orb\bin\OrbIR.exe:OrbIR "{CD29A0F3-1CAC-43D4-887A-F272C3E45E48}"= UDP:C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe:Orb Stream Client "{EC9AD095-6C86-4F61-B84D-4BF4E03E57F2}"= TCP:C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe:Orb Stream Client "{EC3DB4A4-33ED-4952-B8B9-7342C1DC69CD}"= UDP:C:\Program Files\Orb Networks\Orb\bin\xmltv.exe:OrbTVGuide "{48EBF07E-1B0D-465B-9B59-2CB375E73513}"= TCP:C:\Program Files\Orb Networks\Orb\bin\xmltv.exe:OrbTVGuide "{887705E2-6814-4592-8C6F-4FB4EE13DC8B}"= UDP:C:\Program Files\Orb Networks\Orb\bin\OrbChannelScan.exe:OrbChannelScan "{08FFB4E0-5A37-497D-A6AF-2382638DE1B8}"= TCP:C:\Program Files\Orb Networks\Orb\bin\OrbChannelScan.exe:OrbChannelScan R0 tdrpman;Acronis Try&Decide and Restore Points filter;C:\Windows\system32\DRIVERS\tdrpman.sys [2008-03-11 16:04] R1 epfwtdir;epfwtdir;C:\Windows\system32\DRIVERS\epfwtdir.sys [2008-02-20 11:11] R2 CrackTcpip;Crack Tcpip;C:\Windows\system32\drivers\CrackTcpip.sys [2008-01-13 17:55] R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-03-09 12:20] R2 NSUService;NSUService;"C:\Program Files\Sony\Network Utility\NSUService.exe" [2008-01-16 13:49] R2 SSPORT;SSPORT;C:\Windows\system32\Drivers\SSPORT.sys [2006-12-08 19:50] R2 TryAndDecideService;Acronis Try And Decide Service;"C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe" [2007-10-30 21:51] R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2007-05-08 01:01] R3 HCWU2DTD;Hauppauge Nova USB2 DVB-T TV Receiver;C:\Windows\system32\Drivers\hcwu2dtd.sys [2007-03-23 18:25] R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 11:36] R3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys [2007-06-06 01:00] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-07-25 01:23] S2 NOD32FiXTemDono;Eset Nod32 Boot;C:\Windows\system32\regedt32.exe [2006-11-02 10:45] S3 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service;"C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe" [2007-02-22 20:53] S3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2007-06-15 01:28] S3 HCWU2DTL;Hauppauge Nova-USB2-T Adapter Firmware Loader;C:\Windows\system32\DRIVERS\hcwu2dtl.sys [2007-03-23 18:21] S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 14:54] S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 14:54] S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 14:54] S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 14:54] S3 ST330;ST330;C:\Windows\system32\drivers\st330.sys [2008-02-29 17:01] S3 STBUS;STBUS;C:\Windows\system32\drivers\stbus.sys [2008-02-29 17:01] S3 stppp;Speedtouch PPP Adapter Adapter;C:\Windows\system32\DRIVERS\stppp.sys [2008-02-29 17:01] S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-11 00:51] S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP" [] S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 23:34] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [2007-07-06 03:12] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;"C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe" [2007-07-06 01:43] . Contents of the 'Scheduled Tasks' folder "2008-05-20 15:10:34 C:\Windows\Tasks\User_Feed_Synchronization-{287A80A8-B648-4746-823F-5EB2E92E0959}.job" - C:\Windows\system32\msfeedssync.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-20 16:25:51 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\Windows\Explorer.exe -> C:\Program Files\RocketDock\RocketDock.dll -> C:\Windows\system32\rwhslixn.dll . ------------------------ Other Running Processes ------------------------ . C:\Windows\System32\audiodg.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Windows\System32\rundll32.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Windows\ehome\ehmsas.exe C:\Windows\System32\igfxsrvc.exe C:\Program Files\Apoint\ApntEx.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Windows\System32\drivers\XAudio.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\Windows\System32\igfxext.exe C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe C:\Windows\System32\igfxsrvc.exe C:\Windows\ehome\ehsched.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\ehome\ehrecvr.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\System32\dllhost.exe . ************************************************************************** . Completion time: 2008-05-20 16:31:35 - machine was rebooted [Michael] ComboFix-quarantined-files.txt 2008-05-20 15:30:13 ComboFix2.txt 2008-04-12 10:15:21 Pre-Run: 168,508,874,752 bytes free Post-Run: 168,468,103,168 bytes free 1157 --- E O F --- 2008-05-17 10:12:42