Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan-Smitfraud I think! [CLOSED]


  • This topic is locked This topic is locked

#16
jbd1270

jbd1270

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
- 2004-08-04 09:00:00 614,912 -c--a-w C:\WINDOWS\system32\h323msp.dll
+ 2008-04-14 00:11:54 614,912 ----a-w C:\WINDOWS\system32\h323msp.dll
- 2005-06-23 00:05:52 134,272 ----a-w C:\WINDOWS\system32\HAL.DLL
+ 2008-04-13 18:31:28 134,400 ----a-w C:\WINDOWS\system32\HAL.DLL
- 2004-08-04 09:00:00 7,168 -c--a-w C:\WINDOWS\system32\hccoin.dll
+ 2008-04-14 00:11:54 7,168 ----a-w C:\WINDOWS\system32\hccoin.dll
- 2004-08-04 09:00:00 14,848 -c--a-w C:\WINDOWS\system32\help.exe
+ 2008-04-14 00:12:21 15,872 ----a-w C:\WINDOWS\system32\help.exe
- 2005-05-27 02:04:27 41,472 ----a-w C:\WINDOWS\system32\hhsetup.dll
+ 2008-04-14 00:11:54 41,472 ----a-w C:\WINDOWS\system32\hhsetup.dll
- 2004-08-04 09:00:00 20,992 ----a-w C:\WINDOWS\system32\hid.dll
+ 2008-04-14 00:11:54 20,992 ----a-w C:\WINDOWS\system32\hid.dll
- 2006-07-21 08:24:43 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
+ 2008-04-14 00:11:54 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
- 2004-08-04 09:00:00 344,064 ----a-w C:\WINDOWS\system32\hnetcfg.dll
+ 2008-04-14 00:11:54 344,064 ----a-w C:\WINDOWS\system32\hnetcfg.dll
- 2004-08-04 09:00:00 330,752 ----a-w C:\WINDOWS\system32\hnetwiz.dll
+ 2008-04-14 00:11:54 330,752 ----a-w C:\WINDOWS\system32\hnetwiz.dll
- 2004-08-04 09:00:00 144,896 ----a-w C:\WINDOWS\system32\hotplug.dll
+ 2008-04-14 00:11:54 144,896 ----a-w C:\WINDOWS\system32\hotplug.dll
+ 2008-04-14 00:11:54 32,285 ------w C:\WINDOWS\system32\hsfcisp2.dll
- 2004-08-04 09:00:00 24,576 ----a-w C:\WINDOWS\system32\httpapi.dll
+ 2008-04-14 00:11:54 24,576 ----a-w C:\WINDOWS\system32\httpapi.dll
- 2004-08-04 09:00:00 41,984 -c--a-w C:\WINDOWS\system32\htui.dll
+ 2008-04-14 00:11:54 41,984 ----a-w C:\WINDOWS\system32\htui.dll
- 2004-11-17 17:41:24 347,136 ----a-w C:\WINDOWS\system32\hypertrm.dll
+ 2008-04-14 00:11:54 347,136 ----a-w C:\WINDOWS\system32\hypertrm.dll
- 2004-08-04 09:00:00 119,808 -c--a-w C:\WINDOWS\system32\iasrad.dll
+ 2008-04-14 00:11:54 119,808 ----a-w C:\WINDOWS\system32\iasrad.dll
- 2004-08-04 09:00:00 11,264 ----a-w C:\WINDOWS\system32\icaapi.dll
+ 2008-04-14 00:11:54 11,264 ----a-w C:\WINDOWS\system32\icaapi.dll
- 2004-08-04 09:00:00 80,384 ----a-w C:\WINDOWS\system32\iccvid.dll
+ 2008-04-14 00:11:54 80,384 ----a-w C:\WINDOWS\system32\iccvid.dll
- 2005-06-29 01:46:00 254,976 -c--a-w C:\WINDOWS\system32\icm32.dll
+ 2008-04-14 00:11:54 254,976 ----a-w C:\WINDOWS\system32\icm32.dll
- 2004-08-04 09:00:00 3,584 ----a-w C:\WINDOWS\system32\icmp.dll
+ 2008-04-14 00:09:40 3,584 ----a-w C:\WINDOWS\system32\icmp.dll
- 2004-08-04 09:00:00 73,728 -c--a-w C:\WINDOWS\system32\icwdial.dll
+ 2008-04-14 00:11:54 73,728 ----a-w C:\WINDOWS\system32\icwdial.dll
- 2004-08-04 09:00:00 65,536 -c--a-w C:\WINDOWS\system32\icwphbk.dll
+ 2008-04-14 00:11:54 65,536 ----a-w C:\WINDOWS\system32\icwphbk.dll
- 2004-08-04 09:00:00 120,832 -c--a-w C:\WINDOWS\system32\idq.dll
+ 2008-04-14 00:11:54 120,832 ----a-w C:\WINDOWS\system32\idq.dll
- 2004-08-04 09:00:00 34,304 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-04-14 00:12:22 34,304 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2004-08-04 09:00:00 139,264 -c--a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-04-14 00:11:54 143,360 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2004-08-04 09:00:00 216,576 -c--a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-04-14 00:11:54 216,576 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2004-08-04 09:00:00 323,584 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-04-14 00:11:54 323,584 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2004-08-04 09:00:00 81,920 -c--a-w C:\WINDOWS\system32\ieencode.dll
+ 2008-04-14 00:11:54 81,920 ----a-w C:\WINDOWS\system32\ieencode.dll
- 2008-06-23 16:11:52 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2008-04-14 00:11:54 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2004-08-04 09:00:00 48,640 -c--a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-04-14 00:11:54 48,640 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2004-08-04 09:00:00 62,976 -c--a-w C:\WINDOWS\system32\iesetup.dll
+ 2008-04-14 00:11:54 62,976 ----a-w C:\WINDOWS\system32\iesetup.dll
- 2004-08-04 09:00:00 114,688 -c--a-w C:\WINDOWS\system32\iexpress.exe
+ 2008-04-14 00:12:22 114,688 ----a-w C:\WINDOWS\system32\iexpress.exe
- 2004-08-04 09:00:00 135,680 -c--a-w C:\WINDOWS\system32\ifmon.dll
+ 2008-04-14 00:11:54 135,680 ----a-w C:\WINDOWS\system32\ifmon.dll
- 2004-08-04 09:00:00 8,192 -c--a-w C:\WINDOWS\system32\igmpagnt.dll
+ 2008-04-14 00:11:54 8,192 ----a-w C:\WINDOWS\system32\igmpagnt.dll
- 2004-08-04 09:00:00 81,920 -c--a-w C:\WINDOWS\system32\ils.dll
+ 2008-04-14 00:11:54 81,920 ----a-w C:\WINDOWS\system32\ils.dll
- 2004-08-04 09:00:00 144,384 ----a-w C:\WINDOWS\system32\imagehlp.dll
+ 2008-04-14 00:11:54 144,384 ----a-w C:\WINDOWS\system32\imagehlp.dll
- 2004-08-04 09:00:00 150,016 ----a-w C:\WINDOWS\system32\imapi.exe
+ 2008-04-14 00:12:22 150,528 ----a-w C:\WINDOWS\system32\imapi.exe
- 2004-08-04 09:00:00 36,921 ----a-w C:\WINDOWS\system32\imeshare.dll
+ 2008-04-14 00:11:54 36,921 ----a-w C:\WINDOWS\system32\imeshare.dll
- 2004-08-04 09:00:00 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
+ 2008-04-14 00:11:54 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
- 2004-08-04 09:00:00 110,080 ----a-w C:\WINDOWS\system32\imm32.dll
+ 2008-04-14 00:11:54 110,080 ----a-w C:\WINDOWS\system32\imm32.dll
- 2004-08-04 09:00:00 274,432 -c--a-w C:\WINDOWS\system32\inetcfg.dll
+ 2008-04-14 00:11:54 274,432 ----a-w C:\WINDOWS\system32\inetcfg.dll
- 2008-04-11 18:50:43 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-11 19:04:26 691,712 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2004-08-04 09:00:00 33,280 -c--a-w C:\WINDOWS\system32\inetmib1.dll
+ 2008-04-14 00:11:55 32,768 ----a-w C:\WINDOWS\system32\inetmib1.dll
- 2004-08-04 09:00:00 75,264 ----a-w C:\WINDOWS\system32\inetpp.dll
+ 2008-04-14 00:11:55 75,264 ----a-w C:\WINDOWS\system32\inetpp.dll
- 2004-08-04 09:00:00 15,872 -c--a-w C:\WINDOWS\system32\inetppui.dll
+ 2008-04-14 00:11:55 15,872 ----a-w C:\WINDOWS\system32\inetppui.dll
- 2004-08-04 09:00:00 48,128 ----a-w C:\WINDOWS\system32\inetres.dll
+ 2008-04-13 16:22:12 48,128 ----a-w C:\WINDOWS\system32\inetres.dll
- 2004-08-04 09:00:00 147,456 -c--a-w C:\WINDOWS\system32\initpki.dll
+ 2008-04-14 00:11:55 147,456 ----a-w C:\WINDOWS\system32\initpki.dll
- 2004-08-04 09:00:00 123,392 ----a-w C:\WINDOWS\system32\input.dll
+ 2008-04-14 00:11:55 123,392 ----a-w C:\WINDOWS\system32\input.dll
- 2008-06-23 16:11:52 96,256 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2008-04-14 00:11:55 96,256 ----a-w C:\WINDOWS\system32\inseng.dll
- 2004-08-04 09:00:00 55,808 -c--a-w C:\WINDOWS\system32\ipconfig.exe
+ 2008-04-14 00:12:22 55,808 ----a-w C:\WINDOWS\system32\ipconfig.exe
- 2006-05-19 12:59:41 94,720 ----a-w C:\WINDOWS\system32\iphlpapi.dll
+ 2008-04-14 00:11:55 94,720 ----a-w C:\WINDOWS\system32\iphlpapi.dll
- 2004-08-04 09:00:00 154,112 -c--a-w C:\WINDOWS\system32\ipmontr.dll
+ 2008-04-14 00:11:55 161,280 ----a-w C:\WINDOWS\system32\ipmontr.dll
- 2004-08-04 09:00:00 331,264 ----a-w C:\WINDOWS\system32\ipnathlp.dll
+ 2008-04-14 00:11:55 331,264 ----a-w C:\WINDOWS\system32\ipnathlp.dll
- 2004-08-04 09:00:00 330,752 -c--a-w C:\WINDOWS\system32\ippromon.dll
+ 2008-04-14 00:11:55 330,752 ----a-w C:\WINDOWS\system32\ippromon.dll
- 2004-08-04 09:00:00 169,984 -c--a-w C:\WINDOWS\system32\iprtrmgr.dll
+ 2008-04-14 00:11:55 177,152 ----a-w C:\WINDOWS\system32\iprtrmgr.dll
- 2004-08-04 09:00:00 349,696 -c--a-w C:\WINDOWS\system32\ipsecsnp.dll
+ 2008-04-14 00:11:55 349,696 ----a-w C:\WINDOWS\system32\ipsecsnp.dll
- 2004-08-04 09:00:00 182,784 ----a-w C:\WINDOWS\system32\ipsecsvc.dll
+ 2008-04-14 00:11:55 183,808 ----a-w C:\WINDOWS\system32\ipsecsvc.dll
- 2004-08-04 09:00:00 384,000 -c--a-w C:\WINDOWS\system32\ipsmsnap.dll
+ 2008-04-14 00:11:55 384,000 ----a-w C:\WINDOWS\system32\ipsmsnap.dll
- 2004-08-04 09:00:00 53,248 -c--a-w C:\WINDOWS\system32\ipv6.exe
+ 2008-04-14 00:12:23 53,248 ----a-w C:\WINDOWS\system32\ipv6.exe
- 2004-08-04 09:00:00 59,904 -c--a-w C:\WINDOWS\system32\ipv6mon.dll
+ 2008-04-14 00:11:55 59,904 ----a-w C:\WINDOWS\system32\ipv6mon.dll
- 2004-08-04 09:00:00 23,552 -c--a-w C:\WINDOWS\system32\ipxroute.exe
+ 2008-04-14 00:12:23 23,552 ----a-w C:\WINDOWS\system32\ipxroute.exe
- 2004-08-04 09:00:00 20,992 -c--a-w C:\WINDOWS\system32\ipxwan.dll
+ 2008-04-14 00:11:55 22,016 ----a-w C:\WINDOWS\system32\ipxwan.dll
- 2004-08-04 09:00:00 120,320 -c--a-w C:\WINDOWS\system32\ir41_qc.dll
+ 2008-04-14 00:11:55 120,320 ----a-w C:\WINDOWS\system32\ir41_qc.dll
- 2004-08-04 09:00:00 338,432 -c--a-w C:\WINDOWS\system32\ir41_qcx.dll
+ 2008-04-14 00:11:55 338,432 ----a-w C:\WINDOWS\system32\ir41_qcx.dll
- 2004-08-04 09:00:00 755,200 ----a-w C:\WINDOWS\system32\ir50_32.dll
+ 2008-04-14 00:11:55 755,200 ----a-w C:\WINDOWS\system32\ir50_32.dll
- 2004-08-04 09:00:00 200,192 -c--a-w C:\WINDOWS\system32\ir50_qc.dll
+ 2008-04-14 00:11:55 200,192 ----a-w C:\WINDOWS\system32\ir50_qc.dll
- 2004-08-04 09:00:00 183,808 -c--a-w C:\WINDOWS\system32\ir50_qcx.dll
+ 2008-04-14 00:11:55 183,808 ----a-w C:\WINDOWS\system32\ir50_qcx.dll
- 2004-08-04 09:00:00 81,920 -c--a-w C:\WINDOWS\system32\isign32.dll
+ 2008-04-14 00:11:55 81,920 ----a-w C:\WINDOWS\system32\isign32.dll
- 2004-08-04 09:00:00 32,768 -c--a-w C:\WINDOWS\system32\isrdbg32.dll
+ 2008-04-14 00:11:55 32,768 ----a-w C:\WINDOWS\system32\isrdbg32.dll
- 2005-05-27 02:04:27 155,136 ----a-w C:\WINDOWS\system32\itircl.dll
+ 2008-04-14 00:11:55 155,136 ----a-w C:\WINDOWS\system32\itircl.dll
- 2005-05-27 02:04:27 137,216 ----a-w C:\WINDOWS\system32\itss.dll
+ 2008-04-14 00:11:55 138,240 ----a-w C:\WINDOWS\system32\itss.dll
- 2004-08-04 09:00:00 54,272 -c--a-w C:\WINDOWS\system32\ixsso.dll
+ 2008-04-14 00:11:55 54,272 ----a-w C:\WINDOWS\system32\ixsso.dll
- 2004-08-04 09:00:00 47,616 ----a-w C:\WINDOWS\system32\iyuv_32.dll
+ 2008-04-14 00:11:55 47,616 ----a-w C:\WINDOWS\system32\iyuv_32.dll
- 2006-06-01 18:47:07 163,840 -c----w C:\WINDOWS\system32\jgdw400.dll
+ 2008-04-14 00:11:55 163,840 ------w C:\WINDOWS\system32\jgdw400.dll
- 2006-06-01 18:47:07 27,648 -c----w C:\WINDOWS\system32\jgpl400.dll
+ 2008-04-14 00:11:55 27,648 ------w C:\WINDOWS\system32\jgpl400.dll
- 2007-12-18 14:40:58 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2008-04-14 00:11:56 512,000 ----a-w C:\WINDOWS\system32\jscript.dll
- 2008-06-23 16:11:52 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-14 00:11:56 15,872 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdbhc.dll
- 2004-08-04 09:00:00 7,168 -c--a-w C:\WINDOWS\system32\kbdfi1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w C:\WINDOWS\system32\kbdfi1.dll
- 2004-08-04 09:00:00 6,144 -c--a-w C:\WINDOWS\system32\kbdinbe1.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbdinbe1.dll
- 2004-08-04 09:00:00 6,656 -c--a-w C:\WINDOWS\system32\kbdinben.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbdinben.dll
- 2004-08-04 09:00:00 6,656 -c--a-w C:\WINDOWS\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,656 ----a-w C:\WINDOWS\system32\kbdinmal.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdiultn.dll
- 2004-08-04 09:00:00 5,632 -c--a-w C:\WINDOWS\system32\kbdmaori.dll
+ 2008-04-14 00:09:55 5,632 ----a-w C:\WINDOWS\system32\kbdmaori.dll
- 2004-08-04 09:00:00 6,144 -c--a-w C:\WINDOWS\system32\kbdmlt47.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbdmlt47.dll
- 2004-08-04 09:00:00 6,144 -c--a-w C:\WINDOWS\system32\kbdmlt48.dll
+ 2008-04-14 00:09:55 6,144 ----a-w C:\WINDOWS\system32\kbdmlt48.dll
- 2004-08-04 09:00:00 7,168 -c--a-w C:\WINDOWS\system32\kbdnec.dll
+ 2008-04-14 00:09:55 7,168 ----a-w C:\WINDOWS\system32\kbdnec.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdnepr.dll
- 2004-08-04 09:00:00 7,168 -c--a-w C:\WINDOWS\system32\kbdno1.dll
+ 2008-04-14 00:09:55 7,168 ----a-w C:\WINDOWS\system32\kbdno1.dll
+ 2008-04-14 00:09:55 6,144 ------w C:\WINDOWS\system32\kbdpash.dll
- 2004-08-04 09:00:00 7,680 -c--a-w C:\WINDOWS\system32\kbdsmsfi.dll
+ 2008-04-14 00:09:55 7,680 ----a-w C:\WINDOWS\system32\kbdsmsfi.dll
- 2004-08-04 09:00:00 7,680 -c--a-w C:\WINDOWS\system32\kbdsmsno.dll
+ 2008-04-14 00:09:55 7,680 ----a-w C:\WINDOWS\system32\kbdsmsno.dll
- 2004-08-04 09:00:00 7,168 -c--a-w C:\WINDOWS\system32\kbdukx.dll
+ 2008-04-14 00:09:55 7,168 ----a-w C:\WINDOWS\system32\kbdukx.dll
- 2004-08-04 09:00:00 7,424 -c--a-w C:\WINDOWS\system32\kd1394.dll
+ 2008-04-13 18:31:35 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
- 2005-06-15 17:49:30 295,936 ----a-w C:\WINDOWS\system32\kerberos.dll
+ 2008-04-14 00:11:56 299,520 ----a-w C:\WINDOWS\system32\kerberos.dll
- 2007-04-16 15:52:53 984,576 ----a-w C:\WINDOWS\system32\kernel32.dll
+ 2008-04-14 00:11:56 989,696 ----a-w C:\WINDOWS\system32\kernel32.dll
- 2004-08-04 09:00:00 150,528 -c--a-w C:\WINDOWS\system32\keymgr.dll
+ 2008-04-14 00:11:56 150,528 ----a-w C:\WINDOWS\system32\keymgr.dll
+ 2008-04-14 00:11:56 61,440 ------w C:\WINDOWS\system32\kmsvc.dll
- 2004-08-04 04:56:44 4,096 ----a-w C:\WINDOWS\system32\ksuser.dll
+ 2008-04-14 00:11:56 4,096 ----a-w C:\WINDOWS\system32\ksuser.dll
+ 2008-04-14 00:11:56 37,376 ------w C:\WINDOWS\system32\l2gpstore.dll
- 2004-08-04 09:00:00 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
+ 2008-04-14 09:41:58 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
- 2004-08-04 09:00:00 22,016 -c--a-w C:\WINDOWS\system32\licmgr10.dll
+ 2008-04-14 00:11:56 22,016 ----a-w C:\WINDOWS\system32\licmgr10.dll
- 2004-08-04 09:00:00 58,880 ----a-w C:\WINDOWS\system32\licwmi.dll
+ 2008-04-14 00:11:56 58,880 ----a-w C:\WINDOWS\system32\licwmi.dll
- 2005-09-01 01:41:53 19,968 ----a-w C:\WINDOWS\system32\linkinfo.dll
+ 2008-04-14 00:11:56 19,968 ----a-w C:\WINDOWS\system32\linkinfo.dll
- 2004-08-04 09:00:00 13,824 ----a-w C:\WINDOWS\system32\lmhsvc.dll
+ 2008-04-14 00:11:56 13,824 ----a-w C:\WINDOWS\system32\lmhsvc.dll
- 2004-08-04 09:00:00 399,872 -c--a-w C:\WINDOWS\system32\lmrt.dll
+ 2008-04-14 00:11:56 399,872 ----a-w C:\WINDOWS\system32\lmrt.dll
- 2004-08-04 09:00:00 97,280 ----a-w C:\WINDOWS\system32\loadperf.dll
+ 2008-04-14 00:11:56 97,280 ----a-w C:\WINDOWS\system32\loadperf.dll
- 2004-08-04 09:00:00 221,696 -c--a-w C:\WINDOWS\system32\localsec.dll
+ 2008-04-14 00:11:56 221,696 ----a-w C:\WINDOWS\system32\localsec.dll
- 2004-08-04 09:00:00 341,504 ----a-w C:\WINDOWS\system32\localspl.dll
+ 2008-04-14 00:11:56 343,040 ----a-w C:\WINDOWS\system32\localspl.dll
- 2004-08-04 09:00:00 11,776 -c--a-w C:\WINDOWS\system32\localui.dll
+ 2008-04-14 00:11:56 11,776 ----a-w C:\WINDOWS\system32\localui.dll
- 2004-08-04 09:00:00 75,264 ----a-w C:\WINDOWS\system32\locator.exe
+ 2008-04-14 00:12:24 75,264 ----a-w C:\WINDOWS\system32\locator.exe
- 2004-08-04 09:00:00 59,392 -c--a-w C:\WINDOWS\system32\logman.exe
+ 2008-04-14 00:12:24 59,392 ----a-w C:\WINDOWS\system32\logman.exe
- 2004-08-04 09:00:00 220,672 ----a-w C:\WINDOWS\system32\logon.scr
+ 2008-04-14 00:12:43 220,672 ----a-w C:\WINDOWS\system32\logon.scr
- 2004-08-04 09:00:00 514,560 ----a-w C:\WINDOWS\system32\logonui.exe
+ 2008-04-14 00:12:24 514,560 ----a-w C:\WINDOWS\system32\logonui.exe
- 2004-08-04 09:00:00 22,016 -c--a-w C:\WINDOWS\system32\lpk.dll
+ 2008-04-14 00:11:56 22,016 ----a-w C:\WINDOWS\system32\lpk.dll
- 2004-08-04 09:00:00 10,240 -c--a-w C:\WINDOWS\system32\lprhelp.dll
+ 2008-04-14 00:11:56 10,240 ----a-w C:\WINDOWS\system32\lprhelp.dll
- 2007-11-07 09:26:56 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2008-04-14 00:11:56 728,064 ----a-w C:\WINDOWS\system32\lsasrv.dll
- 2004-08-04 09:00:00 72,704 -c--a-w C:\WINDOWS\system32\magnify.exe
+ 2008-04-14 00:12:24 72,704 ----a-w C:\WINDOWS\system32\magnify.exe
- 2004-08-04 09:00:00 85,504 -c--a-w C:\WINDOWS\system32\makecab.exe
+ 2008-04-14 00:12:25 57,344 ----a-w C:\WINDOWS\system32\makecab.exe
- 2004-08-04 09:00:00 14,848 -c--a-w C:\WINDOWS\system32\mcastmib.dll
+ 2008-04-14 00:11:56 14,336 ----a-w C:\WINDOWS\system32\mcastmib.dll
- 2004-08-04 09:00:00 84,480 -c--a-w C:\WINDOWS\system32\mciavi32.dll
+ 2008-04-14 00:11:56 84,480 ----a-w C:\WINDOWS\system32\mciavi32.dll
- 2004-08-04 09:00:00 35,328 -c--a-w C:\WINDOWS\system32\mciqtz32.dll
+ 2008-04-14 00:11:56 35,328 ----a-w C:\WINDOWS\system32\mciqtz32.dll
- 2004-08-04 09:00:00 23,040 -c--a-w C:\WINDOWS\system32\mciseq.dll
+ 2008-04-14 00:11:56 23,040 ----a-w C:\WINDOWS\system32\mciseq.dll
- 2004-08-04 09:00:00 23,552 -c--a-w C:\WINDOWS\system32\mciwave.dll
+ 2008-04-14 00:11:56 23,552 ----a-w C:\WINDOWS\system32\mciwave.dll
- 2004-08-04 09:00:00 118,272 -c--a-w C:\WINDOWS\system32\mdminst.dll
+ 2008-04-14 00:11:56 118,272 ----a-w C:\WINDOWS\system32\mdminst.dll
+ 2008-04-14 00:11:56 86,016 ------w C:\WINDOWS\system32\mdmxsdk.dll
- 2007-03-08 15:36:28 40,960 -c--a-w C:\WINDOWS\system32\mf3216.dll
+ 2008-04-14 00:11:56 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
- 2006-11-01 19:17:45 927,504 -c--a-w C:\WINDOWS\system32\mfc40u.dll
+ 2008-04-14 00:11:56 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll
- 2004-08-04 09:00:00 1,028,096 ----a-w C:\WINDOWS\system32\mfc42.dll
+ 2008-04-14 00:11:56 1,028,096 ----a-w C:\WINDOWS\system32\mfc42.dll
- 2004-08-04 09:00:00 22,528 ----a-w C:\WINDOWS\system32\mfcsubs.dll
+ 2008-04-14 00:11:56 22,528 ----a-w C:\WINDOWS\system32\mfcsubs.dll
- 2004-08-04 09:00:00 14,848 -c--a-w C:\WINDOWS\system32\mgmtapi.dll
+ 2008-04-14 00:11:56 14,848 ----a-w C:\WINDOWS\system32\mgmtapi.dll
+ 2008-04-14 00:11:57 184,320 ------w C:\WINDOWS\system32\microsoft.managementconsole.dll
  • 0

Advertisements


#17
jbd1270

jbd1270

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
- 2004-08-04 09:00:00 18,944 ----a-w C:\WINDOWS\system32\midimap.dll
+ 2008-04-14 00:11:57 18,944 ----a-w C:\WINDOWS\system32\midimap.dll
- 2004-08-04 09:00:00 60,928 -c--a-w C:\WINDOWS\system32\miglibnt.dll
+ 2008-04-14 00:11:57 60,928 ----a-w C:\WINDOWS\system32\miglibnt.dll
- 2004-08-04 09:00:00 18,944 -c--a-w C:\WINDOWS\system32\mimefilt.dll
+ 2008-04-14 00:11:57 29,696 ----a-w C:\WINDOWS\system32\mimefilt.dll
- 2004-08-04 09:00:00 586,240 ----a-w C:\WINDOWS\system32\mlang.dll
+ 2008-04-14 00:11:57 586,240 ----a-w C:\WINDOWS\system32\mlang.dll
- 2004-08-04 09:00:00 815,104 -c--a-w C:\WINDOWS\system32\mmc.exe
+ 2008-04-14 00:12:25 1,414,656 ----a-w C:\WINDOWS\system32\mmc.exe
- 2004-08-04 09:00:00 70,656 ----a-w C:\WINDOWS\system32\mmcbase.dll
+ 2008-04-14 00:11:57 163,328 ----a-w C:\WINDOWS\system32\mmcbase.dll
+ 2008-04-14 00:11:57 397,312 ------w C:\WINDOWS\system32\mmcex.dll
+ 2008-04-14 00:11:57 106,496 ------w C:\WINDOWS\system32\mmcfxcommon.dll
- 2004-08-04 09:00:00 1,192,960 -c--a-w C:\WINDOWS\system32\mmcndmgr.dll
+ 2008-04-14 00:11:57 1,872,896 ----a-w C:\WINDOWS\system32\mmcndmgr.dll
+ 2008-04-14 00:12:25 33,792 ------w C:\WINDOWS\system32\mmcperf.exe
- 2004-08-04 09:00:00 50,688 ----a-w C:\WINDOWS\system32\mmcshext.dll
+ 2008-04-14 00:11:57 61,440 ----a-w C:\WINDOWS\system32\mmcshext.dll
- 2004-08-04 09:00:00 17,408 -c--a-w C:\WINDOWS\system32\mmfutil.dll
+ 2008-04-14 00:11:57 17,408 ----a-w C:\WINDOWS\system32\mmfutil.dll
- 2004-08-04 09:00:00 34,560 -c--a-w C:\WINDOWS\system32\mnmdd.dll
+ 2008-04-14 00:11:57 34,560 ----a-w C:\WINDOWS\system32\mnmdd.dll
- 2004-08-04 09:00:00 32,768 ----a-w C:\WINDOWS\system32\mnmsrvc.exe
+ 2008-04-14 00:12:25 32,768 ----a-w C:\WINDOWS\system32\mnmsrvc.exe
- 2004-08-04 09:00:00 207,360 -c--a-w C:\WINDOWS\system32\mobsync.dll
+ 2008-04-14 00:11:57 207,360 ----a-w C:\WINDOWS\system32\mobsync.dll
- 2004-08-04 09:00:00 143,360 -c--a-w C:\WINDOWS\system32\mobsync.exe
+ 2008-04-14 00:12:26 143,360 ----a-w C:\WINDOWS\system32\mobsync.exe
- 2004-08-04 09:00:00 153,600 -c--a-w C:\WINDOWS\system32\modemui.dll
+ 2008-04-14 00:11:57 153,600 ----a-w C:\WINDOWS\system32\modemui.dll
- 2004-08-04 09:00:00 15,872 -c--a-w C:\WINDOWS\system32\more.com
+ 2008-04-14 00:12:42 16,896 ----a-w C:\WINDOWS\system32\more.com
- 2004-08-04 09:00:00 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
+ 2008-04-13 16:45:30 216,064 ----a-w C:\WINDOWS\system32\moricons.dll
- 2004-08-04 09:00:00 240,640 ----a-w C:\WINDOWS\system32\mpg4dmod.dll
+ 2008-04-14 00:11:57 240,640 ----a-w C:\WINDOWS\system32\mpg4dmod.dll
- 2004-08-04 09:00:00 123,392 -c--a-w C:\WINDOWS\system32\mplay32.exe
+ 2008-04-14 00:12:27 123,392 ----a-w C:\WINDOWS\system32\mplay32.exe
- 2004-08-04 09:00:00 59,904 ----a-w C:\WINDOWS\system32\mpr.dll
+ 2008-04-14 00:11:57 59,904 ----a-w C:\WINDOWS\system32\mpr.dll
- 2004-08-04 09:00:00 87,040 ----a-w C:\WINDOWS\system32\mprapi.dll
+ 2008-04-14 00:11:57 87,040 ----a-w C:\WINDOWS\system32\mprapi.dll
- 2004-08-04 09:00:00 49,152 ----a-w C:\WINDOWS\system32\mprdim.dll
+ 2008-04-14 00:11:57 53,248 ----a-w C:\WINDOWS\system32\mprdim.dll
- 2004-08-04 09:00:00 71,680 ----a-w C:\WINDOWS\system32\msacm32.dll
+ 2008-04-14 00:11:58 71,680 ----a-w C:\WINDOWS\system32\msacm32.dll
- 2004-08-04 09:00:00 3,584 -c--a-w C:\WINDOWS\system32\msafd.dll
+ 2008-04-14 00:10:06 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
- 2004-08-04 09:00:00 86,016 -c--a-w C:\WINDOWS\system32\msapsspc.dll
+ 2008-04-14 00:11:58 86,016 ----a-w C:\WINDOWS\system32\msapsspc.dll
- 2004-08-04 09:00:00 57,344 ----a-w C:\WINDOWS\system32\msasn1.dll
+ 2008-04-14 00:11:58 57,344 ----a-w C:\WINDOWS\system32\msasn1.dll
- 2008-06-24 16:23:05 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
- 2004-08-04 09:00:00 69,632 -c--a-w C:\WINDOWS\system32\msconf.dll
+ 2008-04-14 00:11:58 69,632 ----a-w C:\WINDOWS\system32\msconf.dll
- 2004-08-04 09:00:00 12,288 -c--a-w C:\WINDOWS\system32\mscpx32r.dLL
+ 2008-04-13 17:26:07 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
- 2004-08-04 09:00:00 36,864 -c--a-w C:\WINDOWS\system32\mscpxl32.dLL
+ 2008-04-14 00:11:58 36,864 ----a-w C:\WINDOWS\system32\mscpxl32.dll
- 2004-08-04 09:00:00 294,400 ----a-w C:\WINDOWS\system32\MSCTF.dll
+ 2008-04-14 00:11:58 297,984 ----a-w C:\WINDOWS\system32\msctf.dll
- 2004-08-04 09:00:00 69,120 -c--a-w C:\WINDOWS\system32\MSCTFP.dll
+ 2008-04-14 00:11:58 68,608 ----a-w C:\WINDOWS\system32\msctfp.dll
- 2004-08-04 09:00:00 118,784 -c--a-w C:\WINDOWS\system32\msdadiag.dll
+ 2008-04-14 00:11:58 118,784 ----a-w C:\WINDOWS\system32\msdadiag.dll
- 2004-08-04 09:00:00 151,552 ----a-w C:\WINDOWS\system32\msdart.dll
+ 2008-04-14 00:11:59 151,552 ----a-w C:\WINDOWS\system32\msdart.dll
- 2004-08-04 09:00:00 14,336 ----a-w C:\WINDOWS\system32\msdmo.dll
+ 2008-04-14 00:11:59 14,336 ----a-w C:\WINDOWS\system32\msdmo.dll
- 2004-08-04 09:00:00 6,144 ----a-w C:\WINDOWS\system32\msdtc.exe
+ 2008-04-14 00:12:27 6,144 ----a-w C:\WINDOWS\system32\msdtc.exe
- 2004-08-04 09:00:00 58,880 -c--a-w C:\WINDOWS\system32\msdtclog.dll
+ 2008-04-14 00:11:59 58,880 ----a-w C:\WINDOWS\system32\msdtclog.dll
- 2006-03-01 19:42:42 426,496 -c--a-w C:\WINDOWS\system32\msdtcprx.dll
+ 2008-04-14 00:11:59 427,008 ----a-w C:\WINDOWS\system32\msdtcprx.dll
- 2006-03-01 19:42:42 956,416 -c--a-w C:\WINDOWS\system32\msdtctm.dll
+ 2008-04-14 00:11:59 956,928 ----a-w C:\WINDOWS\system32\msdtctm.dll
- 2006-03-01 19:42:42 161,280 -c--a-w C:\WINDOWS\system32\msdtcuiu.dll
+ 2008-04-14 00:11:59 161,792 ----a-w C:\WINDOWS\system32\msdtcuiu.dll
- 2004-08-04 09:00:00 4,126 -c--a-w C:\WINDOWS\system32\msdxmlc.dll
+ 2008-04-14 00:10:08 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
- 2006-11-27 14:54:06 539,136 ----a-w C:\WINDOWS\system32\msftedit.dll
+ 2008-04-14 00:11:59 539,136 ----a-w C:\WINDOWS\system32\msftedit.dll
- 2004-08-04 09:00:00 994,304 ----a-w C:\WINDOWS\system32\msgina.dll
+ 2008-04-14 00:11:59 997,376 ----a-w C:\WINDOWS\system32\msgina.dll
- 2004-08-04 09:00:00 33,792 ----a-w C:\WINDOWS\system32\msgsvc.dll
+ 2008-04-14 00:11:59 33,792 ----a-w C:\WINDOWS\system32\msgsvc.dll
- 2004-08-04 09:00:00 188,416 ----a-w C:\WINDOWS\system32\msh261.drv
+ 2008-04-14 00:12:45 188,416 ----a-w C:\WINDOWS\system32\msh261.drv
- 2004-08-04 09:00:00 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
+ 2008-04-14 00:12:45 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
- 2004-08-04 09:00:00 29,184 ----a-w C:\WINDOWS\system32\mshta.exe
+ 2008-04-14 00:12:27 29,184 ----a-w C:\WINDOWS\system32\mshta.exe
- 2008-06-23 16:11:58 3,067,392 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-06-23 15:09:27 3,067,392 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-06-23 16:12:00 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-14 00:11:59 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-04 09:00:00 56,832 ----a-w C:\WINDOWS\system32\mshtmler.dll
+ 2008-04-13 16:26:26 56,832 ----a-w C:\WINDOWS\system32\mshtmler.dll
- 2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
+ 2008-04-14 00:11:59 2,843,136 ----a-w C:\WINDOWS\system32\msi.dll
- 2004-08-04 09:00:00 51,712 ----a-w C:\WINDOWS\system32\msident.dll
+ 2008-04-14 00:11:59 51,712 ----a-w C:\WINDOWS\system32\msident.dll
- 2004-08-04 09:00:00 6,656 ----a-w C:\WINDOWS\system32\msidle.dll
+ 2008-04-14 00:11:59 6,656 ----a-w C:\WINDOWS\system32\msidle.dll
- 2004-08-04 09:00:00 248,832 ----a-w C:\WINDOWS\system32\msieftp.dll
+ 2008-04-14 00:11:59 248,832 ----a-w C:\WINDOWS\system32\msieftp.dll
- 2005-05-04 23:45:36 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
+ 2008-04-14 00:12:28 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
- 2005-05-04 23:45:36 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
+ 2008-04-14 00:11:59 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
- 2004-08-04 09:00:00 4,608 ----a-w C:\WINDOWS\system32\msimg32.dll
+ 2008-04-14 00:11:59 4,608 ----a-w C:\WINDOWS\system32\msimg32.dll
- 2005-05-04 23:45:36 884,736 -c--a-w C:\WINDOWS\system32\msimsg.dll
+ 2008-04-13 15:39:43 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
- 2004-08-04 09:00:00 159,232 ----a-w C:\WINDOWS\system32\MSIMTF.dll
+ 2008-04-14 00:11:59 159,232 ----a-w C:\WINDOWS\system32\msimtf.dll
- 2005-05-04 23:45:36 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
+ 2008-04-14 00:11:59 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
- 2008-03-27 08:12:54 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
+ 2008-04-14 00:12:00 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
- 2004-08-04 09:00:00 25,088 ----a-w C:\WINDOWS\system32\mslbui.dll
+ 2008-04-14 00:12:00 25,088 ----a-w C:\WINDOWS\system32\mslbui.dll
- 2004-08-04 09:00:00 290,816 -c--a-w C:\WINDOWS\system32\msnsspc.dll
+ 2008-04-14 00:12:00 290,816 ----a-w C:\WINDOWS\system32\msnsspc.dll
- 2004-08-04 09:00:00 252,928 ----a-w C:\WINDOWS\system32\msoeacct.dll
+ 2008-04-14 00:12:00 252,928 ----a-w C:\WINDOWS\system32\msoeacct.dll
- 2004-08-04 09:00:00 105,984 ----a-w C:\WINDOWS\system32\msoert2.dll
+ 2008-04-14 00:12:00 105,984 ----a-w C:\WINDOWS\system32\msoert2.dll
- 2004-08-04 09:00:00 20,480 -c--a-w C:\WINDOWS\system32\msorc32r.dll
+ 2008-04-13 17:24:14 20,480 ----a-w C:\WINDOWS\system32\msorc32r.dll
- 2004-08-04 09:00:00 143,360 -c--a-w C:\WINDOWS\system32\msorcl32.dll
+ 2008-04-14 00:12:00 143,360 ----a-w C:\WINDOWS\system32\msorcl32.dll
- 2004-08-04 09:00:00 343,040 ----a-w C:\WINDOWS\system32\mspaint.exe
+ 2008-04-14 00:12:28 343,040 ----a-w C:\WINDOWS\system32\mspaint.exe
- 2004-08-04 09:00:00 30,208 ----a-w C:\WINDOWS\system32\mspatcha.dll
+ 2008-04-14 00:12:00 29,696 ----a-w C:\WINDOWS\system32\mspatcha.dll
- 2004-08-04 09:00:00 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
+ 2008-04-13 16:23:31 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll
- 2008-06-23 16:12:02 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-04-14 00:12:00 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
- 2004-08-04 09:00:00 11,264 ----a-w C:\WINDOWS\system32\msrle32.dll
+ 2008-04-14 00:12:00 11,264 ----a-w C:\WINDOWS\system32\msrle32.dll
- 2004-08-04 09:00:00 134,656 -c--a-w C:\WINDOWS\system32\mssap.dll
+ 2008-04-14 00:12:00 134,656 ----a-w C:\WINDOWS\system32\mssap.dll
+ 2008-04-14 00:12:00 155,136 ------w C:\WINDOWS\system32\mssha.dll
+ 2008-04-13 18:14:58 76,800 ------w C:\WINDOWS\system32\msshavmsg.dll
- 2004-08-04 09:00:00 274,944 ----a-w C:\WINDOWS\system32\mstask.dll
+ 2008-04-14 00:12:00 274,944 ----a-w C:\WINDOWS\system32\mstask.dll
- 2008-06-23 16:12:02 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-04-14 00:12:00 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
- 2004-08-04 09:00:00 12,288 -c--a-w C:\WINDOWS\system32\mstinit.exe
+ 2008-04-14 00:12:29 12,288 ----a-w C:\WINDOWS\system32\mstinit.exe
- 2004-08-04 09:00:00 115,712 ----a-w C:\WINDOWS\system32\mstlsapi.dll
+ 2008-04-14 00:12:00 116,224 ----a-w C:\WINDOWS\system32\mstlsapi.dll
- 2004-08-04 09:00:00 407,552 ----a-w C:\WINDOWS\system32\mstsc.exe
+ 2008-04-14 00:12:23 677,888 ----a-w C:\WINDOWS\system32\mstsc.exe
- 2004-08-04 09:00:00 655,360 -c--a-w C:\WINDOWS\system32\mstscax.dll
+ 2008-04-14 00:11:56 2,061,824 ----a-w C:\WINDOWS\system32\mstscax.dll
- 2004-08-04 09:00:00 195,072 ----a-w C:\WINDOWS\system32\msutb.dll
+ 2008-04-14 00:12:00 195,072 ----a-w C:\WINDOWS\system32\msutb.dll
- 2004-08-04 09:00:00 129,536 ----a-w C:\WINDOWS\system32\msv1_0.dll
+ 2008-04-14 00:12:00 132,608 ----a-w C:\WINDOWS\system32\msv1_0.dll
- 2004-08-04 09:00:00 1,392,671 ----a-w C:\WINDOWS\system32\msvbvm60.dll
+ 2008-04-14 00:12:00 1,384,479 ----a-w C:\WINDOWS\system32\msvbvm60.dll
- 2004-08-04 09:00:00 54,784 ----a-w C:\WINDOWS\system32\msvcirt.dll
+ 2008-04-14 00:12:01 57,344 ----a-w C:\WINDOWS\system32\msvcirt.dll
- 2004-08-04 09:00:00 413,696 ----a-w C:\WINDOWS\system32\msvcp60.dll
+ 2008-04-14 00:12:01 413,696 ----a-w C:\WINDOWS\system32\msvcp60.dll
- 2004-08-04 09:00:00 343,040 ----a-w C:\WINDOWS\system32\msvcrt.dll
+ 2008-04-14 00:12:01 343,040 ----a-w C:\WINDOWS\system32\msvcrt.dll
- 2004-08-04 09:00:00 61,440 -c--a-w C:\WINDOWS\system32\msvcrt40.dll
+ 2008-04-13 18:30:46 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
- 2004-08-04 09:00:00 120,832 ----a-w C:\WINDOWS\system32\msvfw32.dll
+ 2008-04-14 00:12:01 121,344 ----a-w C:\WINDOWS\system32\msvfw32.dll
- 2004-08-04 09:00:00 1,428,480 ----a-w C:\WINDOWS\system32\msvidctl.dll
+ 2008-04-14 00:12:01 1,428,992 ----a-w C:\WINDOWS\system32\msvidctl.dll
- 2004-08-04 09:00:00 72,704 -c--a-w C:\WINDOWS\system32\msw3prt.dll
+ 2008-04-14 00:12:01 72,704 ----a-w C:\WINDOWS\system32\msw3prt.dll
- 2004-08-04 09:00:00 204,288 -c--a-w C:\WINDOWS\system32\mswebdvd.dll
+ 2008-04-14 00:12:01 203,776 ----a-w C:\WINDOWS\system32\mswebdvd.dll
- 2008-06-20 17:41:10 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
+ 2008-06-20 17:46:57 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
- 2004-08-04 09:00:00 506,368 ----a-w C:\WINDOWS\system32\msxml.dll
+ 2008-04-14 00:12:01 506,368 ----a-w C:\WINDOWS\system32\msxml.dll
- 2004-08-04 09:00:00 701,440 -c--a-w C:\WINDOWS\system32\msxml2.dll
+ 2008-04-14 00:12:01 701,440 ----a-w C:\WINDOWS\system32\msxml2.dll
- 2007-06-26 06:08:16 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
+ 2008-04-14 00:12:01 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
+ 2008-04-14 00:12:01 1,306,624 ------w C:\WINDOWS\system32\msxml6.dll
+ 2008-04-13 17:27:18 79,872 ------w C:\WINDOWS\system32\msxml6r.dll
- 2004-08-04 09:00:00 17,408 ----a-w C:\WINDOWS\system32\msyuv.dll
+ 2008-04-14 00:12:01 16,896 ----a-w C:\WINDOWS\system32\msyuv.dll
- 2006-03-01 19:42:42 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll
+ 2008-04-14 00:12:01 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll
- 2004-08-04 09:00:00 20,480 -c--a-w C:\WINDOWS\system32\mtxdm.dll
+ 2008-04-14 00:12:01 30,720 ----a-w C:\WINDOWS\system32\mtxdm.dll
- 2004-08-04 09:00:00 4,096 -c--a-w C:\WINDOWS\system32\mtxex.dll
+ 2008-04-14 00:12:01 4,096 ----a-w C:\WINDOWS\system32\mtxex.dll
- 2004-08-04 09:00:00 25,088 -c--a-w C:\WINDOWS\system32\mtxlegih.dll
+ 2008-04-14 00:12:01 34,304 ----a-w C:\WINDOWS\system32\mtxlegih.dll
- 2006-03-01 19:42:42 91,136 -c--a-w C:\WINDOWS\system32\mtxoci.dll
+ 2008-04-14 00:12:01 91,648 ----a-w C:\WINDOWS\system32\mtxoci.dll
- 2004-08-04 09:00:00 405,504 -c--a-w C:\WINDOWS\system32\mui\041b\xpob2res.dll
+ 2008-04-13 18:40:52 405,504 ----a-w C:\WINDOWS\system32\mui\041b\xpob2res.dll
- 2004-08-04 09:00:00 193,024 -c--a-w C:\WINDOWS\system32\mui\041b\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w C:\WINDOWS\system32\mui\041b\xpsp1res.dll
- 2004-08-04 09:00:00 757,248 -c--a-w C:\WINDOWS\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:38:37 757,248 ----a-w C:\WINDOWS\system32\mui\041b\xpsp2res.dll
+ 2008-04-13 18:40:04 577,536 ------w C:\WINDOWS\system32\mui\041b\xpsp3res.dll
- 2004-08-04 09:00:00 408,576 -c--a-w C:\WINDOWS\system32\mui\0424\xpob2res.dll
+ 2008-04-13 18:40:56 408,576 ----a-w C:\WINDOWS\system32\mui\0424\xpob2res.dll
- 2004-08-04 09:00:00 192,512 -c--a-w C:\WINDOWS\system32\mui\0424\xpsp1res.dll
+ 2008-04-13 18:35:28 192,512 ----a-w C:\WINDOWS\system32\mui\0424\xpsp1res.dll
- 2004-08-04 09:00:00 732,160 -c--a-w C:\WINDOWS\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:38:36 732,160 ----a-w C:\WINDOWS\system32\mui\0424\xpsp2res.dll
+ 2008-04-13 18:40:05 576,512 ------w C:\WINDOWS\system32\mui\0424\xpsp3res.dll
- 2004-08-04 09:00:00 90,624 ----a-w C:\WINDOWS\system32\mydocs.dll
+ 2008-04-14 00:12:01 90,624 ----a-w C:\WINDOWS\system32\mydocs.dll
+ 2008-04-14 00:12:01 30,208 ------w C:\WINDOWS\system32\napipsec.dll
+ 2008-04-14 00:12:01 193,024 ------w C:\WINDOWS\system32\napmontr.dll
+ 2008-04-14 00:12:29 176,640 ------w C:\WINDOWS\system32\napstat.exe
- 2004-08-04 09:00:00 53,760 -c--a-w C:\WINDOWS\system32\narrator.exe
+ 2008-04-14 00:12:29 53,760 ----a-w C:\WINDOWS\system32\narrator.exe
- 2004-08-04 09:00:00 36,352 ----a-w C:\WINDOWS\system32\ncobjapi.dll
+ 2008-04-14 00:12:01 36,352 ----a-w C:\WINDOWS\system32\ncobjapi.dll
- 2004-08-04 09:00:00 17,920 ----a-w C:\WINDOWS\system32\nddeapi.dll
+ 2008-04-14 00:12:01 17,920 ----a-w C:\WINDOWS\system32\nddeapi.dll
- 2004-08-04 09:00:00 4,096 -c--a-w C:\WINDOWS\system32\nddeapir.exe
+ 2008-04-14 00:12:29 4,096 ----a-w C:\WINDOWS\system32\nddeapir.exe
- 2004-08-04 09:00:00 18,944 -c--a-w C:\WINDOWS\system32\nddenb32.dll
+ 2008-04-14 00:12:01 18,944 ----a-w C:\WINDOWS\system32\nddenb32.dll
- 2004-08-04 09:00:00 42,496 -c--a-w C:\WINDOWS\system32\net.exe
+ 2008-04-14 00:12:29 42,496 ----a-w C:\WINDOWS\system32\net.exe
- 2004-08-04 09:00:00 124,928 -c--a-w C:\WINDOWS\system32\net1.exe
+ 2008-04-14 00:12:29 124,928 ----a-w C:\WINDOWS\system32\net1.exe
- 2006-08-17 12:28:27 332,288 ----a-w C:\WINDOWS\system32\netapi32.dll
+ 2008-04-14 00:12:01 337,408 ----a-w C:\WINDOWS\system32\netapi32.dll
- 2004-08-04 09:00:00 622,080 ----a-w C:\WINDOWS\system32\netcfgx.dll
+ 2008-04-14 00:12:01 622,592 ----a-w C:\WINDOWS\system32\netcfgx.dll
- 2004-08-04 09:00:00 111,104 ----a-w C:\WINDOWS\system32\netdde.exe
+ 2008-04-14 00:12:29 111,104 ----a-w C:\WINDOWS\system32\netdde.exe
- 2004-08-04 09:00:00 139,264 ----a-w C:\WINDOWS\system32\netid.dll
+ 2008-04-14 00:12:01 139,264 ----a-w C:\WINDOWS\system32\netid.dll
- 2004-08-04 09:00:00 407,040 ----a-w C:\WINDOWS\system32\netlogon.dll
+ 2008-04-14 00:12:01 407,040 ----a-w C:\WINDOWS\system32\netlogon.dll
- 2005-08-22 18:29:46 197,632 ----a-w C:\WINDOWS\system32\netman.dll
+ 2008-04-14 00:12:01 198,144 ----a-w C:\WINDOWS\system32\netman.dll
- 2004-08-04 09:00:00 875,008 ----a-w C:\WINDOWS\system32\netplwiz.dll
+ 2008-04-14 00:12:01 875,008 ----a-w C:\WINDOWS\system32\netplwiz.dll
- 2004-08-04 09:00:00 12,288 ----a-w C:\WINDOWS\system32\netrap.dll
+ 2008-04-14 00:12:01 11,776 ----a-w C:\WINDOWS\system32\netrap.dll
- 2004-08-04 09:00:00 329,728 -c--a-w C:\WINDOWS\system32\netsetup.exe
+ 2008-04-14 00:16:51 329,728 ----a-w C:\WINDOWS\system32\netsetup.exe
- 2004-08-04 09:00:00 86,016 -c--a-w C:\WINDOWS\system32\netsh.exe
+ 2008-04-14 00:12:29 86,016 ----a-w C:\WINDOWS\system32\netsh.exe
  • 0

#18
jbd1270

jbd1270

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
- 2004-08-04 09:00:00 1,708,032 ----a-w C:\WINDOWS\system32\netshell.dll
+ 2008-04-14 00:12:02 1,703,936 ----a-w C:\WINDOWS\system32\netshell.dll
- 2004-08-04 09:00:00 36,864 -c--a-w C:\WINDOWS\system32\netstat.exe
+ 2008-04-14 00:12:29 36,864 ----a-w C:\WINDOWS\system32\netstat.exe
- 2004-08-04 09:00:00 80,896 ----a-w C:\WINDOWS\system32\netui0.dll
+ 2008-04-14 00:12:02 80,896 ----a-w C:\WINDOWS\system32\netui0.dll
- 2004-08-04 09:00:00 245,760 ----a-w C:\WINDOWS\system32\netui1.dll
+ 2008-04-14 00:12:02 245,760 ----a-w C:\WINDOWS\system32\netui1.dll
- 2004-08-04 09:00:00 248,832 ----a-w C:\WINDOWS\system32\newdev.dll
+ 2008-04-14 00:12:02 247,808 ----a-w C:\WINDOWS\system32\newdev.dll
- 2004-08-04 09:00:00 103,936 -c--a-w C:\WINDOWS\system32\nlhtml.dll
+ 2008-04-14 00:12:02 98,304 ----a-w C:\WINDOWS\system32\nlhtml.dll
- 2004-08-04 09:00:00 28,672 -c--a-w C:\WINDOWS\system32\nmmkcert.dll
+ 2008-04-14 00:12:02 28,672 ----a-w C:\WINDOWS\system32\nmmkcert.dll
- 2004-08-04 09:00:00 69,120 ----a-w C:\WINDOWS\system32\notepad.exe
+ 2008-04-14 00:12:29 69,120 ----a-w C:\WINDOWS\system32\notepad.exe
- 2004-08-04 09:00:00 57,344 -c--a-w C:\WINDOWS\system32\npp\ndisnpp.dll
+ 2008-04-14 00:12:01 57,344 ----a-w C:\WINDOWS\system32\npp\ndisnpp.dll
- 2004-08-04 09:00:00 15,360 -c--a-w C:\WINDOWS\system32\npp\nppagent.exe
+ 2008-04-14 00:12:29 15,360 ----a-w C:\WINDOWS\system32\npp\nppagent.exe
- 2004-08-04 09:00:00 54,784 -c--a-w C:\WINDOWS\system32\npptools.dll
+ 2008-04-14 00:12:02 54,784 ----a-w C:\WINDOWS\system32\npptools.dll
- 2004-08-04 09:00:00 76,800 -c--a-w C:\WINDOWS\system32\nslookup.exe
+ 2008-04-14 00:12:29 76,800 ----a-w C:\WINDOWS\system32\nslookup.exe
- 2004-08-04 09:00:00 708,096 ----a-w C:\WINDOWS\system32\ntdll.dll
+ 2008-04-14 00:11:24 706,048 ----a-w C:\WINDOWS\system32\ntdll.dll
- 2004-08-04 09:00:00 67,072 ----a-w C:\WINDOWS\system32\ntdsapi.dll
+ 2008-04-14 00:12:02 67,072 ----a-w C:\WINDOWS\system32\ntdsapi.dll
- 2007-02-28 09:15:59 2,017,280 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
+ 2008-04-13 18:31:21 2,023,936 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
- 2004-08-04 09:00:00 43,520 ----a-w C:\WINDOWS\system32\ntlanman.dll
+ 2008-04-14 00:12:02 44,032 ----a-w C:\WINDOWS\system32\ntlanman.dll
- 2004-08-04 09:00:00 8,192 ----a-w C:\WINDOWS\system32\ntlsapi.dll
+ 2008-04-14 00:12:02 8,192 ----a-w C:\WINDOWS\system32\ntlsapi.dll
- 2004-08-04 09:00:00 118,784 ----a-w C:\WINDOWS\system32\ntmarta.dll
+ 2008-04-14 00:12:02 118,784 ----a-w C:\WINDOWS\system32\ntmarta.dll
- 2004-08-04 09:00:00 40,960 -c--a-w C:\WINDOWS\system32\ntmsapi.dll
+ 2008-04-14 00:12:02 40,960 ----a-w C:\WINDOWS\system32\ntmsapi.dll
- 2004-08-04 09:00:00 179,712 -c--a-w C:\WINDOWS\system32\ntmsdba.dll
+ 2008-04-14 00:12:02 179,200 ----a-w C:\WINDOWS\system32\ntmsdba.dll
- 2004-08-04 09:00:00 488,448 -c--a-w C:\WINDOWS\system32\ntmsmgr.dll
+ 2008-04-14 00:12:02 488,448 ----a-w C:\WINDOWS\system32\ntmsmgr.dll
- 2004-08-04 09:00:00 435,200 ----a-w C:\WINDOWS\system32\ntmssvc.dll
+ 2008-04-14 00:12:02 435,200 ----a-w C:\WINDOWS\system32\ntmssvc.dll
- 2007-02-28 09:53:04 2,137,600 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
+ 2008-04-13 19:24:37 2,145,280 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
- 2004-08-04 09:00:00 91,136 ----a-w C:\WINDOWS\system32\ntprint.dll
+ 2008-04-14 00:12:02 91,136 ----a-w C:\WINDOWS\system32\ntprint.dll
- 2004-08-04 09:00:00 143,872 ----a-w C:\WINDOWS\system32\ntshrui.dll
+ 2008-04-14 00:12:02 143,360 ----a-w C:\WINDOWS\system32\ntshrui.dll
- 2004-08-04 09:00:00 419,840 ----a-w C:\WINDOWS\system32\ntvdm.exe
+ 2008-04-14 00:12:30 420,864 ----a-w C:\WINDOWS\system32\ntvdm.exe
- 2004-08-04 09:00:00 13,312 -c--a-w C:\WINDOWS\system32\ntvdmd.dll
+ 2008-04-14 00:12:02 15,360 ----a-w C:\WINDOWS\system32\ntvdmd.dll
- 2004-08-04 04:56:46 4,274,816 -c--a-w C:\WINDOWS\system32\nv4_disp.dll
+ 2008-04-14 00:12:02 4,274,816 ----a-w C:\WINDOWS\system32\nv4_disp.dll
- 2006-10-13 12:35:12 142,336 -c--a-w C:\WINDOWS\system32\nwprovau.dll
+ 2008-04-14 00:12:02 142,336 ----a-w C:\WINDOWS\system32\nwprovau.dll
- 2004-08-04 09:00:00 266,752 ----a-w C:\WINDOWS\system32\oakley.dll
+ 2008-04-14 00:12:02 270,336 ----a-w C:\WINDOWS\system32\oakley.dll
- 2004-08-04 09:00:00 285,696 -c--a-w C:\WINDOWS\system32\objsel.dll
+ 2008-04-14 00:12:02 286,208 ----a-w C:\WINDOWS\system32\objsel.dll
- 2004-08-04 09:00:00 96,256 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-04-14 00:12:02 96,256 ----a-w C:\WINDOWS\system32\occache.dll
- 2004-08-04 09:00:00 60,928 ----a-w C:\WINDOWS\system32\ocmanage.dll
+ 2008-04-14 00:12:02 67,584 ----a-w C:\WINDOWS\system32\ocmanage.dll
- 2004-08-04 09:00:00 249,856 ----a-w C:\WINDOWS\system32\odbc32.dll
+ 2008-04-14 00:12:02 249,856 ----a-w C:\WINDOWS\system32\odbc32.dll
- 2004-08-04 09:00:00 16,384 -c--a-w C:\WINDOWS\system32\odbc32gt.dll
+ 2008-04-14 00:12:02 16,384 ----a-w C:\WINDOWS\system32\odbc32gt.dll
- 2004-08-04 09:00:00 32,768 -c--a-w C:\WINDOWS\system32\odbcad32.exe
+ 2008-04-14 00:12:30 32,768 ----a-w C:\WINDOWS\system32\odbcad32.exe
- 2004-08-04 09:00:00 24,576 ----a-w C:\WINDOWS\system32\odbcbcp.dll
+ 2008-04-14 00:12:02 24,576 ----a-w C:\WINDOWS\system32\odbcbcp.dll
- 2004-08-04 09:00:00 135,168 -c--a-w C:\WINDOWS\system32\odbcconf.dll
+ 2008-04-14 00:12:02 135,168 ----a-w C:\WINDOWS\system32\odbcconf.dll
- 2004-08-04 09:00:00 69,632 -c--a-w C:\WINDOWS\system32\odbcconf.exe
+ 2008-04-14 00:12:30 69,632 ----a-w C:\WINDOWS\system32\odbcconf.exe
- 2004-08-04 09:00:00 106,496 -c--a-w C:\WINDOWS\system32\odbccp32.dll
+ 2008-04-14 00:12:02 106,496 ----a-w C:\WINDOWS\system32\odbccp32.dll
- 2004-08-04 09:00:00 65,536 -c--a-w C:\WINDOWS\system32\odbccr32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w C:\WINDOWS\system32\odbccr32.dll
- 2004-08-04 09:00:00 65,536 -c--a-w C:\WINDOWS\system32\odbccu32.dll
+ 2008-04-14 00:12:02 65,536 ----a-w C:\WINDOWS\system32\odbccu32.dll
- 2004-08-04 09:00:00 94,208 ----a-w C:\WINDOWS\system32\odbcint.dll
+ 2008-04-13 17:26:05 94,208 ----a-w C:\WINDOWS\system32\odbcint.dll
- 2004-08-04 09:00:00 53,279 -c--a-w C:\WINDOWS\system32\odbcji32.dll
+ 2008-04-14 00:10:31 53,279 ----a-w C:\WINDOWS\system32\odbcji32.dll
- 2004-08-04 09:00:00 278,559 -c--a-w C:\WINDOWS\system32\odbcjt32.dll
+ 2008-04-14 00:12:02 278,559 ----a-w C:\WINDOWS\system32\odbcjt32.dll
- 2004-08-04 09:00:00 12,288 -c--a-w C:\WINDOWS\system32\odbcp32r.dll
+ 2008-04-13 17:26:05 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
- 2004-08-04 09:00:00 147,456 -c--a-w C:\WINDOWS\system32\odbctrac.dll
+ 2008-04-14 00:12:02 147,456 ----a-w C:\WINDOWS\system32\odbctrac.dll
- 2004-08-04 09:00:00 20,511 -c--a-w C:\WINDOWS\system32\oddbse32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w C:\WINDOWS\system32\oddbse32.dll
- 2004-08-04 09:00:00 20,510 -c--a-w C:\WINDOWS\system32\odexl32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w C:\WINDOWS\system32\odexl32.dll
- 2004-08-04 09:00:00 20,510 -c--a-w C:\WINDOWS\system32\odfox32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w C:\WINDOWS\system32\odfox32.dll
- 2004-08-04 09:00:00 20,510 -c--a-w C:\WINDOWS\system32\odpdx32.dll
+ 2008-04-14 00:12:02 20,510 ----a-w C:\WINDOWS\system32\odpdx32.dll
- 2004-08-04 09:00:00 20,511 -c--a-w C:\WINDOWS\system32\odtext32.dll
+ 2008-04-14 00:12:02 20,511 ----a-w C:\WINDOWS\system32\odtext32.dll
- 2004-08-04 09:00:00 120,832 -c--a-w C:\WINDOWS\system32\offfilt.dll
+ 2008-04-14 00:12:02 192,000 ----a-w C:\WINDOWS\system32\offfilt.dll
- 2005-07-26 04:39:48 1,285,120 ----a-w C:\WINDOWS\system32\ole32.dll
+ 2008-04-14 00:12:02 1,287,168 ----a-w C:\WINDOWS\system32\ole32.dll
- 2007-12-04 18:38:13 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
+ 2008-04-14 00:12:02 551,936 ----a-w C:\WINDOWS\system32\oleaut32.dll
- 2005-07-26 04:39:48 74,752 ----a-w C:\WINDOWS\system32\olecli32.dll
+ 2008-04-14 00:12:02 74,752 ----a-w C:\WINDOWS\system32\olecli32.dll
- 2005-07-26 04:39:49 37,888 ----a-w C:\WINDOWS\system32\olecnv32.dll
+ 2008-04-14 00:12:02 37,376 ----a-w C:\WINDOWS\system32\olecnv32.dll
- 2006-10-16 16:15:00 122,880 -c--a-w C:\WINDOWS\system32\oledlg.dll
+ 2008-04-14 00:12:02 122,880 ----a-w C:\WINDOWS\system32\oledlg.dll
- 2004-08-04 09:00:00 107,008 -c--a-w C:\WINDOWS\system32\oleprn.dll
+ 2008-04-14 00:12:02 107,008 ----a-w C:\WINDOWS\system32\oleprn.dll
- 2004-08-04 09:00:00 83,456 ----a-w C:\WINDOWS\system32\olepro32.dll
+ 2008-04-14 00:12:02 84,992 ----a-w C:\WINDOWS\system32\olepro32.dll
+ 2008-04-14 00:12:02 144,384 ------w C:\WINDOWS\system32\onex.dll
- 2004-08-04 09:00:00 122,368 -c--a-w C:\WINDOWS\system32\oobe\msobcomm.dll
+ 2008-04-14 00:12:00 122,368 ----a-w C:\WINDOWS\system32\oobe\msobcomm.dll
- 2004-08-04 09:00:00 16,384 -c--a-w C:\WINDOWS\system32\oobe\msobdl.dll
+ 2008-04-14 00:12:00 16,384 ----a-w C:\WINDOWS\system32\oobe\msobdl.dll
- 2004-08-04 09:00:00 561,664 -c--a-w C:\WINDOWS\system32\oobe\msobmain.dll
+ 2008-04-14 00:12:00 565,248 ----a-w C:\WINDOWS\system32\oobe\msobmain.dll
- 2004-08-04 09:00:00 30,720 -c--a-w C:\WINDOWS\system32\oobe\msobshel.dll
+ 2008-04-14 00:12:00 30,720 ----a-w C:\WINDOWS\system32\oobe\msobshel.dll
- 2004-08-04 09:00:00 18,944 -c--a-w C:\WINDOWS\system32\oobe\msobweb.dll
+ 2008-04-14 00:12:00 19,456 ----a-w C:\WINDOWS\system32\oobe\msobweb.dll
- 2004-08-04 09:00:00 28,160 -c--a-w C:\WINDOWS\system32\oobe\msoobe.exe
+ 2008-04-14 00:12:28 29,184 ----a-w C:\WINDOWS\system32\oobe\msoobe.exe
- 2004-08-04 09:00:00 51,200 -c--a-w C:\WINDOWS\system32\oobe\oobebaln.exe
+ 2008-04-14 00:12:31 51,200 ----a-w C:\WINDOWS\system32\oobe\oobebaln.exe
- 2004-08-04 09:00:00 713,728 ----a-w C:\WINDOWS\system32\opengl32.dll
+ 2008-04-14 00:12:02 713,728 ----a-w C:\WINDOWS\system32\opengl32.dll
- 2004-08-04 09:00:00 215,552 -c--a-w C:\WINDOWS\system32\osk.exe
+ 2008-04-14 00:12:31 215,552 ----a-w C:\WINDOWS\system32\osk.exe
- 2004-08-04 09:00:00 67,584 ----a-w C:\WINDOWS\system32\osuninst.dll
+ 2008-04-14 00:12:02 67,584 ----a-w C:\WINDOWS\system32\osuninst.dll
- 2004-08-04 09:00:00 116,224 -c--a-w C:\WINDOWS\system32\p2p.dll
+ 2008-04-14 00:12:02 153,600 ----a-w C:\WINDOWS\system32\p2p.dll
- 2004-08-04 09:00:00 86,016 -c--a-w C:\WINDOWS\system32\p2pgasvc.dll
+ 2008-04-14 00:12:02 105,472 ----a-w C:\WINDOWS\system32\p2pgasvc.dll
- 2004-08-04 09:00:00 312,320 -c--a-w C:\WINDOWS\system32\p2pgraph.dll
+ 2008-04-14 00:12:02 313,856 ----a-w C:\WINDOWS\system32\p2pgraph.dll
- 2004-08-04 09:00:00 88,064 -c--a-w C:\WINDOWS\system32\p2pnetsh.dll
+ 2008-04-14 00:12:02 115,712 ----a-w C:\WINDOWS\system32\p2pnetsh.dll
- 2004-08-04 09:00:00 526,848 -c--a-w C:\WINDOWS\system32\p2psvc.dll
+ 2008-04-14 00:12:02 554,496 ----a-w C:\WINDOWS\system32\p2psvc.dll
- 2004-08-04 09:00:00 58,368 -c--a-w C:\WINDOWS\system32\packager.exe
+ 2008-04-14 00:12:31 58,368 ----a-w C:\WINDOWS\system32\packager.exe
- 2004-08-04 09:00:00 62,976 -c--a-w C:\WINDOWS\system32\pautoenr.dll
+ 2008-04-14 00:12:02 67,584 ----a-w C:\WINDOWS\system32\pautoenr.dll
- 2004-08-04 09:00:00 283,648 ----a-w C:\WINDOWS\system32\pdh.dll
+ 2008-04-14 00:12:02 284,160 ----a-w C:\WINDOWS\system32\pdh.dll
- 2008-05-09 01:34:16 62,032 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-08-30 01:28:48 62,032 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2004-08-04 09:00:00 39,936 ----a-w C:\WINDOWS\system32\perfctrs.dll
+ 2008-04-14 00:12:02 39,936 ----a-w C:\WINDOWS\system32\perfctrs.dll
- 2004-08-04 09:00:00 26,624 ----a-w C:\WINDOWS\system32\perfdisk.dll
+ 2008-04-14 00:12:02 26,624 ----a-w C:\WINDOWS\system32\perfdisk.dll
- 2008-05-09 01:34:16 402,426 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-08-30 01:28:49 402,426 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2004-08-04 09:00:00 15,872 -c--a-w C:\WINDOWS\system32\perfmon.exe
+ 2008-04-14 00:12:31 15,872 ----a-w C:\WINDOWS\system32\perfmon.exe
- 2004-08-04 09:00:00 16,896 ----a-w C:\WINDOWS\system32\perfnet.dll
+ 2008-04-14 00:12:02 17,920 ----a-w C:\WINDOWS\system32\perfnet.dll
- 2004-08-04 09:00:00 25,088 ----a-w C:\WINDOWS\system32\perfos.dll
+ 2008-04-14 00:12:02 25,088 ----a-w C:\WINDOWS\system32\perfos.dll
- 2004-08-04 09:00:00 34,816 ----a-w C:\WINDOWS\system32\perfproc.dll
+ 2008-04-14 00:12:02 34,816 ----a-w C:\WINDOWS\system32\perfproc.dll
+ 2008-04-14 00:12:02 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll
- 2004-08-04 09:00:00 176,128 ----a-w C:\WINDOWS\system32\photowiz.dll
+ 2008-04-14 00:12:02 176,128 ----a-w C:\WINDOWS\system32\photowiz.dll
- 2004-08-04 09:00:00 35,328 -c--a-w C:\WINDOWS\system32\pid.dll
+ 2008-04-14 00:12:02 35,328 ----a-w C:\WINDOWS\system32\pid.dll
- 2004-08-04 09:00:00 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
+ 2008-04-13 18:35:22 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
- 2004-08-04 09:00:00 17,920 -c--a-w C:\WINDOWS\system32\ping.exe
+ 2008-04-14 00:12:31 17,920 ----a-w C:\WINDOWS\system32\ping.exe
- 2004-08-04 09:00:00 15,360 ----a-w C:\WINDOWS\system32\pjlmon.dll
+ 2008-04-14 00:12:02 15,360 ----a-w C:\WINDOWS\system32\pjlmon.dll
- 2008-06-23 16:12:02 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-14 00:12:02 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2004-08-04 09:00:00 48,640 -c--a-w C:\WINDOWS\system32\pnrpnsp.dll
+ 2008-04-14 00:12:02 58,880 ----a-w C:\WINDOWS\system32\pnrpnsp.dll
- 2004-08-04 09:00:00 105,472 -c--a-w C:\WINDOWS\system32\polstore.dll
+ 2008-04-14 00:12:02 105,472 ----a-w C:\WINDOWS\system32\polstore.dll
- 2004-08-04 09:00:00 49,152 -c--a-w C:\WINDOWS\system32\powercfg.exe
+ 2008-04-14 00:12:31 49,152 ----a-w C:\WINDOWS\system32\powercfg.exe
- 2004-08-04 09:00:00 17,408 ----a-w C:\WINDOWS\system32\powrprof.dll
+ 2008-04-14 00:12:03 17,408 ----a-w C:\WINDOWS\system32\powrprof.dll
- 2004-08-04 09:00:00 560,640 ----a-w C:\WINDOWS\system32\printui.dll
+ 2008-04-14 00:12:03 560,640 ----a-w C:\WINDOWS\system32\printui.dll
- 2004-08-04 09:00:00 27,648 ----a-w C:\WINDOWS\system32\profmap.dll
+ 2008-04-14 00:12:03 27,648 ----a-w C:\WINDOWS\system32\profmap.dll
- 2004-08-04 09:00:00 109,568 ----a-w C:\WINDOWS\system32\progman.exe
+ 2008-04-14 00:12:31 109,568 ----a-w C:\WINDOWS\system32\progman.exe
- 2004-08-04 09:00:00 50,176 -c--a-w C:\WINDOWS\system32\proquota.exe
+ 2008-04-14 00:12:32 50,176 ----a-w C:\WINDOWS\system32\proquota.exe
- 2004-08-04 09:00:00 9,216 -c--a-w C:\WINDOWS\system32\proxycfg.exe
+ 2008-04-14 00:12:32 9,216 ----a-w C:\WINDOWS\system32\proxycfg.exe
- 2004-08-04 09:00:00 23,040 ----a-w C:\WINDOWS\system32\psapi.dll
+ 2008-04-14 00:12:03 23,040 ----a-w C:\WINDOWS\system32\psapi.dll
- 2004-08-04 09:00:00 96,768 ----a-w C:\WINDOWS\system32\psbase.dll
+ 2008-04-14 00:12:03 96,768 ----a-w C:\WINDOWS\system32\psbase.dll
- 2004-08-04 09:00:00 43,520 ----a-w C:\WINDOWS\system32\pstorec.dll
+ 2008-04-14 00:12:03 43,520 ----a-w C:\WINDOWS\system32\pstorec.dll
- 2004-08-04 09:00:00 34,304 ----a-w C:\WINDOWS\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 34,304 ----a-w C:\WINDOWS\system32\pstorsvc.dll
+ 2008-04-14 00:12:03 150,528 ------w C:\WINDOWS\system32\qagent.dll
+ 2008-04-14 00:12:03 291,328 ------w C:\WINDOWS\system32\qagentrt.dll
- 2004-08-04 09:00:00 192,512 -c--a-w C:\WINDOWS\system32\qcap.dll
+ 2008-04-14 00:12:03 192,512 ----a-w C:\WINDOWS\system32\qcap.dll
+ 2008-04-14 00:12:03 62,464 ------w C:\WINDOWS\system32\qcliprov.dll
- 2004-08-04 09:00:00 279,040 ----a-w C:\WINDOWS\system32\qdv.dll
+ 2008-04-14 00:12:03 279,040 ----a-w C:\WINDOWS\system32\qdv.dll
- 2004-08-04 09:00:00 385,024 ----a-w C:\WINDOWS\system32\qdvd.dll
+ 2008-04-14 00:12:03 386,048 ----a-w C:\WINDOWS\system32\qdvd.dll
- 2004-08-04 09:00:00 562,176 -c--a-w C:\WINDOWS\system32\qedit.dll
+ 2008-04-14 00:12:03 562,176 ----a-w C:\WINDOWS\system32\qedit.dll
- 2004-08-04 09:00:00 733,696 -c--a-w C:\WINDOWS\system32\qedwipes.dll
+ 2008-04-13 17:21:32 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
- 2004-08-04 09:00:00 382,464 ----a-w C:\WINDOWS\system32\qmgr.dll
+ 2008-04-14 00:12:03 409,088 ----a-w C:\WINDOWS\system32\qmgr.dll
- 2004-08-04 09:00:00 18,944 ----a-w C:\WINDOWS\system32\qmgrprxy.dll
+ 2008-04-14 00:12:03 18,944 ----a-w C:\WINDOWS\system32\qmgrprxy.dll
- 2004-08-04 09:00:00 20,480 -c--a-w C:\WINDOWS\system32\qprocess.exe
+ 2008-04-14 00:12:32 19,968 ----a-w C:\WINDOWS\system32\qprocess.exe
- 2008-05-07 05:18:48 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
- 2006-06-22 05:06:30 1,435,648 ----a-w C:\WINDOWS\system32\query.dll
+ 2008-04-14 00:12:03 1,435,648 ----a-w C:\WINDOWS\system32\query.dll
+ 2008-04-14 00:12:03 76,800 ------w C:\WINDOWS\system32\qutil.dll
- 2004-08-04 09:00:00 43,520 -c--a-w C:\WINDOWS\system32\racpldlg.dll
+ 2008-04-14 00:12:03 43,520 ----a-w C:\WINDOWS\system32\racpldlg.dll
- 2006-06-26 17:37:10 8,192 ----a-w C:\WINDOWS\system32\rasadhlp.dll
+ 2008-04-14 00:12:03 7,680 ----a-w C:\WINDOWS\system32\rasadhlp.dll
- 2004-08-04 09:00:00 236,544 ----a-w C:\WINDOWS\system32\rasapi32.dll
+ 2008-04-14 00:12:03 237,056 ----a-w C:\WINDOWS\system32\rasapi32.dll
- 2004-08-04 09:00:00 89,088 ----a-w C:\WINDOWS\system32\rasauto.dll
+ 2008-04-14 00:12:03 88,576 ----a-w C:\WINDOWS\system32\rasauto.dll
- 2004-08-04 09:00:00 69,632 ----a-w C:\WINDOWS\system32\raschap.dll
+ 2008-04-14 00:12:03 79,872 ----a-w C:\WINDOWS\system32\raschap.dll
- 2004-08-04 09:00:00 657,920 ----a-w C:\WINDOWS\system32\rasdlg.dll
+ 2008-04-14 00:12:03 658,432 ----a-w C:\WINDOWS\system32\rasdlg.dll
- 2004-08-04 09:00:00 61,440 ----a-w C:\WINDOWS\system32\rasman.dll
+ 2008-04-14 00:12:03 61,440 ----a-w C:\WINDOWS\system32\rasman.dll
- 2006-06-22 10:47:18 181,248 ----a-w C:\WINDOWS\system32\rasmans.dll
+ 2008-04-14 00:12:03 186,368 ----a-w C:\WINDOWS\system32\rasmans.dll
- 2004-08-04 09:00:00 56,832 -c--a-w C:\WINDOWS\system32\rasphone.exe
+ 2008-04-14 00:12:32 56,832 ----a-w C:\WINDOWS\system32\rasphone.exe
- 2004-08-04 09:00:00 206,336 ----a-w C:\WINDOWS\system32\rasppp.dll
+ 2008-04-14 00:12:03 210,944 ----a-w C:\WINDOWS\system32\rasppp.dll
+ 2008-04-14 00:12:03 61,952 ------w C:\WINDOWS\system32\rasqec.dll
- 2004-08-04 09:00:00 16,896 -c--a-w C:\WINDOWS\system32\rassapi.dll
+ 2008-04-14 00:12:03 16,384 ----a-w C:\WINDOWS\system32\rassapi.dll
- 2004-08-04 09:00:00 58,880 ----a-w C:\WINDOWS\system32\rastapi.dll
+ 2008-04-14 00:12:03 58,368 ----a-w C:\WINDOWS\system32\rastapi.dll
- 2004-08-04 09:00:00 112,128 ----a-w C:\WINDOWS\system32\rastls.dll
+ 2008-04-14 00:12:03 150,016 ----a-w C:\WINDOWS\system32\rastls.dll
- 2004-08-04 09:00:00 102,400 ----a-w C:\WINDOWS\system32\rcbdyctl.dll
+ 2008-04-14 00:12:03 102,400 ----a-w C:\WINDOWS\system32\rcbdyctl.dll
- 2004-08-04 09:00:00 35,840 -c--a-w C:\WINDOWS\system32\rcimlby.exe
+ 2008-04-14 00:12:32 35,840 ----a-w C:\WINDOWS\system32\rcimlby.exe
- 2004-08-04 09:00:00 21,504 -c--a-w C:\WINDOWS\system32\rcp.exe
+ 2008-04-14 00:12:32 21,504 ----a-w C:\WINDOWS\system32\rcp.exe
- 2004-08-04 09:00:00 147,968 -c--a-w C:\WINDOWS\system32\rdchost.dll
+ 2008-04-14 00:12:03 147,968 ----a-w C:\WINDOWS\system32\rdchost.dll
- 2004-08-04 09:00:00 62,464 ----a-w C:\WINDOWS\system32\rdpclip.exe
+ 2008-04-14 00:12:32 62,976 ----a-w C:\WINDOWS\system32\rdpclip.exe
- 2004-08-04 09:00:00 92,168 -c--a-w C:\WINDOWS\system32\rdpdd.dll
+ 2008-04-14 00:13:22 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
- 2004-08-04 09:00:00 19,968 -c--a-w C:\WINDOWS\system32\rdpsnd.dll
+ 2008-04-14 00:12:04 19,968 ----a-w C:\WINDOWS\system32\rdpsnd.dll
- 2004-08-04 09:00:00 87,176 -c--a-w C:\WINDOWS\system32\rdpwsx.dll
+ 2008-04-14 00:13:22 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
- 2004-08-04 09:00:00 13,824 -c--a-w C:\WINDOWS\system32\rdsaddin.exe
+ 2008-04-14 00:12:32 13,824 ----a-w C:\WINDOWS\system32\rdsaddin.exe
- 2004-08-04 09:00:00 67,072 -c--a-w C:\WINDOWS\system32\rdshost.exe
+ 2008-04-14 00:12:32 67,072 ----a-w C:\WINDOWS\system32\rdshost.exe
- 2004-08-04 09:00:00 50,176 -c--a-w C:\WINDOWS\system32\reg.exe
+ 2008-04-14 00:12:32 50,176 ----a-w C:\WINDOWS\system32\reg.exe
- 2004-08-04 09:00:00 49,664 ----a-w C:\WINDOWS\system32\regapi.dll
+ 2008-04-14 00:12:04 49,664 ----a-w C:\WINDOWS\system32\regapi.dll
- 2004-08-04 09:00:00 59,904 -c--a-w C:\WINDOWS\system32\regsvc.dll
+ 2008-04-14 00:12:04 59,904 ----a-w C:\WINDOWS\system32\regsvc.dll
- 2004-08-04 09:00:00 11,776 ----a-w C:\WINDOWS\system32\regsvr32.exe
+ 2008-04-14 00:12:32 11,776 ----a-w C:\WINDOWS\system32\regsvr32.exe
- 2004-08-04 09:00:00 397,824 -c--a-w C:\WINDOWS\system32\regwizc.dll
+ 2008-04-14 00:12:04 397,824 ----a-w C:\WINDOWS\system32\regwizc.dll
+ 2004-08-04 09:00:00 36,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\intelppm.sys
+ 2004-08-04 09:00:00 36,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\intelppm.sys
+ 2004-08-12 21:45:54 137,728 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\hdaudbus.sys
- 2004-08-04 09:00:00 60,416 ----a-w C:\WINDOWS\system32\remotepg.dll
+ 2008-04-14 00:12:04 60,416 ----a-w C:\WINDOWS\system32\remotepg.dll
- 2004-08-04 09:00:00 380,416 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe
+ 2008-04-14 00:12:33 380,416 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe
- 2004-08-04 09:00:00 58,880 ----a-w C:\WINDOWS\system32\resutils.dll
+ 2008-04-14 00:12:04 58,880 ----a-w C:\WINDOWS\system32\resutils.dll
- 2004-08-04 09:00:00 13,824 -c--a-w C:\WINDOWS\system32\rexec.exe
+ 2008-04-14 00:12:33 13,824 ----a-w C:\WINDOWS\system32\rexec.exe
+ 2008-04-14 00:12:04 290,304 ------w C:\WINDOWS\system32\rhttpaa.dll
- 2006-11-27 14:54:06 433,152 ----a-w C:\WINDOWS\system32\riched20.dll
+ 2008-04-14 00:12:04 433,664 ----a-w C:\WINDOWS\system32\riched20.dll
- 2007-07-09 13:09:42 584,192 ----a-w C:\WINDOWS\system32\rpcrt4.dll
+ 2008-04-14 00:12:04 584,704 ----a-w C:\WINDOWS\system32\rpcrt4.dll
- 2005-07-26 04:39:49 397,824 ----a-w C:\WINDOWS\system32\rpcss.dll
+ 2008-04-14 00:12:04 399,360 ----a-w C:\WINDOWS\system32\rpcss.dll
- 2004-08-04 09:00:00 152,576 ----a-w C:\WINDOWS\system32\rsaenh.dll
+ 2008-04-13 17:37:57 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
- 2004-08-04 09:00:00 14,848 -c--a-w C:\WINDOWS\system32\rsh.exe
+ 2008-04-14 00:12:33 14,848 ----a-w C:\WINDOWS\system32\rsh.exe
- 2004-08-04 09:00:00 39,936 ----a-w C:\WINDOWS\system32\rshx32.dll
+ 2008-04-14 00:12:04 39,936 ----a-w C:\WINDOWS\system32\rshx32.dll
- 2004-08-04 09:00:00 18,944 -c--a-w C:\WINDOWS\system32\rsmps.dll
+ 2008-04-14 00:12:04 18,944 ----a-w C:\WINDOWS\system32\rsmps.dll
- 2004-08-04 09:00:00 90,112 ----a-w C:\WINDOWS\system32\rsvpsp.dll
+ 2008-04-14 00:12:04 92,672 ----a-w C:\WINDOWS\system32\rsvpsp.dll
- 2004-08-04 09:00:00 77,312 -c--a-w C:\WINDOWS\system32\rtcshare.exe
+ 2008-04-14 00:12:33 77,312 ----a-w C:\WINDOWS\system32\rtcshare.exe
- 2004-08-04 09:00:00 31,744 -c--a-w C:\WINDOWS\system32\rtipxmib.dll
+ 2008-04-14 00:12:04 31,744 ----a-w C:\WINDOWS\system32\rtipxmib.dll
- 2004-08-04 09:00:00 44,032 ----a-w C:\WINDOWS\system32\rtutils.dll
+ 2008-04-14 00:12:04 44,032 ----a-w C:\WINDOWS\system32\rtutils.dll
- 2004-08-04 09:00:00 33,280 ----a-w C:\WINDOWS\system32\rundll32.exe
+ 2008-04-14 00:12:33 33,280 ----a-w C:\WINDOWS\system32\rundll32.exe
- 2004-08-04 09:00:00 14,336 -c--a-w C:\WINDOWS\system32\runonce.exe
+ 2008-04-14 00:12:33 14,336 ----a-w C:\WINDOWS\system32\runonce.exe
+ 2008-04-14 00:12:04 397,056 ------w C:\WINDOWS\system32\s3gnb.dll
- 2004-08-04 09:00:00 43,520 -c--a-w C:\WINDOWS\system32\safrcdlg.dll
+ 2008-04-14 00:12:04 43,520 ----a-w C:\WINDOWS\system32\safrcdlg.dll
- 2004-08-04 09:00:00 29,696 -c--a-w C:\WINDOWS\system32\safrdm.dll
+ 2008-04-14 00:12:04 29,696 ----a-w C:\WINDOWS\system32\safrdm.dll
- 2004-08-04 09:00:00 45,568 -c--a-w C:\WINDOWS\system32\safrslv.dll
+ 2008-04-14 00:12:04 45,568 ----a-w C:\WINDOWS\system32\safrslv.dll
- 2004-08-04 09:00:00 64,000 ----a-w C:\WINDOWS\system32\samlib.dll
+ 2008-04-14 00:12:04 64,000 ----a-w C:\WINDOWS\system32\samlib.dll
- 2004-08-04 09:00:00 415,744 ----a-w C:\WINDOWS\system32\samsrv.dll
+ 2008-04-14 00:12:04 415,744 ----a-w C:\WINDOWS\system32\samsrv.dll
- 2004-08-04 09:00:00 13,312 -c--a-w C:\WINDOWS\system32\savedump.exe
+ 2008-04-14 00:12:33 13,312 ----a-w C:\WINDOWS\system32\savedump.exe
- 2004-08-04 09:00:00 270,848 -c--a-w C:\WINDOWS\system32\sbe.dll
+ 2008-04-14 00:12:04 270,848 ----a-w C:\WINDOWS\system32\sbe.dll
- 2004-08-04 09:00:00 159,232 -c--a-w C:\WINDOWS\system32\sbeio.dll
+ 2008-04-14 00:12:04 159,232 ----a-w C:\WINDOWS\system32\sbeio.dll
- 2004-08-04 09:00:00 69,632 ----a-w C:\WINDOWS\system32\scarddlg.dll
+ 2008-04-14 00:12:04 69,632 ----a-w C:\WINDOWS\system32\scarddlg.dll
- 2004-08-04 09:00:00 95,744 ----a-w C:\WINDOWS\system32\scardsvr.exe
+ 2008-04-14 00:12:33 95,744 ----a-w C:\WINDOWS\system32\scardsvr.exe
- 2004-08-04 09:00:00 171,008 ----a-w C:\WINDOWS\system32\sccsccp.dll
+ 2008-04-14 00:12:05 171,008 ----a-w C:\WINDOWS\system32\sccsccp.dll
- 2004-08-04 09:00:00 180,224 ----a-w C:\WINDOWS\system32\scecli.dll
+ 2008-04-14 00:12:05 181,248 ----a-w C:\WINDOWS\system32\scecli.dll
- 2004-08-04 09:00:00 313,856 ----a-w C:\WINDOWS\system32\scesrv.dll
+ 2008-04-14 00:12:05 314,880 ----a-w C:\WINDOWS\system32\scesrv.dll
- 2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
+ 2008-04-14 00:12:05 144,384 ----a-w C:\WINDOWS\system32\schannel.dll
- 2004-08-04 09:00:00 190,976 ----a-w C:\WINDOWS\system32\schedsvc.dll
+ 2008-04-14 00:12:05 192,512 ----a-w C:\WINDOWS\system32\schedsvc.dll
- 2004-08-04 09:00:00 20,992 ----a-w C:\WINDOWS\system32\sclgntfy.dll
+ 2008-04-14 00:12:05 20,480 ----a-w C:\WINDOWS\system32\sclgntfy.dll
- 2004-08-04 09:00:00 9,216 -c--a-w C:\WINDOWS\system32\scrnsave.scr
+ 2008-04-14 00:12:43 9,216 ----a-w C:\WINDOWS\system32\scrnsave.scr
- 2004-08-04 09:00:00 159,744 ----a-w C:\WINDOWS\system32\scrobj.dll
+ 2008-04-14 00:12:05 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll
- 2004-08-04 09:00:00 151,552 -c--a-w C:\WINDOWS\system32\scrrun.dll
+ 2008-04-14 00:12:05 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll
- 2004-08-04 09:00:00 77,312 -c--a-w C:\WINDOWS\system32\sdbinst.exe
+ 2008-04-14 00:12:34 77,312 ----a-w C:\WINDOWS\system32\sdbinst.exe
- 2004-08-04 09:00:00 29,184 -c--a-w C:\WINDOWS\system32\sdhcinst.dll
+ 2008-04-14 00:12:05 29,184 ----a-w C:\WINDOWS\system32\sdhcinst.dll
- 2004-08-04 09:00:00 18,944 ----a-w C:\WINDOWS\system32\seclogon.dll
+ 2008-04-14 00:12:05 18,944 ----a-w C:\WINDOWS\system32\seclogon.dll
- 2004-08-04 09:00:00 55,808 ----a-w C:\WINDOWS\system32\secur32.dll
+ 2008-04-14 00:12:05 56,320 ----a-w C:\WINDOWS\system32\secur32.dll
- 2004-08-04 09:00:00 5,632 ----a-w C:\WINDOWS\system32\security.dll
+ 2008-04-14 00:12:05 5,632 ----a-w C:\WINDOWS\system32\security.dll
- 2004-08-04 09:00:00 29,184 -c--a-w C:\WINDOWS\system32\sendcmsg.dll
+ 2008-04-14 00:12:05 29,184 ----a-w C:\WINDOWS\system32\sendcmsg.dll
- 2004-08-04 09:00:00 55,296 ----a-w C:\WINDOWS\system32\sendmail.dll
+ 2008-04-14 00:12:05 54,784 ----a-w C:\WINDOWS\system32\sendmail.dll
- 2004-08-04 09:00:00 38,912 ----a-w C:\WINDOWS\system32\sens.dll
+ 2008-04-14 00:12:05 39,424 ----a-w C:\WINDOWS\system32\sens.dll
- 2004-08-04 09:00:00 6,656 ----a-w C:\WINDOWS\system32\sensapi.dll
+ 2008-04-14 00:12:05 7,168 ----a-w C:\WINDOWS\system32\sensapi.dll
- 2004-08-04 09:00:00 56,320 -c--a-w C:\WINDOWS\system32\servdeps.dll
+ 2008-04-14 00:12:05 56,320 ----a-w C:\WINDOWS\system32\servdeps.dll
- 2004-08-04 09:00:00 140,800 ----a-w C:\WINDOWS\system32\sessmgr.exe
+ 2008-04-14 00:12:34 141,312 ----a-w C:\WINDOWS\system32\sessmgr.exe
- 2004-08-04 09:00:00 31,232 -c--a-w C:\WINDOWS\system32\sethc.exe
+ 2008-04-14 00:12:34 31,232 ----a-w C:\WINDOWS\system32\sethc.exe
- 2004-08-04 09:00:00 23,040 -c--a-w C:\WINDOWS\system32\setup.exe
+ 2008-04-14 00:12:34 23,040 ----a-w C:\WINDOWS\system32\setup.exe
  • 0

#19
jbd1270

jbd1270

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
- 2004-08-04 09:00:00 259,584 ----a-w C:\WINDOWS\system32\Setup\comsetup.dll
+ 2008-04-14 00:11:51 274,944 ----a-w C:\WINDOWS\system32\Setup\comsetup.dll
- 2004-08-04 09:00:00 32,828 ----a-w C:\WINDOWS\system32\Setup\fp40ext.dll
+ 2008-04-14 00:11:53 32,828 ----a-w C:\WINDOWS\system32\Setup\fp40ext.dll
- 2004-08-04 09:00:00 132,608 ----a-w C:\WINDOWS\system32\Setup\fxsocm.dll
+ 2008-04-14 00:11:54 132,608 ----a-w C:\WINDOWS\system32\Setup\fxsocm.dll
- 2004-08-04 09:00:00 505,344 ----a-w C:\WINDOWS\system32\Setup\iis.dll
+ 2008-04-14 00:11:54 505,344 ----a-w C:\WINDOWS\system32\Setup\iis.dll
- 2004-08-04 09:00:00 115,712 ----a-w C:\WINDOWS\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:54 123,392 ----a-w C:\WINDOWS\system32\Setup\imsinsnt.dll
+ 2008-04-14 00:11:56 8,192 ----a-w C:\WINDOWS\system32\Setup\koc.dll
- 2004-08-04 09:00:00 82,432 ----a-w C:\WINDOWS\system32\Setup\msdtcstp.dll
+ 2008-04-14 00:11:59 90,112 ----a-w C:\WINDOWS\system32\Setup\msdtcstp.dll
- 2004-08-04 09:00:00 15,360 ----a-w C:\WINDOWS\system32\Setup\msgrocm.dll
+ 2008-04-14 00:11:59 15,360 ----a-w C:\WINDOWS\system32\Setup\msgrocm.dll
- 2004-08-04 09:00:00 77,312 ----a-w C:\WINDOWS\system32\Setup\netoc.dll
+ 2008-04-14 00:12:01 77,312 ----a-w C:\WINDOWS\system32\Setup\netoc.dll
- 2004-08-04 09:00:00 62,976 ----a-w C:\WINDOWS\system32\Setup\ntoc.dll
+ 2008-04-14 00:12:02 62,976 ----a-w C:\WINDOWS\system32\Setup\ntoc.dll
- 2004-08-04 09:00:00 15,872 ----a-w C:\WINDOWS\system32\Setup\ocgen.dll
+ 2008-04-14 00:12:02 15,360 ----a-w C:\WINDOWS\system32\Setup\ocgen.dll
- 2004-08-04 09:00:00 17,408 ----a-w C:\WINDOWS\system32\Setup\ocmsn.dll
+ 2008-04-14 00:12:02 17,408 ----a-w C:\WINDOWS\system32\Setup\ocmsn.dll
- 2004-08-04 09:00:00 101,376 ----a-w C:\WINDOWS\system32\Setup\setupqry.dll
+ 2008-04-14 00:12:05 101,376 ----a-w C:\WINDOWS\system32\Setup\setupqry.dll
- 2004-08-04 09:00:00 22,016 ----a-w C:\WINDOWS\system32\Setup\startoc.dll
+ 2008-04-14 00:12:07 26,624 ----a-w C:\WINDOWS\system32\Setup\startoc.dll
- 2004-08-04 09:00:00 121,856 ----a-w C:\WINDOWS\system32\Setup\tsoc.dll
+ 2008-04-14 00:12:07 130,048 ----a-w C:\WINDOWS\system32\Setup\tsoc.dll
- 2004-08-04 09:00:00 983,552 ----a-w C:\WINDOWS\system32\setupapi.dll
+ 2008-04-14 09:42:06 985,088 ----a-w C:\WINDOWS\system32\setupapi.dll
+ 2008-04-14 00:12:35 32,768 ------w C:\WINDOWS\system32\setupn.exe
- 2004-08-04 09:00:00 5,120 ----a-w C:\WINDOWS\system32\sfc.dll
+ 2008-04-14 00:12:05 5,120 ----a-w C:\WINDOWS\system32\sfc.dll
- 2004-08-04 09:00:00 140,288 ----a-w C:\WINDOWS\system32\sfc_os.dll
+ 2008-04-14 00:12:05 140,288 ----a-w C:\WINDOWS\system32\sfc_os.dll
- 2004-08-04 09:00:00 1,580,544 ----a-w C:\WINDOWS\system32\sfcfiles.dll
+ 2008-04-14 00:12:05 1,614,848 ----a-w C:\WINDOWS\system32\sfcfiles.dll
- 2004-08-04 09:00:00 549,376 ----a-w C:\WINDOWS\system32\shdoclc.dll
+ 2008-04-13 17:03:19 549,376 ----a-w C:\WINDOWS\system32\shdoclc.dll
- 2008-06-23 16:12:05 1,499,136 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2008-06-26 08:15:29 1,499,136 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2007-10-26 03:34:01 8,460,288 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2008-04-14 00:12:05 8,461,312 ----a-w C:\WINDOWS\system32\shell32.dll
- 2004-08-04 09:00:00 25,088 ----a-w C:\WINDOWS\system32\shfolder.dll
+ 2008-04-14 00:12:05 25,088 ----a-w C:\WINDOWS\system32\shfolder.dll
- 2004-08-04 09:00:00 68,096 ----a-w C:\WINDOWS\system32\shgina.dll
+ 2008-04-14 00:12:05 68,096 ----a-w C:\WINDOWS\system32\shgina.dll
- 2004-08-04 09:00:00 65,536 ----a-w C:\WINDOWS\system32\shimeng.dll
+ 2008-04-14 00:12:05 65,024 ----a-w C:\WINDOWS\system32\shimeng.dll
- 2004-08-04 09:00:00 438,272 ----a-w C:\WINDOWS\system32\shimgvw.dll
+ 2008-04-14 00:12:05 438,272 ----a-w C:\WINDOWS\system32\shimgvw.dll
- 2008-06-23 16:12:05 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2008-04-14 00:12:05 474,112 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2004-08-04 09:00:00 151,552 ----a-w C:\WINDOWS\system32\shmedia.dll
+ 2008-04-14 00:12:05 152,064 ----a-w C:\WINDOWS\system32\shmedia.dll
- 2004-08-04 09:00:00 42,496 ----a-w C:\WINDOWS\system32\shmgrate.exe
+ 2008-04-14 00:12:35 45,056 ----a-w C:\WINDOWS\system32\shmgrate.exe
- 2004-08-04 09:00:00 77,824 -c--a-w C:\WINDOWS\system32\shrpubw.exe
+ 2008-04-14 00:12:35 77,824 ----a-w C:\WINDOWS\system32\shrpubw.exe
- 2004-08-04 09:00:00 27,648 ----a-w C:\WINDOWS\system32\shscrap.dll
+ 2008-04-14 00:12:05 27,648 ----a-w C:\WINDOWS\system32\shscrap.dll
- 2006-12-19 21:52:18 134,656 ----a-w C:\WINDOWS\system32\shsvcs.dll
+ 2008-04-14 00:12:05 135,168 ----a-w C:\WINDOWS\system32\shsvcs.dll
- 2004-08-04 09:00:00 19,456 -c--a-w C:\WINDOWS\system32\shutdown.exe
+ 2008-04-14 00:12:35 19,456 ----a-w C:\WINDOWS\system32\shutdown.exe
- 2004-08-04 09:00:00 13,312 -c--a-w C:\WINDOWS\system32\sigtab.dll
+ 2008-04-14 00:12:05 13,312 ----a-w C:\WINDOWS\system32\sigtab.dll
- 2004-08-04 09:00:00 70,144 -c--a-w C:\WINDOWS\system32\sigverif.exe
+ 2008-04-14 00:12:35 70,144 ----a-w C:\WINDOWS\system32\sigverif.exe
- 2004-08-04 09:00:00 26,112 -c--a-w C:\WINDOWS\system32\skeys.exe
+ 2008-04-14 00:12:35 26,112 ----a-w C:\WINDOWS\system32\skeys.exe
- 2004-08-04 09:00:00 25,088 ----a-w C:\WINDOWS\system32\slayerxp.dll
+ 2008-04-14 00:12:06 25,088 ----a-w C:\WINDOWS\system32\slayerxp.dll
- 2004-08-04 09:00:00 98,304 ----a-w C:\WINDOWS\system32\slbiop.dll
+ 2008-04-14 00:12:06 98,304 ----a-w C:\WINDOWS\system32\slbiop.dll
+ 2008-04-14 00:12:06 73,832 ------w C:\WINDOWS\system32\slcoinst.dll
+ 2008-04-14 00:12:06 286,792 ------w C:\WINDOWS\system32\slextspk.dll
+ 2008-04-14 00:12:06 188,508 ------w C:\WINDOWS\system32\slgen.dll
+ 2008-04-14 00:12:35 32,866 ------w C:\WINDOWS\system32\slrundll.exe
+ 2008-04-14 00:12:35 73,796 ------w C:\WINDOWS\system32\slserv.exe
- 2004-08-04 09:00:00 8,192 -c--a-w C:\WINDOWS\system32\smbinst.exe
+ 2008-04-14 00:12:35 8,192 ----a-w C:\WINDOWS\system32\smbinst.exe
- 2004-08-04 09:00:00 363,008 -c--a-w C:\WINDOWS\system32\smlogcfg.dll
+ 2008-04-14 00:12:06 362,496 ----a-w C:\WINDOWS\system32\smlogcfg.dll
- 2004-08-04 09:00:00 89,600 ----a-w C:\WINDOWS\system32\smlogsvc.exe
+ 2008-04-14 00:12:35 89,600 ----a-w C:\WINDOWS\system32\smlogsvc.exe
- 2004-08-04 09:00:00 50,688 ----a-w C:\WINDOWS\system32\smss.exe
+ 2008-04-14 00:12:36 50,688 ----a-w C:\WINDOWS\system32\smss.exe
- 2004-08-04 09:00:00 131,584 -c--a-w C:\WINDOWS\system32\sndrec32.exe
+ 2008-04-14 00:12:36 131,584 ----a-w C:\WINDOWS\system32\sndrec32.exe
- 2004-08-04 09:00:00 18,944 -c--a-w C:\WINDOWS\system32\snmpapi.dll
+ 2008-04-14 00:12:06 18,944 ----a-w C:\WINDOWS\system32\snmpapi.dll
- 2004-08-04 09:00:00 182,272 -c--a-w C:\WINDOWS\system32\snmpsnap.dll
+ 2008-04-14 00:12:06 182,272 ----a-w C:\WINDOWS\system32\snmpsnap.dll
- 2004-08-04 09:00:00 23,552 -c--a-w C:\WINDOWS\system32\sort.exe
+ 2008-04-14 00:12:36 24,576 ----a-w C:\WINDOWS\system32\sort.exe
+ 2008-04-14 00:12:36 7,680 ----a-w C:\WINDOWS\system32\spdwnwxp.exe
- 2004-08-04 09:00:00 538,624 ----a-w C:\WINDOWS\system32\spider.exe
+ 2008-04-14 00:12:36 538,624 ----a-w C:\WINDOWS\system32\spider.exe
- 2004-08-04 09:00:00 11,776 -c--a-w C:\WINDOWS\system32\spnpinst.exe
+ 2008-04-14 09:42:38 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
- 2004-08-04 09:00:00 452,096 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\FXSAPI.DLL
+ 2008-04-14 00:11:53 451,584 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsapi.dll
- 2004-08-04 09:00:00 27,136 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\FXSDRV.DLL
+ 2008-04-14 00:11:54 26,624 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsdrv.dll
- 2004-08-04 09:00:00 6,656 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\FXSRES.DLL
+ 2008-04-14 00:09:33 6,656 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsres.dll
- 2004-08-04 09:00:00 397,312 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\FXSTIFF.DLL
+ 2008-04-14 00:11:54 397,312 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxstiff.dll
- 2004-08-04 09:00:00 154,112 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\FXSUI.DLL
+ 2008-04-14 00:11:54 154,112 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxsui.dll
- 2004-08-04 09:00:00 192,512 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\FXSWZRD.DLL
+ 2008-04-14 00:11:54 192,512 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\fxswzrd.dll
- 2004-08-04 04:56:44 87,552 -c--a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\HPFUD50.DLL
+ 2008-04-14 00:11:54 87,552 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\hpfud50.dll
- 2004-08-04 04:56:48 264,704 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRV.DLL
+ 2008-04-14 00:12:07 373,248 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrv.dll
- 2004-08-04 04:56:48 197,120 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
+ 2008-04-14 00:12:07 744,448 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrvui.dll
- 2004-08-04 04:56:36 619,520 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIRES.DLL
+ 2007-05-15 08:08:53 761,344 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unires.dll
- 2004-08-04 09:00:00 74,752 ----a-w C:\WINDOWS\system32\spoolss.dll
+ 2008-04-14 00:12:06 75,264 ----a-w C:\WINDOWS\system32\spoolss.dll
- 2007-12-26 02:26:22 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2007-08-11 00:46:18 26,488 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2008-04-14 00:12:36 20,992 ------w C:\WINDOWS\system32\spupdwxp.exe
- 2004-08-04 09:00:00 442,368 ----a-w C:\WINDOWS\system32\sqlsrv32.dll
+ 2008-04-14 00:12:06 442,368 ----a-w C:\WINDOWS\system32\sqlsrv32.dll
- 2004-08-04 09:00:00 180,800 ----a-w C:\WINDOWS\system32\sqlunirl.dll
+ 2008-04-14 00:12:06 180,800 ----a-w C:\WINDOWS\system32\sqlunirl.dll
- 2004-08-04 09:00:00 67,584 ----a-w C:\WINDOWS\system32\srclient.dll
+ 2008-04-14 00:12:07 67,584 ----a-w C:\WINDOWS\system32\srclient.dll
- 2004-08-04 09:00:00 239,104 ----a-w C:\WINDOWS\system32\srrstr.dll
+ 2008-04-14 00:12:07 239,104 ----a-w C:\WINDOWS\system32\srrstr.dll
- 2004-08-04 09:00:00 170,496 ----a-w C:\WINDOWS\system32\srsvc.dll
+ 2008-04-14 00:12:07 171,008 ----a-w C:\WINDOWS\system32\srsvc.dll
- 2004-12-07 19:32:34 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
+ 2008-04-14 00:12:07 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
- 2004-08-04 09:00:00 704,512 -c--a-w C:\WINDOWS\system32\ss3dfo.scr
+ 2008-04-14 00:12:43 704,512 ----a-w C:\WINDOWS\system32\ss3dfo.scr
- 2004-08-04 09:00:00 19,968 -c--a-w C:\WINDOWS\system32\ssbezier.scr
+ 2008-04-14 00:12:43 19,968 ----a-w C:\WINDOWS\system32\ssbezier.scr
- 2004-08-04 09:00:00 34,816 ----a-w C:\WINDOWS\system32\ssdpapi.dll
+ 2008-04-14 00:12:07 34,816 ----a-w C:\WINDOWS\system32\ssdpapi.dll
- 2004-08-04 09:00:00 71,680 ----a-w C:\WINDOWS\system32\ssdpsrv.dll
+ 2008-04-14 00:12:07 71,680 ----a-w C:\WINDOWS\system32\ssdpsrv.dll
- 2004-08-04 09:00:00 393,216 -c--a-w C:\WINDOWS\system32\ssflwbox.scr
+ 2008-04-14 00:12:43 393,216 ----a-w C:\WINDOWS\system32\ssflwbox.scr
- 2004-08-04 09:00:00 20,992 -c--a-w C:\WINDOWS\system32\ssmarque.scr
+ 2008-04-14 00:12:44 20,992 ----a-w C:\WINDOWS\system32\ssmarque.scr
- 2004-08-04 09:00:00 47,104 -c--a-w C:\WINDOWS\system32\ssmypics.scr
+ 2008-04-14 00:12:44 47,104 ----a-w C:\WINDOWS\system32\ssmypics.scr
- 2004-08-04 09:00:00 18,944 -c--a-w C:\WINDOWS\system32\ssmyst.scr
+ 2008-04-14 00:12:44 18,944 ----a-w C:\WINDOWS\system32\ssmyst.scr
- 2004-08-04 09:00:00 610,304 -c--a-w C:\WINDOWS\system32\sspipes.scr
+ 2008-04-14 00:12:44 610,304 ----a-w C:\WINDOWS\system32\sspipes.scr
- 2004-08-04 09:00:00 14,336 -c--a-w C:\WINDOWS\system32\ssstars.scr
+ 2008-04-14 00:12:44 14,336 ----a-w C:\WINDOWS\system32\ssstars.scr
- 2004-08-04 09:00:00 679,936 -c--a-w C:\WINDOWS\system32\sstext3d.scr
+ 2008-04-14 00:12:44 679,936 ----a-w C:\WINDOWS\system32\sstext3d.scr
- 2004-08-04 09:00:00 54,272 -c--a-w C:\WINDOWS\system32\stclient.dll
+ 2008-04-14 00:12:07 59,392 ----a-w C:\WINDOWS\system32\stclient.dll
- 2004-08-04 09:00:00 67,584 ----a-w C:\WINDOWS\system32\sti.dll
+ 2008-04-14 00:12:07 68,096 ----a-w C:\WINDOWS\system32\sti.dll
- 2004-08-04 09:00:00 136,704 ----a-w C:\WINDOWS\system32\sti_ci.dll
+ 2008-04-14 00:12:07 136,704 ----a-w C:\WINDOWS\system32\sti_ci.dll
- 2004-08-04 09:00:00 14,848 -c--a-w C:\WINDOWS\system32\stimon.exe
+ 2008-04-14 00:12:36 14,848 ----a-w C:\WINDOWS\system32\stimon.exe
- 2004-08-04 09:00:00 121,856 ----a-w C:\WINDOWS\system32\stobject.dll
+ 2008-04-14 00:12:07 121,856 ----a-w C:\WINDOWS\system32\stobject.dll
- 2004-08-04 04:56:46 74,752 ----a-w C:\WINDOWS\system32\storprop.dll
+ 2008-04-14 00:12:07 74,752 ----a-w C:\WINDOWS\system32\storprop.dll
- 2006-08-21 14:52:08 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
+ 2008-04-14 00:12:07 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
- 2004-08-04 09:00:00 75,776 ----a-w C:\WINDOWS\system32\strmfilt.dll
+ 2008-04-14 00:12:07 75,776 ----a-w C:\WINDOWS\system32\strmfilt.dll
- 2006-10-19 13:56:32 713,216 ----a-w C:\WINDOWS\system32\sxs.dll
+ 2008-04-14 00:12:07 713,216 ----a-w C:\WINDOWS\system32\sxs.dll
- 2004-08-04 09:00:00 57,856 -c--a-w C:\WINDOWS\system32\synceng.dll
+ 2008-04-14 00:12:07 57,856 ----a-w C:\WINDOWS\system32\synceng.dll
- 2004-08-04 09:00:00 191,488 ----a-w C:\WINDOWS\system32\syncui.dll
+ 2008-04-14 00:12:07 191,488 ----a-w C:\WINDOWS\system32\syncui.dll
- 2004-08-04 09:00:00 105,984 -c--a-w C:\WINDOWS\system32\sysocmgr.exe
+ 2008-04-14 00:12:37 106,496 ----a-w C:\WINDOWS\system32\sysocmgr.exe
- 2004-08-04 09:00:00 984,576 ----a-w C:\WINDOWS\system32\syssetup.dll
+ 2008-04-14 00:12:07 990,208 ----a-w C:\WINDOWS\system32\syssetup.dll
- 2005-10-17 21:14:46 118,272 -c--a-w C:\WINDOWS\system32\t2embed.dll
+ 2008-04-14 00:12:07 117,760 ----a-w C:\WINDOWS\system32\t2embed.dll
- 2004-08-04 09:00:00 858,624 -c--a-w C:\WINDOWS\system32\tapi3.dll
+ 2008-04-14 00:12:07 858,624 ----a-w C:\WINDOWS\system32\tapi3.dll
- 2004-08-04 09:00:00 181,760 ----a-w C:\WINDOWS\system32\tapi32.dll
+ 2008-04-14 00:12:07 181,760 ----a-w C:\WINDOWS\system32\tapi32.dll
- 2005-07-08 16:27:56 249,344 ----a-w C:\WINDOWS\system32\tapisrv.dll
+ 2008-04-14 00:12:07 249,856 ----a-w C:\WINDOWS\system32\tapisrv.dll
- 2004-08-04 09:00:00 135,680 ----a-w C:\WINDOWS\system32\taskmgr.exe
+ 2008-04-14 00:12:37 135,680 ----a-w C:\WINDOWS\system32\taskmgr.exe
- 2004-08-04 09:00:00 14,848 -c--a-w C:\WINDOWS\system32\tcpmib.dll
+ 2008-04-14 00:12:07 14,848 ----a-w C:\WINDOWS\system32\tcpmib.dll
- 2004-08-04 09:00:00 45,568 ----a-w C:\WINDOWS\system32\tcpmon.dll
+ 2008-04-14 00:12:07 45,568 ----a-w C:\WINDOWS\system32\tcpmon.dll
- 2004-08-04 09:00:00 45,568 -c--a-w C:\WINDOWS\system32\tcpmonui.dll
+ 2008-04-14 00:12:07 45,568 ----a-w C:\WINDOWS\system32\tcpmonui.dll
- 2005-05-10 23:45:48 75,776 -c--a-w C:\WINDOWS\system32\telnet.exe
+ 2008-04-14 00:12:37 75,776 ----a-w C:\WINDOWS\system32\telnet.exe
- 2004-08-04 09:00:00 358,400 -c--a-w C:\WINDOWS\system32\termmgr.dll
+ 2008-04-14 00:12:07 358,400 ----a-w C:\WINDOWS\system32\termmgr.dll
- 2004-08-04 09:00:00 295,424 ----a-w C:\WINDOWS\system32\termsrv.dll
+ 2008-04-14 00:12:07 295,424 ----a-w C:\WINDOWS\system32\termsrv.dll
- 2004-08-04 09:00:00 385,536 ----a-w C:\WINDOWS\system32\themeui.dll
+ 2008-04-14 00:12:07 385,536 ----a-w C:\WINDOWS\system32\themeui.dll
- 2004-08-04 09:00:00 347,136 ----a-w C:\WINDOWS\system32\tourstart.exe
+ 2008-04-14 00:12:38 347,136 ----a-w C:\WINDOWS\system32\tourstart.exe
- 2004-08-04 09:00:00 12,288 -c--a-w C:\WINDOWS\system32\tracert.exe
+ 2008-04-14 00:12:38 12,288 ----a-w C:\WINDOWS\system32\tracert.exe
- 2004-08-04 09:00:00 11,264 -c--a-w C:\WINDOWS\system32\tree.com
+ 2008-04-14 00:12:42 12,800 ----a-w C:\WINDOWS\system32\tree.com
- 2004-08-04 09:00:00 90,624 ----a-w C:\WINDOWS\system32\trkwks.dll
+ 2008-04-14 00:12:07 90,112 ----a-w C:\WINDOWS\system32\trkwks.dll
- 2004-08-04 09:00:00 93,696 -c--a-w C:\WINDOWS\system32\tscfgwmi.dll
+ 2008-04-14 00:12:07 93,696 ----a-w C:\WINDOWS\system32\tscfgwmi.dll
- 2004-08-04 09:00:00 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
+ 2008-04-14 00:13:21 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
+ 2008-04-14 00:12:07 53,248 ------w C:\WINDOWS\system32\tsgqec.dll
+ 2008-04-14 00:12:07 50,688 ------w C:\WINDOWS\system32\tspkg.dll
- 2004-08-04 09:00:00 44,032 ----a-w C:\WINDOWS\system32\twext.dll
+ 2008-04-14 00:12:07 57,856 ----a-w C:\WINDOWS\system32\twext.dll
- 2005-07-26 04:39:49 101,376 -c--a-w C:\WINDOWS\system32\txflog.dll
+ 2008-04-14 00:12:07 101,376 ----a-w C:\WINDOWS\system32\txflog.dll
- 2008-07-14 11:09:18 62,976 ------w C:\WINDOWS\system32\tzchange.exe
+ 2008-04-14 00:12:38 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2004-08-04 09:00:00 25,600 -c--a-w C:\WINDOWS\system32\udhisapi.dll
+ 2008-04-14 00:12:07 26,624 ----a-w C:\WINDOWS\system32\udhisapi.dll
- 2004-08-04 09:00:00 275,456 -c--a-w C:\WINDOWS\system32\ulib.dll
+ 2008-04-14 00:12:07 275,456 ----a-w C:\WINDOWS\system32\ulib.dll
- 2004-08-04 09:00:00 35,840 -c--a-w C:\WINDOWS\system32\umandlg.dll
+ 2008-04-14 00:12:07 35,840 ----a-w C:\WINDOWS\system32\umandlg.dll
- 2005-08-23 03:35:42 123,392 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
+ 2008-04-14 00:12:07 123,392 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
- 2004-08-04 09:00:00 74,240 -c--a-w C:\WINDOWS\system32\unimdmat.dll
+ 2008-04-14 00:12:07 74,240 ----a-w C:\WINDOWS\system32\unimdmat.dll
- 2004-08-04 09:00:00 13,824 ----a-w C:\WINDOWS\system32\uniplat.dll
+ 2008-04-14 00:12:07 13,824 ----a-w C:\WINDOWS\system32\uniplat.dll
- 2004-08-04 09:00:00 316,416 -c--a-w C:\WINDOWS\system32\untfs.dll
+ 2008-04-14 00:12:07 316,416 ----a-w C:\WINDOWS\system32\untfs.dll
- 2004-08-04 09:00:00 132,608 ----a-w C:\WINDOWS\system32\upnp.dll
+ 2008-04-14 00:12:08 133,632 ----a-w C:\WINDOWS\system32\upnp.dll
- 2004-08-04 09:00:00 16,896 -c--a-w C:\WINDOWS\system32\upnpcont.exe
+ 2008-04-14 00:12:38 16,896 ----a-w C:\WINDOWS\system32\upnpcont.exe
- 2007-02-05 20:17:02 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll
+ 2008-04-14 00:12:08 185,856 ----a-w C:\WINDOWS\system32\upnphost.dll
- 2004-08-04 09:00:00 239,616 ----a-w C:\WINDOWS\system32\upnpui.dll
+ 2008-04-14 00:12:08 239,616 ----a-w C:\WINDOWS\system32\upnpui.dll
- 2004-08-04 09:00:00 18,432 ----a-w C:\WINDOWS\system32\ups.exe
+ 2008-04-14 00:12:38 18,432 ----a-w C:\WINDOWS\system32\ups.exe
- 2004-08-04 09:00:00 37,888 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-04-14 00:12:08 37,888 ----a-w C:\WINDOWS\system32\url.dll
- 2008-06-23 16:12:06 618,496 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-06-26 08:15:30 619,520 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2004-08-04 09:00:00 16,896 ----a-w C:\WINDOWS\system32\usbmon.dll
+ 2008-04-14 00:12:08 16,896 ----a-w C:\WINDOWS\system32\usbmon.dll
- 2004-08-04 04:56:48 74,240 -c--a-w C:\WINDOWS\system32\usbui.dll
+ 2008-04-14 00:12:08 74,240 ----a-w C:\WINDOWS\system32\usbui.dll
- 2007-03-08 15:36:28 577,536 ----a-w C:\WINDOWS\system32\user32.dll
+ 2008-04-14 00:12:08 578,560 ----a-w C:\WINDOWS\system32\user32.dll
- 2004-08-04 09:00:00 723,456 ----a-w C:\WINDOWS\system32\userenv.dll
+ 2008-04-14 00:12:08 727,040 ----a-w C:\WINDOWS\system32\userenv.dll
- 2004-08-04 09:00:00 24,576 ----a-w C:\WINDOWS\system32\userinit.exe
+ 2008-04-14 00:12:38 26,112 ----a-w C:\WINDOWS\system32\userinit.exe
+ 2008-04-13 16:44:16 17,920 ------w C:\WINDOWS\system32\usmt\cobramsg.dll
- 2004-08-04 09:00:00 123,904 -c--a-w C:\WINDOWS\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 133,120 ----a-w C:\WINDOWS\system32\usmt\guitrn.dll
+ 2008-04-14 00:11:54 115,200 ------w C:\WINDOWS\system32\usmt\guitrna.dll
- 2004-08-04 09:00:00 4,096 -c--a-w C:\WINDOWS\system32\usmt\iconlib.dll
+ 2008-04-13 16:44:29 2,560 ----a-w C:\WINDOWS\system32\usmt\iconlib.dll
- 2004-08-04 09:00:00 19,968 -c--a-w C:\WINDOWS\system32\usmt\log.dll
+ 2008-04-14 00:11:56 19,968 ----a-w C:\WINDOWS\system32\usmt\log.dll
- 2004-08-04 09:00:00 201,216 -c--a-w C:\WINDOWS\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 274,432 ----a-w C:\WINDOWS\system32\usmt\migism.dll
+ 2008-04-14 00:11:57 261,120 ------w C:\WINDOWS\system32\usmt\migisma.dll
- 2004-08-04 09:00:00 103,424 -c--a-w C:\WINDOWS\system32\usmt\migload.exe
+ 2008-04-14 00:12:25 103,936 ----a-w C:\WINDOWS\system32\usmt\migload.exe
- 2004-08-04 09:00:00 240,128 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 245,248 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
+ 2008-04-14 00:12:25 241,152 ------w C:\WINDOWS\system32\usmt\migwiza.exe
- 2004-08-04 09:00:00 202,752 -c--a-w C:\WINDOWS\system32\usmt\script.dll
+ 2008-04-14 00:12:05 215,552 ----a-w C:\WINDOWS\system32\usmt\script.dll
+ 2008-04-14 00:12:05 199,680 ------w C:\WINDOWS\system32\usmt\scripta.dll
- 2004-08-04 09:00:00 168,960 -c--a-w C:\WINDOWS\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 193,024 ----a-w C:\WINDOWS\system32\usmt\sysmod.dll
+ 2008-04-14 00:12:07 173,568 ------w C:\WINDOWS\system32\usmt\sysmoda.dll
- 2004-08-04 09:00:00 406,528 ----a-w C:\WINDOWS\system32\usp10.dll
+ 2008-04-14 00:12:08 406,016 ----a-w C:\WINDOWS\system32\usp10.dll
- 2004-08-04 09:00:00 50,176 -c--a-w C:\WINDOWS\system32\utilman.exe
+ 2008-04-14 00:12:38 50,176 ----a-w C:\WINDOWS\system32\utilman.exe
- 2004-08-04 09:00:00 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
+ 2008-04-14 00:12:08 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
- 2004-08-04 09:00:00 30,749 ----a-w C:\WINDOWS\system32\vbajet32.dll
+ 2008-04-14 00:12:08 30,749 ----a-w C:\WINDOWS\system32\vbajet32.dll
- 2007-12-18 14:40:58 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2008-04-14 00:12:08 434,176 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2004-08-04 09:00:00 26,112 ----a-w C:\WINDOWS\system32\vdmdbg.dll
+ 2008-04-14 00:12:08 26,112 ----a-w C:\WINDOWS\system32\vdmdbg.dll
- 2004-08-04 09:00:00 51,712 -c--a-w C:\WINDOWS\system32\vdmredir.dll
+ 2008-04-14 00:12:08 51,712 ----a-w C:\WINDOWS\system32\vdmredir.dll
- 2006-03-17 00:38:01 28,672 ------w C:\WINDOWS\system32\verclsid.exe
+ 2008-04-14 00:12:38 28,672 ------w C:\WINDOWS\system32\verclsid.exe
- 2004-08-04 09:00:00 13,312 -c--a-w C:\WINDOWS\system32\verifier.dll
+ 2008-04-14 00:12:08 26,624 ----a-w C:\WINDOWS\system32\verifier.dll
- 2004-08-04 09:00:00 18,944 ----a-w C:\WINDOWS\system32\version.dll
+ 2008-04-14 00:12:08 18,944 ----a-w C:\WINDOWS\system32\version.dll
- 2004-08-04 09:00:00 430,592 ----a-w C:\WINDOWS\system32\vssapi.dll
+ 2008-04-14 00:12:08 430,592 ----a-w C:\WINDOWS\system32\vssapi.dll
- 2004-08-04 09:00:00 289,792 ----a-w C:\WINDOWS\system32\vssvc.exe
+ 2008-04-14 00:12:38 289,792 ----a-w C:\WINDOWS\system32\vssvc.exe
- 2004-08-04 09:00:00 174,592 ----a-w C:\WINDOWS\system32\w32time.dll
+ 2008-04-14 00:12:08 175,104 ----a-w C:\WINDOWS\system32\w32time.dll
- 2004-08-04 09:00:00 15,872 ----a-w C:\WINDOWS\system32\w3ssl.dll
+ 2008-04-14 00:12:08 15,872 ----a-w C:\WINDOWS\system32\w3ssl.dll
- 2004-08-04 09:00:00 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
+ 2008-04-13 18:44:59 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
- 2004-08-04 09:00:00 208,896 -c--a-w C:\WINDOWS\system32\wavemsp.dll
+ 2008-04-14 00:12:08 215,552 ----a-w C:\WINDOWS\system32\wavemsp.dll
- 2004-08-04 09:00:00 1,352,192 ----a-w C:\WINDOWS\system32\wbem\cimwin32.dll
+ 2008-04-14 00:11:50 1,358,848 ----a-w C:\WINDOWS\system32\wbem\cimwin32.dll
- 2004-08-04 09:00:00 247,808 ----a-w C:\WINDOWS\system32\wbem\esscli.dll
+ 2008-04-14 00:11:53 247,808 ----a-w C:\WINDOWS\system32\wbem\esscli.dll
- 2004-08-04 09:00:00 22,016 -c--a-w C:\WINDOWS\system32\wbem\evntrprv.dll
+ 2008-04-14 00:11:53 21,504 ----a-w C:\WINDOWS\system32\wbem\evntrprv.dll
- 2004-08-04 09:00:00 472,064 ----a-w C:\WINDOWS\system32\wbem\fastprox.dll
+ 2008-04-14 00:11:53 472,064 ----a-w C:\WINDOWS\system32\wbem\fastprox.dll
- 2004-08-04 09:00:00 185,856 ----a-w C:\WINDOWS\system32\wbem\framedyn.dll
+ 2008-04-14 00:11:53 185,344 ----a-w C:\WINDOWS\system32\wbem\framedyn.dll
- 2004-08-04 09:00:00 24,576 -c--a-w C:\WINDOWS\system32\wbem\krnlprov.dll
+ 2008-04-14 00:11:56 24,576 ----a-w C:\WINDOWS\system32\wbem\krnlprov.dll
- 2004-08-04 09:00:00 16,384 -c--a-w C:\WINDOWS\system32\wbem\mofcomp.exe
+ 2008-04-14 00:12:26 16,384 ----a-w C:\WINDOWS\system32\wbem\mofcomp.exe
- 2004-08-04 09:00:00 123,904 ----a-w C:\WINDOWS\system32\wbem\mofd.dll
+ 2008-04-14 00:11:57 123,904 ----a-w C:\WINDOWS\system32\wbem\mofd.dll
- 2004-08-04 09:00:00 47,104 ----a-w C:\WINDOWS\system32\wbem\ncprov.dll
+ 2008-04-14 00:12:01 47,104 ----a-w C:\WINDOWS\system32\wbem\ncprov.dll
- 2004-08-04 09:00:00 212,992 -c--a-w C:\WINDOWS\system32\wbem\ntevt.dll
+ 2008-04-14 00:12:02 212,992 ----a-w C:\WINDOWS\system32\wbem\ntevt.dll
- 2004-08-04 09:00:00 237,056 -c--a-w C:\WINDOWS\system32\wbem\provthrd.dll
+ 2008-04-14 00:12:03 237,056 ----a-w C:\WINDOWS\system32\wbem\provthrd.dll
- 2004-08-04 09:00:00 177,152 ----a-w C:\WINDOWS\system32\wbem\repdrvfs.dll
+ 2008-04-14 00:12:04 178,176 ----a-w C:\WINDOWS\system32\wbem\repdrvfs.dll
- 2004-08-04 09:00:00 36,864 -c--a-w C:\WINDOWS\system32\wbem\scrcons.exe
+ 2008-04-14 00:12:34 36,352 ----a-w C:\WINDOWS\system32\wbem\scrcons.exe
- 2004-08-04 09:00:00 86,528 -c--a-w C:\WINDOWS\system32\wbem\stdprov.dll
+ 2008-04-14 00:12:07 86,528 ----a-w C:\WINDOWS\system32\wbem\stdprov.dll
- 2004-08-04 09:00:00 131,584 -c--a-w C:\WINDOWS\system32\wbem\viewprov.dll
+ 2008-04-14 00:12:08 131,584 ----a-w C:\WINDOWS\system32\wbem\viewprov.dll
- 2004-08-04 09:00:00 196,608 -c--a-w C:\WINDOWS\system32\wbem\wbemcntl.dll
+ 2008-04-14 00:12:08 196,608 ----a-w C:\WINDOWS\system32\wbem\wbemcntl.dll
- 2004-08-04 09:00:00 214,528 ----a-w C:\WINDOWS\system32\wbem\wbemcomn.dll
+ 2008-04-14 00:12:08 214,528 ----a-w C:\WINDOWS\system32\wbem\wbemcomn.dll
- 2004-08-04 09:00:00 71,680 ----a-w C:\WINDOWS\system32\wbem\wbemcons.dll
+ 2008-04-14 00:12:08 71,680 ----a-w C:\WINDOWS\system32\wbem\wbemcons.dll
- 2004-08-04 09:00:00 530,944 ----a-w C:\WINDOWS\system32\wbem\wbemcore.dll
+ 2008-04-14 00:12:08 531,456 ----a-w C:\WINDOWS\system32\wbem\wbemcore.dll
- 2004-08-04 09:00:00 178,176 -c--a-w C:\WINDOWS\system32\wbem\wbemdisp.dll
+ 2008-04-14 00:12:08 178,176 ----a-w C:\WINDOWS\system32\wbem\wbemdisp.dll
- 2004-08-04 09:00:00 273,920 ----a-w C:\WINDOWS\system32\wbem\wbemess.dll
+ 2008-04-14 00:12:08 273,920 ----a-w C:\WINDOWS\system32\wbem\wbemess.dll
- 2004-08-04 09:00:00 43,008 -c--a-w C:\WINDOWS\system32\wbem\wbemperf.dll
+ 2008-04-14 00:12:08 43,008 ----a-w C:\WINDOWS\system32\wbem\wbemperf.dll
- 2004-08-04 09:00:00 18,944 ----a-w C:\WINDOWS\system32\wbem\wbemprox.dll
+ 2008-04-14 00:12:08 18,944 ----a-w C:\WINDOWS\system32\wbem\wbemprox.dll
- 2004-08-04 09:00:00 43,520 ----a-w C:\WINDOWS\system32\wbem\wbemsvc.dll
+ 2008-04-14 00:12:08 43,520 ----a-w C:\WINDOWS\system32\wbem\wbemsvc.dll
- 2004-08-04 09:00:00 116,224 -c--a-w C:\WINDOWS\system32\wbem\wbemtest.exe
+ 2008-04-14 00:12:39 116,224 ----a-w C:\WINDOWS\system32\wbem\wbemtest.exe
- 2004-08-04 09:00:00 197,120 -c--a-w C:\WINDOWS\system32\wbem\wbemupgd.dll
+ 2008-04-14 00:12:08 197,120 ----a-w C:\WINDOWS\system32\wbem\wbemupgd.dll
- 2004-08-04 09:00:00 196,608 ----a-w C:\WINDOWS\system32\wbem\wmiadap.exe
+ 2008-04-14 00:12:40 196,608 ----a-w C:\WINDOWS\system32\wbem\wmiadap.exe
- 2004-08-04 09:00:00 6,656 -c--a-w C:\WINDOWS\system32\wbem\wmiapres.dll
+ 2008-04-13 17:10:20 6,656 ----a-w C:\WINDOWS\system32\wbem\wmiapres.dll
- 2004-08-04 09:00:00 89,088 -c--a-w C:\WINDOWS\system32\wbem\wmiaprpl.dll
+ 2008-04-14 00:12:09 88,576 ----a-w C:\WINDOWS\system32\wbem\wmiaprpl.dll
- 2004-08-04 09:00:00 126,464 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe
+ 2008-04-14 00:12:40 126,464 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe
- 2004-08-04 09:00:00 60,928 -c--a-w C:\WINDOWS\system32\wbem\wmicookr.dll
+ 2008-04-14 00:12:09 60,928 ----a-w C:\WINDOWS\system32\wbem\wmicookr.dll
- 2004-08-04 09:00:00 140,800 -c--a-w C:\WINDOWS\system32\wbem\wmidcprv.dll
+ 2008-04-14 00:12:09 140,800 ----a-w C:\WINDOWS\system32\wbem\wmidcprv.dll
- 2004-08-04 09:00:00 156,672 -c--a-w C:\WINDOWS\system32\wbem\wmipcima.dll
+ 2008-04-14 00:12:09 156,672 ----a-w C:\WINDOWS\system32\wbem\wmipcima.dll
- 2004-08-04 09:00:00 132,096 -c--a-w C:\WINDOWS\system32\wbem\wmipdskq.dll
+ 2008-04-14 00:12:09 132,096 ----a-w C:\WINDOWS\system32\wbem\wmipdskq.dll
- 2004-08-04 09:00:00 62,464 -c--a-w C:\WINDOWS\system32\wbem\wmipiprt.dll
+ 2008-04-14 00:12:09 61,952 ----a-w C:\WINDOWS\system32\wbem\wmipiprt.dll
- 2004-08-04 09:00:00 62,976 -c--a-w C:\WINDOWS\system32\wbem\wmipjobj.dll
+ 2008-04-14 00:12:09 62,464 ----a-w C:\WINDOWS\system32\wbem\wmipjobj.dll
- 2004-08-04 09:00:00 144,896 ----a-w C:\WINDOWS\system32\wbem\wmiprov.dll
+ 2008-04-14 00:12:09 144,896 ----a-w C:\WINDOWS\system32\wbem\wmiprov.dll
- 2004-08-04 09:00:00 437,248 ----a-w C:\WINDOWS\system32\wbem\wmiprvsd.dll
+ 2008-04-14 00:12:09 437,248 ----a-w C:\WINDOWS\system32\wbem\wmiprvsd.dll
- 2004-08-04 09:00:00 218,112 ----a-w C:\WINDOWS\system32\wbem\wmiprvse.exe
+ 2008-04-14 00:12:40 218,112 ----a-w C:\WINDOWS\system32\wbem\wmiprvse.exe
- 2004-08-04 09:00:00 41,472 -c--a-w C:\WINDOWS\system32\wbem\wmipsess.dll
+ 2008-04-14 00:12:09 41,472 ----a-w C:\WINDOWS\system32\wbem\wmipsess.dll
- 2004-08-04 09:00:00 144,896 ----a-w C:\WINDOWS\system32\wbem\wmisvc.dll
+ 2008-04-14 00:12:09 144,896 ----a-w C:\WINDOWS\system32\wbem\wmisvc.dll
- 2004-08-04 09:00:00 95,232 ----a-w C:\WINDOWS\system32\wbem\wmiutils.dll
+ 2008-04-14 00:12:09 95,232 ----a-w C:\WINDOWS\system32\wbem\wmiutils.dll
- 2004-08-04 09:00:00 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
+ 2008-04-14 00:12:08 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll
- 2004-08-04 09:00:00 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
+ 2008-04-14 00:12:45 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
- 2004-08-04 09:00:00 276,480 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-04-14 00:12:08 276,480 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2006-01-04 03:35:05 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll
+ 2008-04-14 00:12:08 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll
- 2004-08-04 09:00:00 135,680 -c--a-w C:\WINDOWS\system32\webvw.dll
+ 2008-04-14 00:12:08 135,680 ----a-w C:\WINDOWS\system32\webvw.dll
- 2004-08-04 09:00:00 65,536 -c--a-w C:\WINDOWS\system32\wextract.exe
+ 2008-04-14 00:12:39 65,024 ----a-w C:\WINDOWS\system32\wextract.exe
- 2004-08-04 09:00:00 433,664 -c--a-w C:\WINDOWS\system32\wiaacmgr.exe
+ 2008-04-14 00:12:39 433,664 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
- 2004-08-04 09:00:00 463,360 ----a-w C:\WINDOWS\system32\wiadefui.dll
+ 2008-04-14 00:12:08 463,360 ----a-w C:\WINDOWS\system32\wiadefui.dll
- 2004-08-04 09:00:00 124,416 ----a-w C:\WINDOWS\system32\wiadss.dll
+ 2008-04-14 00:12:08 124,416 ----a-w C:\WINDOWS\system32\wiadss.dll
- 2004-08-04 09:00:00 75,776 ----a-w C:\WINDOWS\system32\wiascr.dll
+ 2008-04-14 00:12:08 75,776 ----a-w C:\WINDOWS\system32\wiascr.dll
- 2006-12-19 18:16:47 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
+ 2008-04-14 00:12:08 333,824 ----a-w C:\WINDOWS\system32\wiaservc.dll
- 2004-08-04 09:00:00 589,312 ----a-w C:\WINDOWS\system32\wiashext.dll
+ 2008-04-14 00:12:08 589,312 ----a-w C:\WINDOWS\system32\wiashext.dll
- 2004-08-04 09:00:00 111,104 -c--a-w C:\WINDOWS\system32\wiavideo.dll
+ 2008-04-14 00:12:08 111,104 ----a-w C:\WINDOWS\system32\wiavideo.dll
- 2008-03-19 09:47:00 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
+ 2008-04-13 19:30:10 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
- 2004-08-04 09:00:00 101,888 ----a-w C:\WINDOWS\system32\win32spl.dll
+ 2008-04-14 00:12:08 102,400 ----a-w C:\WINDOWS\system32\win32spl.dll
- 2004-08-04 09:00:00 937,984 -c--a-w C:\WINDOWS\system32\winbrand.dll
+ 2008-04-13 16:48:53 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
+ 2008-04-14 00:12:08 712,704 ------w C:\WINDOWS\system32\windowscodecs.dll
+ 2008-04-14 00:12:08 346,112 ------w C:\WINDOWS\system32\windowscodecsext.dll
- 2004-08-04 09:00:00 351,232 ----a-w C:\WINDOWS\system32\winhttp.dll
+ 2008-04-14 00:12:08 354,304 ----a-w C:\WINDOWS\system32\winhttp.dll
- 2008-06-23 16:12:08 667,136 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-06-23 15:09:27 666,112 ----a-w C:\WINDOWS\system32\wininet.dll
- 2004-08-04 09:00:00 32,768 ----a-w C:\WINDOWS\system32\winipsec.dll
+ 2008-04-14 00:12:09 32,256 ----a-w C:\WINDOWS\system32\winipsec.dll
- 2004-08-04 09:00:00 176,128 ----a-w C:\WINDOWS\system32\winmm.dll
+ 2008-04-14 00:12:09 176,128 ----a-w C:\WINDOWS\system32\winmm.dll
- 2004-08-04 09:00:00 764,928 -c--a-w C:\WINDOWS\system32\winntbbu.dll
+ 2008-04-14 00:11:11 756,224 ----a-w C:\WINDOWS\system32\winntbbu.dll
- 2004-08-04 09:00:00 16,896 ----a-w C:\WINDOWS\system32\winrnr.dll
+ 2008-04-14 00:12:09 16,896 ----a-w C:\WINDOWS\system32\winrnr.dll
- 2004-08-04 09:00:00 99,328 ----a-w C:\WINDOWS\system32\winscard.dll
+ 2008-04-14 00:12:09 99,328 ----a-w C:\WINDOWS\system32\winscard.dll
- 2004-08-04 09:00:00 17,408 ----a-w C:\WINDOWS\system32\winshfhc.dll
+ 2008-04-14 00:12:09 17,408 ----a-w C:\WINDOWS\system32\winshfhc.dll
- 2004-08-04 09:00:00 146,432 ----a-w C:\WINDOWS\system32\winspool.drv
+ 2008-04-14 00:12:45 146,432 ----a-w C:\WINDOWS\system32\winspool.drv
- 2007-03-17 13:43:01 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
+ 2008-04-14 00:12:09 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
- 2004-08-04 09:00:00 53,760 ----a-w C:\WINDOWS\system32\winsta.dll
+ 2008-04-14 00:12:09 53,760 ----a-w C:\WINDOWS\system32\winsta.dll
- 2004-08-04 09:00:00 176,640 ----a-w C:\WINDOWS\system32\wintrust.dll
+ 2008-04-14 00:12:09 176,640 ----a-w C:\WINDOWS\system32\wintrust.dll
- 2004-08-04 09:00:00 5,632 -c--a-w C:\WINDOWS\system32\winver.exe
+ 2008-04-14 00:12:40 5,632 ----a-w C:\WINDOWS\system32\winver.exe
- 2006-08-17 12:28:27 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
+ 2008-04-14 00:12:09 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
+ 2008-04-14 00:12:09 69,120 ------w C:\WINDOWS\system32\wlanapi.dll
- 2004-08-04 09:00:00 172,032 ----a-w C:\WINDOWS\system32\wldap32.dll
+ 2008-04-14 00:12:09 172,032 ----a-w C:\WINDOWS\system32\wldap32.dll
- 2004-08-04 09:00:00 92,672 ----a-w C:\WINDOWS\system32\wlnotify.dll
+ 2008-04-14 00:12:09 92,672 ----a-w C:\WINDOWS\system32\wlnotify.dll
- 2004-08-04 09:00:00 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
+ 2008-04-14 00:11:15 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
+ 2008-04-14 00:12:09 276,992 ------w C:\WINDOWS\system32\wmphoto.dll
- 2004-08-04 09:00:00 115,200 -c--a-w C:\WINDOWS\system32\wmsdmoe.dll
+ 2008-04-14 00:12:09 115,200 ----a-w C:\WINDOWS\system32\wmsdmoe.dll
- 2004-08-04 09:00:00 303,616 -c--a-w C:\WINDOWS\system32\wmstream.dll
+ 2008-04-14 00:12:10 303,616 ----a-w C:\WINDOWS\system32\wmstream.dll
- 2004-08-04 09:00:00 264,192 ----a-w C:\WINDOWS\system32\wow32.dll
+ 2008-04-14 00:12:10 264,192 ----a-w C:\WINDOWS\system32\wow32.dll
- 2004-08-04 09:00:00 32,256 -c--a-w C:\WINDOWS\system32\wpabaln.exe
+ 2008-04-14 00:12:40 32,256 ----a-w C:\WINDOWS\system32\wpabaln.exe
- 2004-08-04 09:00:00 32,256 -c--a-w C:\WINDOWS\system32\wpnpinst.exe
+ 2008-04-14 00:12:41 11,264 ----a-w C:\WINDOWS\system32\wpnpinst.exe
- 2004-08-04 09:00:00 82,944 ----a-w C:\WINDOWS\system32\ws2_32.dll
+ 2008-04-14 00:12:10 82,432 ----a-w C:\WINDOWS\system32\ws2_32.dll
- 2004-08-04 09:00:00 19,968 ----a-w C:\WINDOWS\system32\ws2help.dll
+ 2008-04-14 00:12:10 19,968 ----a-w C:\WINDOWS\system32\ws2help.dll
- 2004-08-04 09:00:00 13,824 -c--a-w C:\WINDOWS\system32\wscntfy.exe
+ 2008-04-14 00:12:41 13,824 ----a-w C:\WINDOWS\system32\wscntfy.exe
- 2004-08-04 09:00:00 114,688 ----a-w C:\WINDOWS\system32\wscript.exe
+ 2008-04-14 00:12:41 155,648 ----a-w C:\WINDOWS\system32\wscript.exe
- 2004-08-04 09:00:00 81,408 ----a-w C:\WINDOWS\system32\wscsvc.dll
+ 2008-04-14 00:12:10 80,896 ----a-w C:\WINDOWS\system32\wscsvc.dll
- 2004-08-04 09:00:00 108,032 -c--a-w C:\WINDOWS\system32\wshbth.dll
+ 2008-04-14 00:12:10 108,032 ----a-w C:\WINDOWS\system32\wshbth.dll
- 2004-08-04 09:00:00 28,672 -c--a-w C:\WINDOWS\system32\wshcon.dll
+ 2008-04-14 00:12:10 36,864 ----a-w C:\WINDOWS\system32\wshcon.dll
- 2004-08-04 09:00:00 65,536 ----a-w C:\WINDOWS\system32\wshext.dll
+ 2008-04-14 00:12:10 90,112 ----a-w C:\WINDOWS\system32\wshext.dll
- 2004-08-04 09:00:00 14,336 -c--a-w C:\WINDOWS\system32\wship6.dll
+ 2008-04-14 00:12:10 14,336 ----a-w C:\WINDOWS\system32\wship6.dll
- 2004-08-04 09:00:00 11,776 -c--a-w C:\WINDOWS\system32\WshRm.dll
+ 2008-04-14 00:12:10 11,264 ----a-w C:\WINDOWS\system32\wshrm.dll
- 2004-08-04 09:00:00 19,968 ----a-w C:\WINDOWS\system32\wshtcpip.dll
+ 2008-04-14 00:12:10 19,456 ----a-w C:\WINDOWS\system32\wshtcpip.dll
- 2004-08-04 09:00:00 42,496 -c--a-w C:\WINDOWS\system32\wsnmp32.dll
+ 2008-04-14 00:12:10 41,984 ----a-w C:\WINDOWS\system32\wsnmp32.dll
- 2004-08-04 09:00:00 22,528 ----a-w C:\WINDOWS\system32\wsock32.dll
+ 2008-04-14 00:12:10 22,528 ----a-w C:\WINDOWS\system32\wsock32.dll
- 2004-08-04 09:00:00 50,688 ----a-w C:\WINDOWS\system32\wstdecod.dll
+ 2008-04-14 00:12:10 50,688 ----a-w C:\WINDOWS\system32\wstdecod.dll
- 2004-08-04 09:00:00 18,432 ----a-w C:\WINDOWS\system32\wtsapi32.dll
+ 2008-04-14 00:12:10 18,432 ----a-w C:\WINDOWS\system32\wtsapi32.dll
- 2004-08-04 09:00:00 6,656 ----a-w C:\WINDOWS\system32\wuauserv.dll
+ 2008-04-14 00:12:11 6,656 ----a-w C:\WINDOWS\system32\wuauserv.dll
- 2004-08-04 09:00:00 378,368 -c--a-w C:\WINDOWS\system32\wzcdlg.dll
+ 2008-04-14 00:12:11 383,488 ----a-w C:\WINDOWS\system32\wzcdlg.dll
- 2004-08-04 09:00:00 51,712 ----a-w C:\WINDOWS\system32\wzcsapi.dll
+ 2008-04-14 00:12:11 52,736 ----a-w C:\WINDOWS\system32\wzcsapi.dll
- 2004-08-04 09:00:00 359,936 ----a-w C:\WINDOWS\system32\wzcsvc.dll
+ 2008-04-14 00:12:11 483,840 ----a-w C:\WINDOWS\system32\wzcsvc.dll
- 2004-08-04 09:00:00 91,648 ----a-w C:\WINDOWS\system32\xactsrv.dll
+ 2008-04-14 00:12:11 91,648 ----a-w C:\WINDOWS\system32\xactsrv.dll
- 2004-08-04 09:00:00 30,720 -c--a-w C:\WINDOWS\system32\xcopy.exe
+ 2008-04-14 00:12:41 30,720 ----a-w C:\WINDOWS\system32\xcopy.exe
+ 2008-04-14 00:12:11 121,856 ------w C:\WINDOWS\system32\xmllite.dll
- 2004-08-04 09:00:00 129,536 ----a-w C:\WINDOWS\system32\xmlprov.dll
+ 2008-04-14 00:12:11 129,024 ----a-w C:\WINDOWS\system32\xmlprov.dll
- 2004-08-04 09:00:00 50,176 -c--a-w C:\WINDOWS\system32\xmlprovi.dll
+ 2008-04-14 00:12:11 50,176 ----a-w C:\WINDOWS\system32\xmlprovi.dll
- 2006-03-01 19:42:42 11,776 -c--a-w C:\WINDOWS\system32\xolehlp.dll
+ 2008-04-14 00:12:11 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll
- 2004-08-04 09:00:00 438,784 ----a-w C:\WINDOWS\system32\xpob2res.dll
+ 2008-04-13 17:39:29 438,784 ----a-w C:\WINDOWS\system32\xpob2res.dll
- 2004-08-04 09:00:00 187,392 ----a-w C:\WINDOWS\system32\xpsp1res.dll
+ 2008-04-13 17:39:22 187,392 ----a-w C:\WINDOWS\system32\xpsp1res.dll
- 2004-08-04 09:00:00 2,897,920 ----a-w C:\WINDOWS\system32\xpsp2res.dll
+ 2008-04-13 17:39:24 2,897,920 ----a-w C:\WINDOWS\system32\xpsp2res.dll
- 2008-07-03 09:14:02 351,744 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-04-13 17:39:26 689,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
- 2004-08-04 09:00:00 337,920 ----a-w C:\WINDOWS\system32\zipfldr.dll
+ 2008-04-14 00:12:11 338,432 ----a-w C:\WINDOWS\system32\zipfldr.dll
+ 2008-08-30 01:53:51 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_70c.dat
- 2004-08-04 09:00:00 50,688 ----a-w C:\WINDOWS\twain_32.dll
+ 2008-04-14 00:12:07 50,688 ----a-w C:\WINDOWS\twain_32.dll
- 2004-08-04 09:00:00 283,648 ----a-w C:\WINDOWS\winhlp32.exe
+ 2008-04-14 00:12:39 283,648 ----a-w C:\WINDOWS\winhlp32.exe
- 2007-01-19 20:15:24 74,802 -c--a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2008-04-14 00:12:50 74,802 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2007-01-19 20:15:24 995,383 -c--a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2008-04-14 00:12:50 995,383 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2007-01-19 20:15:24 1,011,774 -c--a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2008-04-14 00:12:50 1,011,774 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
- 2007-01-19 20:15:24 401,462 -c--a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:50 401,462 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 00:12:51 1,054,208 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
+ 2008-04-14 00:12:51 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2008-04-14 00:12:51 343,040 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
+ 2008-04-14 00:12:47 1,724,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
- 2004-08-04 09:00:00 853,504 -c--a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 00:12:49 853,504 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
- 2004-08-04 09:00:00 991,232 -c--a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
+ 2008-04-14 00:12:50 991,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
- 2004-08-04 09:00:00 132,096 -c--a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc
0\rtcres.dll
+ 2008-04-13 18:26:33 132,096 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc
0\rtcres.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 20:12 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 20:12 1695232]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 12:28 139264]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-20 02:18 68856]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 18:41 1832272]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09 460784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-10-14 20:49 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-14 20:46 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-10-14 20:50 114688]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 03:12 94208]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2006-09-18 13:42 26112]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-18 13:42 98304]
"MMTray"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2005-09-08 19:20 110592]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 05:20 122940]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-09-18 13:49 169984]
"DellHelp"="C:\Dell\DellHelp\DellHelp.exe" [2004-04-01 15:51 1589248]
"Corel Photo Downloader"="C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe" [2006-02-09 18:34 106496]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 17:40 155648]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [2007-02-08 22:39 36904]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 23:32 53248]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-11-01 19:12 582992]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 09:24 16384]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2006-11-07 15:49 1121280]
"TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-08-23 17:33 914512]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 17:38 52840]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2007-03-14 19:49 125632]
"SigmatelSysTrayApp"="stsystra.exe" [2006-02-10 18:17 282624 C:\WINDOWS\stsystra.exe]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
America Online 9.0 Tray Icon.lnk - C:\Program Files\America Online 9.0\aoltray.exe [2006-09-18 13:41:40 156784]
Exif Launcher.lnk - C:\Program Files\FinePixViewer\QuickDCF.exe [2007-11-04 18:58:00 200704]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 16:05:56 65588]
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-05-03 22:07:32 81920]
Veritrax AS-215.lnk - C:\Program Files\Rosslare\Veritrax AS-215\VeriTrax.exe [2008-04-13 19:16:01 9244672]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2006-09-21 20:57:14 122880]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-07-12 04:00 132496 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WPORTAL\\JRE\\bin\\javaw.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

.
Contents of the 'Scheduled Tasks' folder

2008-08-15 C:\WINDOWS\Tasks\McDefragTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]

2008-08-01 C:\WINDOWS\Tasks\McQcTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-29 21:56:20
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\Documents and Settings\BRETT\Local Settings\Application Data\ApplicationHistory\dsca.exe.cf6b816f.ini.inuse 0 bytes

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\SiteAdvisor\6261\saHook.dll
-> ?:\WINDOWS\system32\MSImg32.dll
-> ?:\WINDOWS\system32\MSImg32.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Advanced Registry Doctor\RegManServ.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\McAfee\MSC\mcuimgr.exe
.
**************************************************************************
.
Completion time: 2008-08-29 22:02:02 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-30 02:01:54
ComboFix2.txt 2008-08-25 02:13:22
ComboFix3.txt 2008-08-24 23:06:15
  • 0

#20
jbd1270

jbd1270

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Would not take the whole file, could only upload in sections.
  • 0

#21
jbd1270

jbd1270

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Completion time: 2008-08-29 22:02:02 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-30 02:01:54
ComboFix2.txt 2008-08-25 02:13:22
ComboFix3.txt 2008-08-24 23:06:15
ComboFix4.txt 2008-08-24 04:18:02

Pre-Run: 50,900,996,096 bytes free
Post-Run: 51,015,970,816 bytes free

4626 --- E O F --- 2008-08-30 01:14:43
  • 0

#22
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Hi jbd1270,

Yep, some of them do take multiple posts.

Thanks for that, I will have a look and get back to you.

Regards
emeraldnzl
  • 0

#23
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Hello jbd1270,

Couple of things.

Looks to me that you are running two anti-virus/Internet Security Suites. Running two or more real-time anti-virus and firewall monitors at the same time can cause a conflict. That conflict could result in error messages, crashes of the programs or other types of failure. You will very likely end up with little or no protection.

Please uninstall either of

Norton Symantec

or

McAfee

Also I see you are using a Registry Cleaner/Defrager. Registry Cleaners are notorious for causing problems. It is generally not necessary to clean your registry.

Now

Things are looking much better. Lets run Kaspersky again just to make sure we aren't missing anything.

Kaspersky only works if you are using Internet Explorer.

Please do an online scan with Kaspersky WebScanner.

Click on the Kaspersky Online Scanner button. A box will come up, click Accept, this will allow it to install an ActiveX component and download its latest anti-virus database. (Note: It may take a couple of minutes)

  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    * Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    * Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:
    Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    * Now click on the Save as Text button:
  • Save the file to your desktop.
Copy and paste that information in your next post.

So when you come back please post
  • Kaspersky scan results
  • a new HijackThis log
  • and tell me how you computer is running now

  • 0

#24
jbd1270

jbd1270

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, August 31, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, August 31, 2008 14:08:55
Records in database: 1172027


Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes

Scan area My Computer
C:\
D:\
E:\
F:\

Scan statistics
Files scanned 126512
Threat name 5
Infected objects 13
Suspicious objects 0
Duration of the scan 02:34:47

File name Threat name Threats count
C:\Program Files\BAE\BAE.dll/C:\Program Files\BAE\BAE.dll Infected: not-a-virus:AdWare.Win32.BHO.csb 1

C:\Documents and Settings\BRETT\My Documents\Billy Downloads\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1

C:\Documents and Settings\BRETT\My Documents\Billy Downloads\SmitfraudFix.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1

C:\Program Files\BAE\BAE.dll Infected: not-a-virus:AdWare.Win32.BHO.csb 1

C:\QooBox\Quarantine\C\Documents and Settings\BRETT\My Documents\Temp Program File\MISC\reset2.exe.vir Infected: Trojan.BAT.Small.ai 1

C:\QooBox\Quarantine\C\WINDOWS\system32\yhuzanaj.exe.vir Infected: Trojan-Downloader.Win32.Small.abnp 1

C:\QooBox\Quarantine\C\WINDOWS\system32\ynojaloh.exe.vir Infected: Trojan-Downloader.Win32.Small.abnp 1

C:\WINDOWS\$NtServicePackUninstall$\explorer.exe Infected: Trojan.Win32.Patched.aa 1

C:\WINDOWS\$NtServicePackUninstall$\lsass.exe Infected: Trojan.Win32.Patched.aa 1

C:\WINDOWS\$NtServicePackUninstall$\services.exe Infected: Trojan.Win32.Patched.aa 1

C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe Infected: Trojan.Win32.Patched.aa 1

C:\WINDOWS\$NtServicePackUninstall$\svchost.exe Infected: Trojan.Win32.Patched.aa 1

C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe Infected: Trojan.Win32.Patched.aa 1

The selected area was scanned.

End of Report
  • 0

#25
jbd1270

jbd1270

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:34, on 8/31/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Advanced Registry Doctor\RegManServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4060918
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [DellHelp] C:\Dell\DellHelp\DellHelp.exe /c
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Veritrax AS-215.lnk = C:\Program Files\Rosslare\Veritrax AS-215\VeriTrax.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Registry Management Service (RegManServ) - Unknown owner - C:\Program Files\Advanced Registry Doctor\RegManServ.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 10574 bytes


Everything seems to be running fine. I have been rebooting and going on the internet randomly to see if the problems will reinstall themselves. So far I have not noticed anything.

Again, thank you for your help. I do appreciate it!
  • 0

Advertisements


#26
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Hello again jbd1270,

Hmm still some there.

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

File::
C:\Program Files\BAE\BAE.dll


Save this as CFScript.txt, in the same location as ComboFix.exe

Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Next

We need to run Kaspersky again.

Kaspersky only works if you are using Internet Explorer.

Please do an online scan with Kaspersky WebScanner.

Click on the Kaspersky Online Scanner button. A box will come up, click Accept, this will allow it to install an ActiveX component and download its latest anti-virus database. (Note: It may take a couple of minutes)

  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    * Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    * Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:
    Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    * Now click on the Save as Text button:
  • Save the file to your desktop.
Copy and paste that information in your next post.

So when you come back please post
  • ComboFix text
  • Kaspersky scan results
  • a new HijackThis log

  • 0

#27
jbd1270

jbd1270

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
ComboFix 08-08-30.03 - BRETT 2008-08-31 21:41:15.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.232 [GMT -4:00]
Running from: C:\Documents and Settings\BRETT\My Documents\Billy Downloads\ComboFix.exe
Command switches used :: C:\Documents and Settings\BRETT\My Documents\Billy Downloads\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\BRETT\Cookies\[email protected][1].txt
C:\Program Files\BAE\BAE.dll

.
((((((((((((((((((((((((( Files Created from 2008-08-01 to 2008-09-01 )))))))))))))))))))))))))))))))
.

2008-08-29 21:07 . 2008-08-29 21:07 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-08-29 21:07 . 2008-08-29 21:07 <DIR> d-------- C:\WINDOWS\system32\en
2008-08-29 21:07 . 2008-08-29 21:07 <DIR> d-------- C:\WINDOWS\system32\bits
2008-08-29 21:07 . 2008-08-29 21:07 <DIR> d-------- C:\WINDOWS\l2schemas
2008-08-29 21:05 . 2008-08-29 21:08 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-08-29 20:58 . 2008-08-29 20:58 <DIR> d-------- C:\WINDOWS\EHome
2008-08-29 19:28 . 2008-04-13 20:12 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2008-08-29 19:27 . 2008-04-13 20:11 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2008-08-25 22:55 . 2008-08-29 21:51 <DIR> d-------- C:\Program Files\Symantec AntiVirus
2008-08-25 22:55 . 2008-08-25 22:55 110,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-08-25 22:55 . 2008-08-25 22:55 48,768 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2008-08-25 22:55 . 2008-08-25 22:55 8,014 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-08-25 22:55 . 2008-08-25 22:55 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-08-24 02:41 . 2008-08-24 02:41 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-24 02:22 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-08-24 00:58 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-08-24 00:58 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-08-23 20:09 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-08-23 20:09 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-08-23 20:09 . 2008-05-29 09:35 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-08-23 13:40 . 2008-08-21 23:41 87,552 --a------ C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-08-22 19:18 . 2008-08-22 19:18 <DIR> d-------- C:\Documents and Settings\BRETT\Application Data\Symantec
2008-08-20 21:33 . 2008-08-24 02:22 4,182 --a------ C:\WINDOWS\system32\tmp.reg
2008-08-20 18:58 . 2008-08-20 18:59 <DIR> d-------- C:\Program Files\Advanced Registry Doctor
2008-08-20 10:51 . 2008-08-21 01:04 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-08-20 10:51 . 2008-08-20 11:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-19 13:02 . 2008-08-19 13:02 <DIR> d-------- C:\Program Files\Gadwin Systems
2008-08-19 09:49 . 2008-08-24 01:05 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-19 09:48 . 2008-08-23 17:33 <DIR> d-------- C:\Program Files\Trojan Remover
2008-08-19 09:48 . 2008-08-19 09:48 <DIR> d-------- C:\Documents and Settings\BRETT\Application Data\Simply Super Software
2008-08-19 09:48 . 2008-08-19 09:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2008-08-19 09:48 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2008-08-19 09:48 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2008-08-19 09:48 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-08-19 09:48 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
2008-08-19 09:38 . 2008-08-19 09:52 <DIR> d-------- C:\Program Files\EndItAll
2008-08-18 12:28 . 2008-08-18 12:28 <DIR> d-------- C:\Program Files\AVG
2008-08-18 12:28 . 2008-08-19 14:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-08-13 18:14 . 2008-04-11 15:04 691,712 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll
2008-08-13 18:14 . 2008-05-01 10:33 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-01 01:41 --------- d-----w C:\Program Files\BAE
2008-08-31 03:57 --------- d-----w C:\Program Files\McAfee
2008-08-31 03:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-08-31 03:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-08-26 02:56 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-08-26 02:55 --------- d-----w C:\Program Files\Symantec
2008-08-26 02:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-08-22 02:32 --------- d-----w C:\Program Files\America Online 9.0
2008-08-22 02:18 --------- d-----w C:\Program Files\CoreFTP
2008-08-20 22:57 --------- d-----w C:\Documents and Settings\BRETT\Application Data\U3
2008-08-19 15:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-17 18:33 --------- d-----w C:\Documents and Settings\BRETT\Application Data\FUJIFILM
2008-07-16 01:23 --------- d-----w C:\Program Files\MSBuild
2008-07-16 01:23 --------- d-----w C:\Program Files\Microsoft Works
2008-07-15 12:07 --------- d-----w C:\Program Files\Dell Support Center
2008-07-15 12:07 --------- d-----w C:\Program Files\Common Files\supportsoft
2008-07-15 12:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-07-15 12:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
2006-12-18 04:39 0 -c--a-w C:\Documents and Settings\BRETT\Application Data\wklnhst.dat
2007-02-09 23:42 88 -csh--r C:\WINDOWS\system32\7515257F65.sys
2007-02-09 23:42 3,350 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot_2008-08-29_22.01.35.51 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-05-07 09:07:23 135,168 ----a-w C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\cscript.exe
+ 2008-05-09 10:45:15 512,000 ----a-w C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\jscript.dll
+ 2008-05-09 10:45:16 180,224 ----a-w C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\scrobj.dll
+ 2008-05-09 10:45:16 172,032 ----a-w C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\scrrun.dll
+ 2008-05-09 10:45:16 430,080 ----a-w C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\vbscript.dll
+ 2008-05-08 11:24:44 155,648 ----a-w C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\wscript.exe
+ 2008-05-09 10:45:17 90,112 ----a-w C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\wshext.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB951978\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB951978\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951978\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB951978\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB951978\update\updspapi.dll
- 2008-08-26 02:56:26 25,214 ----a-r C:\WINDOWS\Installer\{50E125D1-88E5-48CE-80AE-98EC9698E639}\ARPPRODUCTICON.exe
+ 2008-08-31 14:19:39 25,214 ----a-r C:\WINDOWS\Installer\{50E125D1-88E5-48CE-80AE-98EC9698E639}\ARPPRODUCTICON.exe
- 2008-08-26 02:56:26 40,960 ----a-r C:\WINDOWS\Installer\{50E125D1-88E5-48CE-80AE-98EC9698E639}\DTIcon.ECFEE69D_DA66_4F00_ABE5_54E931059C01.exe
+ 2008-08-31 14:19:39 40,960 ----a-r C:\WINDOWS\Installer\{50E125D1-88E5-48CE-80AE-98EC9698E639}\DTIcon.ECFEE69D_DA66_4F00_ABE5_54E931059C01.exe
- 2008-08-26 02:56:26 40,960 ----a-r C:\WINDOWS\Installer\{50E125D1-88E5-48CE-80AE-98EC9698E639}\NewShortcut1.ECFEE69D_DA66_4F00_ABE5_54E931059C01.exe
+ 2008-08-31 14:19:39 40,960 ----a-r C:\WINDOWS\Installer\{50E125D1-88E5-48CE-80AE-98EC9698E639}\NewShortcut1.ECFEE69D_DA66_4F00_ABE5_54E931059C01.exe
- 2008-08-30 01:24:12 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-08-31 00:06:43 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-08-30 01:24:12 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-08-31 00:06:43 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-08-30 01:24:12 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-08-31 00:06:43 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2008-04-14 00:12:15 139,264 ----a-w C:\WINDOWS\system32\cscript.exe
+ 2008-05-07 09:07:23 135,168 ----a-w C:\WINDOWS\system32\cscript.exe
+ 2008-05-07 09:07:23 135,168 ------w C:\WINDOWS\system32\dllcache\cscript.exe
+ 2008-05-09 10:53:39 512,000 ------w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2008-05-09 10:53:39 180,224 ------w C:\WINDOWS\system32\dllcache\scrobj.dll
+ 2008-05-09 10:53:40 172,032 ------w C:\WINDOWS\system32\dllcache\scrrun.dll
+ 2008-05-09 10:53:40 430,080 ------w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2008-05-08 11:24:44 155,648 ------w C:\WINDOWS\system32\dllcache\wscript.exe
+ 2008-05-09 10:53:40 90,112 ------w C:\WINDOWS\system32\dllcache\wshext.dll
- 2008-04-14 00:11:56 512,000 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2008-05-09 10:53:39 512,000 ----a-w C:\WINDOWS\system32\jscript.dll
- 2008-04-14 00:12:05 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll
+ 2008-05-09 10:53:39 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll
- 2008-04-14 00:12:05 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll
+ 2008-05-09 10:53:40 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll
- 2008-04-14 00:12:08 434,176 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2008-05-09 10:53:40 430,080 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2008-04-14 00:12:41 155,648 ----a-w C:\WINDOWS\system32\wscript.exe
+ 2008-05-08 11:24:44 155,648 ----a-w C:\WINDOWS\system32\wscript.exe
- 2008-04-14 00:12:10 90,112 ----a-w C:\WINDOWS\system32\wshext.dll
+ 2008-05-09 10:53:40 90,112 ----a-w C:\WINDOWS\system32\wshext.dll
+ 2008-09-01 01:47:13 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5d4.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 20:12 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 20:12 1695232]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 12:28 139264]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-20 02:18 68856]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 18:41 1832272]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09 460784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-10-14 20:49 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-14 20:46 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-10-14 20:50 114688]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 03:12 94208]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2006-09-18 13:42 26112]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-18 13:42 98304]
"MMTray"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2005-09-08 19:20 110592]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 05:20 122940]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-09-18 13:49 169984]
"DellHelp"="C:\Dell\DellHelp\DellHelp.exe" [2004-04-01 15:51 1589248]
"Corel Photo Downloader"="C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe" [2006-02-09 18:34 106496]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 17:40 155648]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 23:32 53248]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 09:24 16384]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2006-11-07 15:49 1121280]
"TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-08-23 17:33 914512]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 17:38 52840]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2007-03-14 19:49 125632]
"SigmatelSysTrayApp"="stsystra.exe" [2006-02-10 18:17 282624 C:\WINDOWS\stsystra.exe]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
America Online 9.0 Tray Icon.lnk - C:\Program Files\America Online 9.0\aoltray.exe [2006-09-18 13:41:40 156784]
Exif Launcher.lnk - C:\Program Files\FinePixViewer\QuickDCF.exe [2007-11-04 18:58:00 200704]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 16:05:56 65588]
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-05-03 22:07:32 81920]
Veritrax AS-215.lnk - C:\Program Files\Rosslare\Veritrax AS-215\VeriTrax.exe [2008-04-13 19:16:01 9244672]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2006-09-21 20:57:14 122880]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-07-12 04:00 132496 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WPORTAL\\JRE\\bin\\javaw.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-31 21:48:11
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\Documents and Settings\BRETT\Local Settings\Application Data\ApplicationHistory\dsca.exe.cf6b816f.ini.inuse

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> ?:\WINDOWS\System32\CSCDLL.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Advanced Registry Doctor\RegManServ.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
.
**************************************************************************
.
Completion time: 2008-08-31 21:53:32 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-01 01:53:25
ComboFix2.txt 2008-08-30 02:02:03
ComboFix3.txt 2008-08-25 02:13:22
ComboFix4.txt 2008-08-24 23:06:15
ComboFix5.txt 2008-09-01 01:40:36

Pre-Run: 50,756,571,136 bytes free
Post-Run: 50,930,331,648 bytes free

231 --- E O F --- 2008-08-31 07:01:18
  • 0

#28
jbd1270

jbd1270

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, September 1, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, September 01, 2008 02:43:13
Records in database: 1172322


Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes

Scan area My Computer
C:\
D:\
E:\
F:\

Scan statistics
Files scanned 115345
Threat name 5
Infected objects 12
Suspicious objects 0
Duration of the scan 02:28:35

File name Threat name Threats count
C:\Documents and Settings\BRETT\My Documents\Billy Downloads\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1

C:\Documents and Settings\BRETT\My Documents\Billy Downloads\SmitfraudFix.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1

C:\QooBox\Quarantine\C\Documents and Settings\BRETT\My Documents\Temp Program File\MISC\reset2.exe.vir Infected: Trojan.BAT.Small.ai 1

C:\QooBox\Quarantine\C\Program Files\BAE\BAE.dll.vir Infected: not-a-virus:AdWare.Win32.BHO.csb 1

C:\QooBox\Quarantine\C\WINDOWS\system32\yhuzanaj.exe.vir Infected: Trojan-Downloader.Win32.Small.abnp 1

C:\QooBox\Quarantine\C\WINDOWS\system32\ynojaloh.exe.vir Infected: Trojan-Downloader.Win32.Small.abnp 1

C:\WINDOWS\$NtServicePackUninstall$\explorer.exe Infected: Trojan.Win32.Patched.aa 1

C:\WINDOWS\$NtServicePackUninstall$\lsass.exe Infected: Trojan.Win32.Patched.aa 1

C:\WINDOWS\$NtServicePackUninstall$\services.exe Infected: Trojan.Win32.Patched.aa 1

C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe Infected: Trojan.Win32.Patched.aa 1

C:\WINDOWS\$NtServicePackUninstall$\svchost.exe Infected: Trojan.Win32.Patched.aa 1

C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe Infected: Trojan.Win32.Patched.aa 1

The selected area was scanned.
  • 0

#29
jbd1270

jbd1270

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:04:09, on 9/1/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Advanced Registry Doctor\RegManServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4060918
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [DellHelp] C:\Dell\DellHelp\DellHelp.exe /c
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Veritrax AS-215.lnk = C:\Program Files\Rosslare\Veritrax AS-215\VeriTrax.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Registry Management Service (RegManServ) - Unknown owner - C:\Program Files\Advanced Registry Doctor\RegManServ.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 10440 bytes
  • 0

#30
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Hello again jbd1270,

Still got those bad patched files there. Our earlier fix just seemed to replace baddies with baddies.

Lets attack them again and see if we can replace them with good ones this time.

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

FCopy::
C:\WINDOWS\System32\dllcache\lsass.exe | C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
C:\WINDOWS\System32\dllcache\services.exe | C:\WINDOWS\$NtServicePackUninstall$\services.exe
C:\WINDOWS\System32\dllcache\spoolsv.exe | C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe
C:\WINDOWS\System32\dllcache\svchost.exe | C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
C:\WINDOWS\System32\dllcache\winlogon.exe | C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe


Save this as CFScript.txt, in the same location as ComboFix.exe

Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Now

Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.

O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - (no file)

Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis.

Next

Your Java is out of date. Older versions are vunerable to malicious attack.

Please download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.
Your Adobe Acrobat Reader is out of date. Older versions are vunerable to attack.

Please go to the link below to update.

http://www.adobe.com.../readstep2.html

So when you come back please post
  • ComboFix text
  • a new HijackThis log

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP