« previous next »
Pages: [1] 2   Go Down

Author Topic: I think I might have another virus?!  (Read 5617 times)

0 Members and 1 Guest are viewing this topic.

Offline cbfr

  • Newbie
  • *
  • Posts: 26
I think I might have another virus?!
« on: March 31, 2009, 01:27:58 AM »
Hi Corrine

I think I may have a virus again.  On Saturday morning, we were able to connect to the internet and then Saturday afternoon we lost our connection.  I called my internet service provider and they went through some steps with me and thought that it might be an issue with my computer hardware/software.  I called up Dell who also took me through a few steps and that was unsuccessful as well.  I am using another computer in my house and the internet works fine.  We tried installing SP3 but it won't install and it hasn't since the update came out.  I hope you are able to help!  Thanks!
Logged

Offline GR@PH;<'S

  • Administrator
  • Hero Member
  • *****
  • Posts: 15651
    • http://www.taktmobiles.co.uk
Re: I think I might have another virus?!
« Reply #1 on: March 31, 2009, 09:33:26 AM »
cbfr,
As a starting point can you please :
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
GR@PH;<'S   :Hammys pint:
Logged
press Enter then have a Brandy then if the problem is still there have another Brandy
Q: does it work
A: It does seem to for a few hours at least.

Offline cbfr

  • Newbie
  • *
  • Posts: 26
Re: I think I might have another virus?!
« Reply #2 on: April 01, 2009, 11:00:28 PM »
Hello

Here is the log.  Thanks.



Logfile of random's system information tool 1.04 (written by random/random)
Run by Christina at 2009-03-31 20:26:15
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 40 GB (35%) free of 114 GB
Total RAM: 510 MB (27% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Spybot - Search & Destroy -  Scheduled Task.job
C:\WINDOWS\tasks\Symantec NetDetect.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-11-17 304736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-02-04 1078552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-02-04 1968920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-02-04 1968920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"BCMSMMSG"=C:\WINDOWS\BCMSMMSG.exe [2003-08-29 122880]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-02-04 1601304]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"@OnlineArmor GUI"=C:\Program Files\Tall Emu\Online Armor\oaui.exe [2008-10-07 6223048]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-11-17 185872]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-09-12 36352]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-05 29744]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-05 29744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-02-04 10520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"=C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [2008-10-07 886984]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-03-27 17:36:21 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-03-26 03:09:16 ----D---- C:\WINDOWS\Prefetch
2009-03-25 19:49:04 ----A---- C:\WINDOWS\system32\sprecovr.exe
2009-03-25 19:44:40 ----N---- C:\WINDOWS\system32\_003892_.tmp.dll
2009-03-25 19:44:40 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-03-25 19:44:29 ----N---- C:\WINDOWS\system32\_003891_.tmp.dll
2009-03-25 19:44:29 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2009-03-25 19:41:22 ----N---- C:\WINDOWS\system32\_003889_.tmp.dll
2009-03-25 19:41:22 ----A---- C:\WINDOWS\system32\cacls.exe
2009-03-25 19:41:22 ----A---- C:\WINDOWS\system32\autoconv.exe
2009-03-25 19:41:22 ----A---- C:\WINDOWS\system32\autochk.exe
2009-03-25 19:41:22 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-03-25 19:41:21 ----N---- C:\WINDOWS\system32\_003884_.tmp.dll
2009-03-25 19:41:21 ----N---- C:\WINDOWS\system32\_003883_.tmp.dll
2009-03-25 19:41:21 ----A---- C:\WINDOWS\system32\comdlg32.dll
2009-03-25 19:41:21 ----A---- C:\WINDOWS\system32\comctl32.dll
2009-03-25 19:41:21 ----A---- C:\WINDOWS\system32\cmd.exe
2009-03-25 19:41:20 ----N---- C:\WINDOWS\system32\_003882_.tmp.dll
2009-03-25 19:41:20 ----N---- C:\WINDOWS\system32\_003881_.tmp.dll
2009-03-25 19:41:20 ----N---- C:\WINDOWS\system32\_003880_.tmp.dll
2009-03-25 19:41:20 ----A---- C:\WINDOWS\system32\ftp.exe
2009-03-25 19:41:20 ----A---- C:\WINDOWS\system32\format.com
2009-03-25 19:41:20 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2009-03-25 19:41:20 ----A---- C:\WINDOWS\system32\csrsrv.dll
2009-03-25 19:41:19 ----N---- C:\WINDOWS\system32\_003877_.tmp.dll
2009-03-25 19:41:19 ----N---- C:\WINDOWS\system32\_003876_.tmp.dll
2009-03-25 19:41:19 ----N---- C:\WINDOWS\system32\_003875_.tmp.dll
2009-03-25 19:41:19 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2009-03-25 19:41:19 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-03-25 19:41:19 ----A---- C:\WINDOWS\system32\imagehlp.dll
2009-03-25 19:41:18 ----N---- C:\WINDOWS\system32\_003874_.tmp.dll
2009-03-25 19:41:18 ----N---- C:\WINDOWS\system32\_003872_.tmp.dll
2009-03-25 19:41:18 ----A---- C:\WINDOWS\system32\msgsvc.dll
2009-03-25 19:41:18 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2009-03-25 19:41:18 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-03-25 19:41:18 ----A---- C:\WINDOWS\system32\locator.exe
2009-03-25 19:41:18 ----A---- C:\WINDOWS\system32\localspl.dll
2009-03-25 19:41:17 ----N---- C:\WINDOWS\system32\_003869_.tmp.dll
2009-03-25 19:41:17 ----N---- C:\WINDOWS\system32\_003867_.tmp.dll
2009-03-25 19:41:17 ----N---- C:\WINDOWS\system32\_003866_.tmp.dll
2009-03-25 19:41:17 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2009-03-25 19:41:17 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-03-25 19:41:17 ----A---- C:\WINDOWS\system32\nslookup.exe
2009-03-25 19:41:17 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-03-25 19:41:16 ----N---- C:\WINDOWS\system32\oleaut32.dll
2009-03-25 19:41:16 ----N---- C:\WINDOWS\system32\_003862_.tmp.dll
2009-03-25 19:41:16 ----N---- C:\WINDOWS\system32\_003861_.tmp.dll
2009-03-25 19:41:16 ----A---- C:\WINDOWS\system32\perfctrs.dll
2009-03-25 19:41:16 ----A---- C:\WINDOWS\system32\olecnv32.dll
2009-03-25 19:41:16 ----A---- C:\WINDOWS\system32\nwprovau.dll
2009-03-25 19:41:16 ----A---- C:\WINDOWS\system32\ntvdm.exe
2009-03-25 19:41:16 ----A---- C:\WINDOWS\system32\ntprint.dll
2009-03-25 19:41:15 ----N---- C:\WINDOWS\system32\_003856_.tmp.dll
2009-03-25 19:41:15 ----A---- C:\WINDOWS\system32\rasauto.dll
2009-03-25 19:41:15 ----A---- C:\WINDOWS\system32\rasapi32.dll
2009-03-25 19:41:15 ----A---- C:\WINDOWS\system32\printui.dll
2009-03-25 19:41:14 ----N---- C:\WINDOWS\system32\_003853_.tmp.dll
2009-03-25 19:41:14 ----N---- C:\WINDOWS\system32\_003852_.tmp.dll
2009-03-25 19:41:14 ----N---- C:\WINDOWS\system32\_003851_.tmp.dll
2009-03-25 19:41:14 ----A---- C:\WINDOWS\system32\rshx32.dll
2009-03-25 19:41:14 ----A---- C:\WINDOWS\system32\rastapi.dll
2009-03-25 19:41:14 ----A---- C:\WINDOWS\system32\rasman.dll
2009-03-25 19:41:14 ----A---- C:\WINDOWS\system32\rasdlg.dll
2009-03-25 19:41:13 ----N---- C:\WINDOWS\system32\_003844_.tmp.dll
2009-03-25 19:41:13 ----N---- C:\WINDOWS\system32\_003839_.tmp.dll
2009-03-25 19:41:13 ----N---- C:\WINDOWS\system32\_003834_.tmp.dll
2009-03-25 19:41:13 ----A---- C:\WINDOWS\system32\schannel.dll
2009-03-25 19:41:13 ----A---- C:\WINDOWS\system32\scardsvr.exe
2009-03-25 19:41:13 ----A---- C:\WINDOWS\system32\savedump.exe
2009-03-25 19:41:13 ----A---- C:\WINDOWS\system32\samsrv.dll
2009-03-25 19:41:13 ----A---- C:\WINDOWS\system32\samlib.dll
2009-03-25 19:41:12 ----N---- C:\WINDOWS\system32\_003831_.tmp.dll
2009-03-25 19:41:12 ----N---- C:\WINDOWS\system32\_003829_.tmp.dll
2009-03-25 19:41:12 ----N---- C:\WINDOWS\system32\_003826_.tmp.dll
2009-03-25 19:41:12 ----N---- C:\WINDOWS\system32\_003820_.tmp.dll
2009-03-25 19:41:12 ----A---- C:\WINDOWS\system32\srvsvc.dll
2009-03-25 19:41:12 ----A---- C:\WINDOWS\system32\smss.exe
2009-03-25 19:41:12 ----A---- C:\WINDOWS\system32\setupapi.dll
2009-03-25 19:41:12 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-03-25 19:41:12 ----A---- C:\WINDOWS\system32\services.exe
2009-03-25 19:41:11 ----A---- C:\WINDOWS\system32\ulib.dll
2009-03-25 19:41:11 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2009-03-25 19:41:11 ----A---- C:\WINDOWS\system32\syssetup.dll
2009-03-25 19:41:10 ----N---- C:\WINDOWS\system32\_003780_.tmp.dll
2009-03-25 19:41:10 ----N---- C:\WINDOWS\system32\_003768_.tmp.dll
2009-03-25 19:41:10 ----A---- C:\WINDOWS\system32\win32spl.dll
2009-03-25 19:41:10 ----A---- C:\WINDOWS\system32\userinit.exe
2009-03-25 19:41:10 ----A---- C:\WINDOWS\system32\untfs.dll
2009-03-25 19:41:09 ----N---- C:\WINDOWS\system32\_003760_.tmp.dll
2009-03-25 19:41:09 ----N---- C:\WINDOWS\system32\_003759_.tmp.dll
2009-03-25 19:41:09 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-03-25 19:40:41 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-03-25 19:40:41 ----A---- C:\WINDOWS\system32\HAL.DLL
2009-03-25 19:40:40 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-03-21 09:55:49 ----D---- C:\Program Files\Microsoft
2009-03-21 09:54:13 ----D---- C:\Program Files\Windows Live SkyDrive
2009-03-21 09:42:55 ----D---- C:\Program Files\Common Files\Windows Live
2009-03-12 03:02:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-12 03:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-12 03:00:53 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-03-11 19:54:11 ----A---- C:\WINDOWS\system32\MFC71.dll
2009-03-11 19:54:11 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-03-11 19:54:07 ----D---- C:\Program Files\Alwil Software

======List of files/folders modified in the last 1 months======

2009-03-31 20:26:04 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-31 20:12:57 ----D---- C:\Program Files\Mozilla Firefox
2009-03-31 20:04:15 ----D---- C:\Documents and Settings\Christina\Application Data\OnlineArmor
2009-03-31 20:03:51 ----D---- C:\WINDOWS\temp
2009-03-31 20:02:45 ----D---- C:\WINDOWS
2009-03-31 19:59:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-31 03:01:11 ----HD---- C:\WINDOWS\inf
2009-03-30 20:50:53 ----A---- C:\WINDOWS\ntbtlog.txt
2009-03-27 19:18:59 ----D---- C:\WINDOWS\security
2009-03-27 19:13:42 ----D---- C:\WINDOWS\system32
2009-03-27 19:13:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-27 18:00:33 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-03-27 18:00:32 ----D---- C:\WINDOWS\system32\CatRoot
2009-03-27 17:58:05 ----D---- C:\WINDOWS\WinSxS
2009-03-27 17:57:53 ----D---- C:\Program Files\Messenger
2009-03-27 17:57:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-03-27 17:57:51 ----D---- C:\WINDOWS\ServicePackFiles
2009-03-27 17:57:45 ----D---- C:\WINDOWS\system32\wbem
2009-03-27 17:57:45 ----D---- C:\WINDOWS\system32\Setup
2009-03-27 17:57:43 ----D---- C:\WINDOWS\network diagnostic
2009-03-27 17:57:43 ----D---- C:\WINDOWS\ime
2009-03-27 17:57:43 ----D---- C:\WINDOWS\AppPatch
2009-03-27 17:57:42 ----D---- C:\WINDOWS\Help
2009-03-27 17:57:17 ----D---- C:\WINDOWS\system32\usmt
2009-03-27 17:57:17 ----D---- C:\WINDOWS\system32\en-us
2009-03-27 17:57:15 ----D---- C:\WINDOWS\system32\scripting
2009-03-27 17:57:09 ----D---- C:\WINDOWS\l2schemas
2009-03-27 17:57:09 ----D---- C:\Program Files\Internet Explorer
2009-03-27 17:57:07 ----D---- C:\WINDOWS\system32\en
2009-03-27 17:57:07 ----D---- C:\WINDOWS\system32\bits
2009-03-27 17:57:07 ----D---- C:\WINDOWS\peernet
2009-03-27 17:57:06 ----D---- C:\Program Files\Movie Maker
2009-03-27 17:51:25 ----D---- C:\WINDOWS\system32\Restore
2009-03-27 17:51:25 ----D---- C:\WINDOWS\system32\npp
2009-03-27 17:51:22 ----D---- C:\WINDOWS\msagent
2009-03-27 17:51:19 ----D---- C:\WINDOWS\srchasst
2009-03-27 17:51:16 ----D---- C:\Program Files\NetMeeting
2009-03-27 17:51:13 ----D---- C:\WINDOWS\system32\Com
2009-03-27 17:51:08 ----D---- C:\Program Files\Windows Media Player
2009-03-27 17:51:07 ----D---- C:\Program Files\Windows NT
2009-03-27 17:51:06 ----D---- C:\Program Files\Outlook Express
2009-03-27 17:51:02 ----D---- C:\Program Files\Common Files\System
2009-03-27 17:50:40 ----RSD---- C:\WINDOWS\Fonts
2009-03-27 17:50:37 ----D---- C:\WINDOWS\system32\oobe
2009-03-27 17:50:33 ----D---- C:\WINDOWS\system
2009-03-27 17:46:56 ----D---- C:\WINDOWS\system32\drivers
2009-03-27 17:43:44 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-03-27 17:36:16 ----D---- C:\WINDOWS\EHome
2009-03-27 17:12:24 ----HD---- C:\$AVG8.VAULT$
2009-03-27 17:08:30 ----D---- C:\Program Files\RealArcade
2009-03-25 21:59:43 ----A---- C:\WINDOWS\imsins.BAK
2009-03-25 20:08:32 ----SD---- C:\WINDOWS\Tasks
2009-03-25 19:18:16 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg8
2009-03-21 10:40:01 ----SHD---- C:\WINDOWS\Installer
2009-03-21 10:40:01 ----HD---- C:\Config.Msi
2009-03-21 09:59:49 ----D---- C:\Program Files\Windows Live
2009-03-21 09:55:49 ----D---- C:\Program Files
2009-03-21 09:54:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-03-21 09:42:55 ----D---- C:\Program Files\Common Files
2009-03-21 09:42:54 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
2009-03-12 19:05:40 ----D---- C:\WINDOWS\Registration
2009-03-12 19:05:12 ----D---- C:\Program Files\ComPlus Applications
2009-03-12 19:03:30 ----D---- C:\Program Files\Google
2009-03-12 03:12:38 ----D---- C:\WINDOWS\system32\config
2009-03-12 03:05:35 ----A---- C:\WINDOWS\win.ini
2009-03-11 06:32:31 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-02-04 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-04 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-02-04 107272]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 OADevice;OADriver; \??\C:\WINDOWS\system32\drivers\OADriver.sys []
R1 OAmon;OAmon; \??\C:\WINDOWS\system32\drivers\OAmon.sys []
R1 OAnet;OAnet; \??\C:\WINDOWS\system32\drivers\OAnet.sys []
R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 BCMModem;BCM V.92 56K Modem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [2003-08-29 1101696]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2003-03-04 145408]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-07-16 12160]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-05-06 580992]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
S3 bvrp_pci;bvrp_pci; \??\C:\WINDOWS\System32\drivers\bvrp_pci.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 OVT511Plus;Dual Mode USB Camera Plus; C:\WINDOWS\System32\Drivers\omcamvid.sys [2001-09-18 167816]
S3 P2k;Motorola USB Device; C:\WINDOWS\system32\DRIVERS\P2k.sys [2006-05-01 36480]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Motorola USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 usbsermptxp;Motorola USB Modem Driver for MPT XP; C:\WINDOWS\system32\DRIVERS\usbsermptxp.sys [2006-12-02 25600]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys []
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys []
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys []
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys []
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-02-04 903960]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-02-04 298264]
R2 OAcat;Online Armor Helper Service; C:\Program Files\Tall Emu\Online Armor\oacat.exe [2008-10-07 1402568]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2006-03-03 69632]
R2 SvcOnlineArmor;Online Armor; C:\Program Files\Tall Emu\Online Armor\oasrv.exe [2008-10-07 3321032]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-05-22 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-05 29744]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]

-----------------EOF-----------------
Logged

Offline GR@PH;<'S

  • Administrator
  • Hero Member
  • *****
  • Posts: 15651
    • http://www.taktmobiles.co.uk
Re: I think I might have another virus?!
« Reply #3 on: April 01, 2009, 11:43:33 PM »
cbfr,
I see you still are using XP SP2 you will need to download SP3 However you may need to get your PC running cleaner first
I noticed that your PC is a wash with multiple anti-virus / malwere programs I recomend that you only use one program of each type as running more than one can and will conflict with each other.
 After a reboot use microsoft updates to get all the critical updates.
then your Java is also out dated and need updating.
Also you ned to update your Adobe PDF Reader  to version 9 
Now can you please download JavaRa unzipping it and saving it to your desktop
Now
Double-click on JavaRa.exe to start the program.  (Windows Vista users Right-click JavaRa.exe > Select Run as Administrator)
Click on Remove Older Versions to remove older versions of Java.
A logfile will pop up. Please save it to a convenient location.
and post that log file here.
After doing that

 download Malwarebytes' Anti-Malware to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform Full scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. Please save it to a convenient location.
The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
then please download HijackThis  choose "Save" and navigate to the folder where it´s saved and doubleclick upon it.
This is a complete installer that installs Hijackthis onto your computer to C:\Program Files\HijackThis and makes an entry in the start menu & allows you to have a shortcut on desktop
then Doubleclick the HJT icon on your desktop, hit "Do a system scan and save logfile". Save the logfile and a txt-file will be produced.. Copy that one and paste it here.


GR@PH;<'S   
Logged
press Enter then have a Brandy then if the problem is still there have another Brandy
Q: does it work
A: It does seem to for a few hours at least.

Offline Paddy

  • LandzDown Team
  • Hero Member
  • *****
  • Posts: 1376
Re: I think I might have another virus?!
« Reply #4 on: April 01, 2009, 11:47:20 PM »
Can you also delete/ uninstall Lime wire please .. Then you can put it back on after you are seen to be  clean if you so wish..

C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:LimeWire"


Or we just might back to square one if it is infections ..

Paddy..
Logged
This is one race of people for whom psychoanalysis is of no use whatsoever - Sigmund Freud (about the Irish)

Never argue with a fool, they will lower you to their level and then beat you with experience.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 11540
  • "Stronger than the past, united in our goal."
    • Security Garden
Re: I think I might have another virus?!
« Reply #5 on: April 02, 2009, 12:35:56 AM »
Hi, cbfr.

Before you do the above, let's do some heavy cleanup.  There's some heavy duty stuff going on there.

Please follow these instructions carefully.

Download ComboFix from one of the following locations:

Link 1
Link 2
Link 3

!!! IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications. If not disabled, these programs will likely interfere with cleanup process. This can usually be accomplished by a right-click on the icon in the System Tray.  This can usually be accomplished by a right-click on the icon in the System Tray. 

Note:  If you use AVG, you must also open the AVG 8 Control Center, by right clicking on the AVG 8 icon on task bar as well as the following:
  • Click on Tools.
  • Select Advanced Settings.
  • In the left hand pane, scroll down to "Resident Shield".
  • In the main pane, deselect the option to "Enable Resident Shield."
  • To re-enable AVG 8, please select "Enable Resident Shield" again.

Now, please run ComboFix:
  • Double-click ComboFix.exe on your desktop and follow the prompts.
  • As part of the process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it is strongly recommended to have this pre-installed on your machine before doing any malware removal. The Recovery Console will allow you to start up the computer in a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    Please note: If the Microsoft Windows Recovery Console is already installed on the computer, ComboFix will continue the malware removal procedures.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console.
  • When prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

  • After the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

  • Click "Yes" to continue scanning for malware.
  • When finished, a log will be produced. Please include the C:\ComboFix.txt in your next reply along with a fresh HijackThis log.

Logged
,  

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline cbfr

  • Newbie
  • *
  • Posts: 26
Re: I think I might have another virus?!
« Reply #6 on: April 08, 2009, 01:16:19 AM »
Hi  Corrine

Please see the ComboFix Log;

ComboFix 09-04-04.01 - Christina 2009-04-07 20:51:01.3 - NTFSx86
Running from: c:\documents and settings\Christina\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\system32\_003728_.tmp.dll
c:\windows\system32\_003729_.tmp.dll
c:\windows\system32\_003730_.tmp.dll
c:\windows\system32\_003731_.tmp.dll
c:\windows\system32\_003738_.tmp.dll
c:\windows\system32\_003739_.tmp.dll
c:\windows\system32\_003740_.tmp.dll
c:\windows\system32\_003741_.tmp.dll
c:\windows\system32\_003742_.tmp.dll
c:\windows\system32\_003743_.tmp.dll
c:\windows\system32\_003744_.tmp.dll
c:\windows\system32\_003745_.tmp.dll
c:\windows\system32\_003746_.tmp.dll
c:\windows\system32\_003747_.tmp.dll
c:\windows\system32\_003748_.tmp.dll
c:\windows\system32\_003749_.tmp.dll
c:\windows\system32\_003750_.tmp.dll
c:\windows\system32\_003751_.tmp.dll
c:\windows\system32\_003752_.tmp.dll
c:\windows\system32\_003753_.tmp.dll
c:\windows\system32\_003754_.tmp.dll
c:\windows\system32\_003755_.tmp.dll
c:\windows\system32\_003756_.tmp.dll
c:\windows\system32\_003757_.tmp.dll
c:\windows\system32\_003758_.tmp.dll
c:\windows\system32\_003761_.tmp.dll
c:\windows\system32\_003762_.tmp.dll
c:\windows\system32\_003763_.tmp.dll
c:\windows\system32\_003764_.tmp.dll
c:\windows\system32\_003765_.tmp.dll
c:\windows\system32\_003766_.tmp.dll
c:\windows\system32\_003767_.tmp.dll
c:\windows\system32\_003769_.tmp.dll
c:\windows\system32\_003770_.tmp.dll
c:\windows\system32\_003771_.tmp.dll
c:\windows\system32\_003772_.tmp.dll
c:\windows\system32\_003773_.tmp.dll
c:\windows\system32\_003774_.tmp.dll
c:\windows\system32\_003775_.tmp.dll
c:\windows\system32\_003776_.tmp.dll
c:\windows\system32\_003777_.tmp.dll
c:\windows\system32\_003778_.tmp.dll
c:\windows\system32\_003779_.tmp.dll
c:\windows\system32\_003782_.tmp.dll
c:\windows\system32\_003783_.tmp.dll
c:\windows\system32\_003784_.tmp.dll
c:\windows\system32\_003786_.tmp.dll
c:\windows\system32\_003787_.tmp.dll
c:\windows\system32\_003788_.tmp.dll
c:\windows\system32\_003789_.tmp.dll
c:\windows\system32\_003790_.tmp.dll
c:\windows\system32\_003791_.tmp.dll
c:\windows\system32\_003792_.tmp.dll
c:\windows\system32\_003793_.tmp.dll
c:\windows\system32\_003794_.tmp.dll
c:\windows\system32\_003795_.tmp.dll
c:\windows\system32\_003797_.tmp.dll
c:\windows\system32\_003798_.tmp.dll
c:\windows\system32\_003799_.tmp.dll
c:\windows\system32\_003800_.tmp.dll
c:\windows\system32\_003802_.tmp.dll
c:\windows\system32\_003804_.tmp.dll
c:\windows\system32\_003805_.tmp.dll
c:\windows\system32\_003806_.tmp.dll
c:\windows\system32\_003807_.tmp.dll
c:\windows\system32\_003808_.tmp.dll
c:\windows\system32\_003809_.tmp.dll
c:\windows\system32\_003810_.tmp.dll
c:\windows\system32\_003812_.tmp.dll
c:\windows\system32\_003813_.tmp.dll
c:\windows\system32\_003814_.tmp.dll
c:\windows\system32\_003815_.tmp.dll
c:\windows\system32\_003816_.tmp.dll
c:\windows\system32\_003817_.tmp.dll
c:\windows\system32\_003818_.tmp.dll
c:\windows\system32\_003819_.tmp.dll
c:\windows\system32\_003821_.tmp.dll
c:\windows\system32\_003822_.tmp.dll
c:\windows\system32\_003823_.tmp.dll
c:\windows\system32\_003824_.tmp.dll
c:\windows\system32\_003825_.tmp.dll
c:\windows\system32\_003827_.tmp.dll
c:\windows\system32\_003828_.tmp.dll
c:\windows\system32\_003832_.tmp.dll
c:\windows\system32\_003833_.tmp.dll
c:\windows\system32\_003835_.tmp.dll
c:\windows\system32\_003838_.tmp.dll
c:\windows\system32\_003840_.tmp.dll
c:\windows\system32\_003841_.tmp.dll
c:\windows\system32\_003842_.tmp.dll
c:\windows\system32\_003843_.tmp.dll
c:\windows\system32\_003846_.tmp.dll
c:\windows\system32\_003847_.tmp.dll
c:\windows\system32\_003848_.tmp.dll
c:\windows\system32\_003849_.tmp.dll
c:\windows\system32\_003850_.tmp.dll
c:\windows\system32\_003855_.tmp.dll
c:\windows\system32\_003857_.tmp.dll
c:\windows\system32\_003858_.tmp.dll
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
(((((((((((((((((((((((((   Files Created from 2009-03-08 to 2009-04-08  )))))))))))))))))))))))))))))))
.

2009-04-02 06:53 . 2009-04-02 06:53   <DIR>   d--------   c:\program files\Adobe Media Player
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Kodak
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Common Files\Scanner
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Common Files\Authentium
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Bonjour
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Bell
2009-04-01 21:21 . 2001-01-12 16:10   6,550   --a------   c:\windows\jautoexp.dat
2009-03-25 19:41 . 2009-02-09 06:19   1,846,272   --a------   c:\windows\system32\win32k.sys
2009-03-25 19:40 . 2008-08-14 06:00   2,180,352   --a------   c:\windows\system32\ntoskrnl.exe
2009-03-21 20:45 . 2009-04-02 06:50   <DIR>   d--------   c:\documents and settings\Christina\Tracing
2009-03-21 15:39 . 2009-04-02 06:50   <DIR>   d--------   c:\documents and settings\Anita\Tracing
2009-03-21 09:42 . 2009-03-21 09:42   <DIR>   d--------   c:\program files\Common Files\Windows Live
2009-03-11 19:54 . 2009-03-11 19:54   <DIR>   d--------   c:\program files\Alwil Software

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-07 23:22   ---------   d-----w   c:\documents and settings\Christina\Application Data\OnlineArmor
2009-04-07 08:42   ---------   d-----w   c:\documents and settings\Anita\Application Data\OnlineArmor
2009-04-06 01:11   ---------   d-----w   c:\documents and settings\Christina\Application Data\Image Zone Express
2009-04-02 10:53   ---------   d-----w   c:\documents and settings\All Users.WINDOWS\Application Data\avg8
2009-04-02 01:21   155,995   ----a-w   c:\windows\java\Packages\QFDN1BTV.ZIP
2009-03-27 21:08   ---------   d-----w   c:\program files\RealArcade
2009-03-21 13:59   ---------   d-----w   c:\program files\Windows Live
2009-03-12 23:03   ---------   d-----w   c:\program files\Google
2009-02-24 11:24   ---------   d-----w   c:\program files\FrostWire
2009-02-10 15:31   ---------   d---a-w   c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-02-10 14:30   ---------   d-----w   c:\documents and settings\Anita\Application Data\Skip-Bo
2009-02-04 13:40   10,520   ----a-w   c:\windows\system32\avgrsstx.dll
2008-02-29 20:46   0   -c--a-w   c:\program files\temp01
2008-02-25 22:26   32   ----a-w   c:\documents and settings\All Users.WINDOWS\Application Data\ezsid.dat
2007-01-30 15:16   28,952   ----a-w   c:\documents and settings\Anita\Application Data\GDIPFONTCACHEV1.DAT
2007-01-09 00:50   28,952   ----a-w   c:\documents and settings\Christina\Application Data\GDIPFONTCACHEV1.DAT
2006-04-12 09:26   774,144   ----a-w   c:\program files\RngInterstitial.dll
2009-01-06 00:56   122,880   ----a-w   c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((   snapshot@2008-11-16_17.23.03.73   )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-03 09:57:49   247,326   ----a-w   c:\windows\$hf_mig$\KB954600\SP2QFE\strmdll.dll
+ 2008-10-03 10:02:42   247,326   ----a-w   c:\windows\$hf_mig$\KB954600\SP3GDR\strmdll.dll
+ 2008-10-03 09:49:31   247,326   ----a-w   c:\windows\$hf_mig$\KB954600\SP3QFE\strmdll.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB954600\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB954600\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB954600\update\spcustom.dll
+ 2007-11-30 11:18:51   755,576   ----a-w   c:\windows\$hf_mig$\KB954600\update\update.exe
+ 2007-11-30 11:18:51   382,840   ----a-w   c:\windows\$hf_mig$\KB954600\update\updspapi.dll
+ 2008-10-22 09:47:25   62,976   ----a-w   c:\windows\$hf_mig$\KB955839\SP2QFE\tzchange.exe
+ 2008-10-23 10:06:59   62,976   ----a-w   c:\windows\$hf_mig$\KB955839\SP3GDR\tzchange.exe
+ 2008-10-23 10:17:49   62,976   ----a-w   c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB955839\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB955839\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB955839\update\spcustom.dll
+ 2007-11-30 12:39:22   755,576   ----a-w   c:\windows\$hf_mig$\KB955839\update\update.exe
+ 2007-11-30 12:39:22   382,840   ----a-w   c:\windows\$hf_mig$\KB955839\update\updspapi.dll
+ 2008-10-23 12:51:04   284,160   ----a-w   c:\windows\$hf_mig$\KB956802\SP2QFE\gdi32.dll
+ 2008-10-23 12:36:14   286,720   ----a-w   c:\windows\$hf_mig$\KB956802\SP3GDR\gdi32.dll
+ 2008-10-23 12:43:42   286,720   ----a-w   c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll
+ 2008-07-08 13:02:01   17,272   ----a-w   c:\windows\$hf_mig$\KB956802\spmsg.dll
+ 2008-07-08 13:02:02   231,288   ----a-w   c:\windows\$hf_mig$\KB956802\spuninst.exe
+ 2008-07-08 13:02:01   26,488   ----a-w   c:\windows\$hf_mig$\KB956802\update\spcustom.dll
+ 2008-07-09 07:38:29   755,576   ----a-w   c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB956802\update\updspapi.dll
+ 2008-10-16 01:00:11   3,067,904   ----a-w   c:\windows\$hf_mig$\KB958215\SP3GDR\mshtml.dll
+ 2008-10-16 01:00:10   1,499,136   ----a-w   c:\windows\$hf_mig$\KB958215\SP3GDR\shdocvw.dll
+ 2008-10-16 01:00:11   619,520   ----a-w   c:\windows\$hf_mig$\KB958215\SP3GDR\urlmon.dll
+ 2008-10-16 01:00:11   666,112   ----a-w   c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll
+ 2008-10-16 11:34:08   3,067,904   ----a-w   c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll
+ 2008-10-16 01:04:06   1,499,136   ----a-w   c:\windows\$hf_mig$\KB958215\SP3QFE\shdocvw.dll
+ 2008-10-16 01:04:06   620,032   ----a-w   c:\windows\$hf_mig$\KB958215\SP3QFE\urlmon.dll
+ 2008-10-16 01:04:06   667,136   ----a-w   c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB958215\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB958215\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB958215\update\spcustom.dll
+ 2007-11-30 12:39:22   755,576   ----a-w   c:\windows\$hf_mig$\KB958215\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB958215\update\updspapi.dll
+ 2008-12-11 10:24:44   333,184   ----a-w   c:\windows\$hf_mig$\KB958687\SP2QFE\srv.sys
+ 2008-12-11 10:57:09   333,952   ----a-w   c:\windows\$hf_mig$\KB958687\SP3GDR\srv.sys
+ 2008-12-11 12:33:59   333,952   ----a-w   c:\windows\$hf_mig$\KB958687\SP3QFE\srv.sys
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB958687\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB958687\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB958687\update\spcustom.dll
+ 2007-11-30 11:18:51   755,576   ----a-w   c:\windows\$hf_mig$\KB958687\update\update.exe
+ 2007-11-30 11:18:51   382,840   ----a-w   c:\windows\$hf_mig$\KB958687\update\updspapi.dll
+ 2009-02-09 10:20:05   1,847,424   ----a-w   c:\windows\$hf_mig$\KB958690\SP2QFE\win32k.sys
+ 2009-02-09 11:13:27   1,846,784   ----a-w   c:\windows\$hf_mig$\KB958690\SP3GDR\win32k.sys
+ 2009-02-09 11:08:53   1,847,552   ----a-w   c:\windows\$hf_mig$\KB958690\SP3QFE\win32k.sys
+ 2008-07-09 07:38:24   17,272   ----a-w   c:\windows\$hf_mig$\KB958690\spmsg.dll
+ 2008-07-09 07:38:25   231,288   ----a-w   c:\windows\$hf_mig$\KB958690\spuninst.exe
+ 2008-07-09 07:38:24   26,488   ----a-w   c:\windows\$hf_mig$\KB958690\update\spcustom.dll
+ 2008-07-09 07:38:29   755,576   ----a-w   c:\windows\$hf_mig$\KB958690\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB958690\update\updspapi.dll
+ 2008-12-05 06:41:26   144,896   ----a-w   c:\windows\$hf_mig$\KB960225\SP2QFE\schannel.dll
+ 2008-12-05 06:54:55   144,896   ----a-w   c:\windows\$hf_mig$\KB960225\SP3GDR\schannel.dll
+ 2008-12-05 06:58:08   144,896   ----a-w   c:\windows\$hf_mig$\KB960225\SP3QFE\schannel.dll
+ 2007-11-30 11:18:51   17,272   ----a-w   c:\windows\$hf_mig$\KB960225\spmsg.dll
+ 2007-11-30 11:18:51   231,288   ----a-w   c:\windows\$hf_mig$\KB960225\spuninst.exe
+ 2007-11-30 11:18:51   26,488   ----a-w   c:\windows\$hf_mig$\KB960225\update\spcustom.dll
+ 2007-11-30 12:39:22   755,576   ----a-w   c:\windows\$hf_mig$\KB960225\update\update.exe
+ 2007-11-30 12:39:22   382,840   ----a-w   c:\windows\$hf_mig$\KB960225\update\updspapi.dll
+ 2008-12-12 17:01:00   3,067,904   ----a-w   c:\windows\$hf_mig$\KB960714\SP3GDR\mshtml.dll
+ 2008-12-12 17:14:50   3,067,904   ----a-w   c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB960714\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB960714\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB960714\update\spcustom.dll
+ 2008-07-09 07:38:29   755,576   ----a-w   c:\windows\$hf_mig$\KB960714\update\update.exe
+ 2007-11-30 11:18:51   382,840   ----a-w   c:\windows\$hf_mig$\KB960714\update\updspapi.dll
+ 2008-07-09 07:38:24   17,272   ----a-w   c:\windows\$hf_mig$\KB960715\spmsg.dll
+ 2008-07-09 07:38:25   231,288   ----a-w   c:\windows\$hf_mig$\KB960715\spuninst.exe
+ 2008-07-09 07:38:24   26,488   ----a-w   c:\windows\$hf_mig$\KB960715\update\spcustom.dll
+ 2008-11-15 17:18:04   755,576   ----a-w   c:\windows\$hf_mig$\KB960715\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB960715\update\updspapi.dll
+ 2008-06-17 19:02:19   8,461,312   ----a-w   c:\windows\$hf_mig$\KB967715\SP3GDR\shell32.dll
+ 2008-06-17 19:04:34   8,461,824   ----a-w   c:\windows\$hf_mig$\KB967715\SP3QFE\shell32.dll
+ 2008-07-09 07:38:24   17,272   ----a-w   c:\windows\$hf_mig$\KB967715\spmsg.dll
+ 2008-07-09 07:38:25   231,288   ----a-w   c:\windows\$hf_mig$\KB967715\spuninst.exe
+ 2008-07-09 07:38:24   26,488   ----a-w   c:\windows\$hf_mig$\KB967715\update\spcustom.dll
+ 2008-07-09 07:38:29   755,576   ----a-w   c:\windows\$hf_mig$\KB967715\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB967715\update\updspapi.dll
+ 2006-10-19 01:03:58   100,864   -c----w   c:\windows\$NtUninstallKB952069_WM9$\logagent.exe
+ 2007-07-27 14:41:48   231,288   -c----w   c:\windows\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe
+ 2007-07-27 14:41:48   382,840   -c----w   c:\windows\$NtUninstallKB952069_WM9$\spuninst\updspapi.dll
+ 2006-10-19 02:47:20   937,984   -c----w   c:\windows\$NtUninstallKB952069_WM9$\wmnetmgr.dll
+ 2006-10-19 02:47:22   2,450,944   -c----w   c:\windows\$NtUninstallKB952069_WM9$\wmvcore.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51   382,840   -c----w   c:\windows\$NtUninstallKB954600$\spuninst\updspapi.dll
+ 2006-08-21 14:52:08   246,814   -c----w   c:\windows\$NtUninstallKB954600$\strmdll.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB955839$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22   382,840   -c----w   c:\windows\$NtUninstallKB955839$\spuninst\updspapi.dll
+ 2008-07-14 11:09:18   62,976   -c----w   c:\windows\$NtUninstallKB955839$\tzchange.exe
+ 2008-02-20 06:51:05   282,624   -c----w   c:\windows\$NtUninstallKB956802$\gdi32.dll
+ 2008-07-08 13:02:02   231,288   -c----w   c:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB956802$\spuninst\updspapi.dll
+ 2008-08-20 05:33:19   1,024,000   -c----w   c:\windows\$NtUninstallKB958215$\browseui.dll
+ 2008-08-20 05:33:17   151,040   -c----w   c:\windows\$NtUninstallKB958215$\cdfview.dll
+ 2008-08-20 05:33:18   1,054,208   -c----w   c:\windows\$NtUninstallKB958215$\danim.dll
+ 2008-08-20 05:33:18   357,888   -c----w   c:\windows\$NtUninstallKB958215$\dxtmsft.dll
+ 2008-08-20 05:33:18   205,312   -c----w   c:\windows\$NtUninstallKB958215$\dxtrans.dll
+ 2008-08-20 05:33:18   55,808   -c----w   c:\windows\$NtUninstallKB958215$\extmgr.dll
+ 2008-08-19 09:38:57   18,432   -c----w   c:\windows\$NtUninstallKB958215$\iedw.exe
+ 2008-08-20 05:33:18   251,904   -c----w   c:\windows\$NtUninstallKB958215$\iepeers.dll
+ 2008-08-20 05:33:18   96,256   -c----w   c:\windows\$NtUninstallKB958215$\inseng.dll
+ 2008-08-20 05:33:19   16,384   -c----w   c:\windows\$NtUninstallKB958215$\jsproxy.dll
+ 2008-08-20 05:33:20   3,067,392   -c----w   c:\windows\$NtUninstallKB958215$\mshtml.dll
+ 2008-08-20 05:33:19   449,024   -c----w   c:\windows\$NtUninstallKB958215$\mshtmled.dll
+ 2008-08-20 05:33:18   146,432   -c----w   c:\windows\$NtUninstallKB958215$\msrating.dll
+ 2008-08-20 05:33:18   532,480   -c----w   c:\windows\$NtUninstallKB958215$\mstime.dll
+ 2008-08-20 05:33:18   39,424   -c----w   c:\windows\$NtUninstallKB958215$\pngfilt.dll
+ 2008-08-20 05:33:19   1,499,136   -c----w   c:\windows\$NtUninstallKB958215$\shdocvw.dll
+ 2008-08-20 05:33:19   474,112   -c----w   c:\windows\$NtUninstallKB958215$\shlwapi.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB958215$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB958215$\spuninst\updspapi.dll
+ 2008-08-20 05:33:19   619,008   -c----w   c:\windows\$NtUninstallKB958215$\urlmon.dll
+ 2008-08-20 05:33:19   667,648   -c----w   c:\windows\$NtUninstallKB958215$\wininet.dll
+ 2008-08-19 09:20:32   351,744   -c----w   c:\windows\$NtUninstallKB958215$\xpsp3res.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51   382,840   -c----w   c:\windows\$NtUninstallKB958687$\spuninst\updspapi.dll
+ 2008-08-28 10:04:17   333,056   -c----w   c:\windows\$NtUninstallKB958687$\srv.sys
+ 2008-07-09 07:38:25   231,288   -c----w   c:\windows\$NtUninstallKB958690$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB958690$\spuninst\updspapi.dll
+ 2008-09-15 11:57:41   1,846,016   -c----w   c:\windows\$NtUninstallKB958690$\win32k.sys
+ 2007-07-27 13:41:48   231,288   -c----w   c:\windows\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe
+ 2007-07-27 13:41:48   382,840   -c----w   c:\windows\$NtUninstallKB959772_WM11$\spuninst\updspapi.dll
+ 2007-06-12 03:51:12   10,834,944   -c----w   c:\windows\$NtUninstallKB959772_WM11$\wmp.dll
+ 2007-04-25 14:21:15   144,896   -c----w   c:\windows\$NtUninstallKB960225$\schannel.dll
+ 2007-11-30 11:18:51   231,288   -c----w   c:\windows\$NtUninstallKB960225$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22   382,840   -c----w   c:\windows\$NtUninstallKB960225$\spuninst\updspapi.dll
+ 2008-10-16 10:20:56   3,067,392   -c----w   c:\windows\$NtUninstallKB960714$\mshtml.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB960714$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51   382,840   -c----w   c:\windows\$NtUninstallKB960714$\spuninst\updspapi.dll
+ 2008-07-09 07:38:25   231,288   -c----w   c:\windows\$NtUninstallKB960715$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB960715$\spuninst\updspapi.dll
+ 2007-10-26 03:34:01   8,460,288   -c----w   c:\windows\$NtUninstallKB967715$\shell32.dll
+ 2008-07-09 07:38:25   231,288   -c----w   c:\windows\$NtUninstallKB967715$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB967715$\spuninst\updspapi.dll
+ 2006-10-04 14:05:26   39,424   ----a-w   c:\windows\AppPatch\acadproc(2).dll
+ 2006-10-04 14:05:26   39,424   ----a-w   c:\windows\AppPatch\acadproc(3).dll
+ 2006-10-04 14:05:26   39,424   ----a-w   c:\windows\AppPatch\acadproc(4).dll
+ 2006-10-04 14:05:26   39,424   ----a-w   c:\windows\AppPatch\acadproc(5).dll
+ 2004-08-04 07:56:41   1,852,416   ----a-w   c:\windows\AppPatch\acgenral(3).dll
+ 2004-08-04 07:56:41   1,852,416   ----a-w   c:\windows\AppPatch\acgenral(4).dll
- 2005-10-21 01:02:28   163,328   ----a-w   c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
+ 2005-10-21 00:02:28   163,328   ----a-w   c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
- 2005-10-21 01:02:28   163,328   ----a-w   c:\windows\ERDNT\subs\ERDNT.EXE
+ 2005-10-21 00:02:28   163,328   ----a-w   c:\windows\ERDNT\subs\ERDNT.EXE
+ 2007-06-13 10:23:07   1,033,216   ----a-w   c:\windows\explorer(2).exe
+ 2007-06-13 10:23:07   1,033,216   ----a-w   c:\windows\explorer(3).exe
+ 2007-06-13 10:23:07   1,033,216   ----a-w   c:\windows\explorer(4).exe
- 2000-08-31 13:00:00   89,504   ----a-w   c:\windows\fdsv.exe
+ 2000-08-31 12:00:00   89,504   ----a-w   c:\windows\fdsv.exe
- 2000-08-31 13:00:00   80,412   ----a-w   c:\windows\grep.exe
+ 2000-08-31 12:00:00   80,412   ----a-w   c:\windows\grep.exe
- 2008-11-12 23:01:50   593,920   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-04-03 07:06:58   593,920   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-11-12 23:01:50   12,288   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-04-03 07:06:58   12,288   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-11-12 23:01:50   86,016   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-04-03 07:06:58   86,016   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-11-12 23:01:50   135,168   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-04-03 07:06:58   135,168   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-11-12 23:01:50   11,264   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-04-03 07:06:58   11,264   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-11-12 23:01:50   27,136   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-04-03 07:06:58   27,136   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-11-12 23:01:50   4,096   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-04-03 07:06:58   4,096   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-11-12 23:01:50   794,624   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-04-03 07:06:59   794,624   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-11-12 23:01:50   249,856   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-04-03 07:06:58   249,856   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-11-12 23:01:50   61,440   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-04-03 07:06:58   61,440   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-11-12 23:01:50   23,040   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-04-03 07:06:59   23,040   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-11-12 23:01:50   286,720   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-04-03 07:06:58   286,720   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-11-12 23:01:50   409,600   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-04-03 07:06:57   409,600   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-11-12 23:02:08   35,600   ----a-r   c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-12-10 08:15:02   35,600   ----a-r   c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-11-20 01:48:13   295,606   ----a-r   c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81300000003}\SC_Reader.exe
+ 2009-01-05 21:52:55   173,430   ----a-r   c:\windows\Installer\{B7F98125-4955-41E3-8A71-4CE11CE9C198}\KGUSNewShortcut2_B7F98125495541E38A714CE11CE9C198.exe
+ 2009-01-05 21:52:55   173,430   ----a-r   c:\windows\Installer\{B7F98125-4955-41E3-8A71-4CE11CE9C198}\KGUSNewShortcut3_B7F98125495541E38A714CE11CE9C198.exe
+ 2009-04-02 01:21:58   2,232   ----a-w   c:\windows\java\Packages\Data\57FR7JBJ.DAT
+ 2009-04-02 01:21:29   2,678   ----a-w   c:\windows\java\Packages\Data\8KCG9J13.DAT
+ 2009-04-02 01:21:49   2,678   ----a-w   c:\windows\java\Packages\Data\HVB3RNJ1.DAT
+ 2009-04-02 01:21:30   2,678   ----a-w   c:\windows\java\Packages\Data\KCZFN93F.DAT
+ 2009-04-02 01:21:31   2,678   ----a-w   c:\windows\java\Packages\Data\R5R7RHNJ.DAT
+ 2009-04-02 01:21:33   2,678   ----a-w   c:\windows\java\Packages\Data\RZBDF7V7.DAT
- 2000-08-31 13:00:00   28,672   ----a-w   c:\windows\nircmd.exe
+ 2000-08-31 12:00:00   29,696   ----a-w   c:\windows\nircmd.exe
+ 2004-08-04 07:56:44   38,912   ----a-w   c:\windows\PCHealth\HelpCtr\Binaries\pchsvc(2).dll
+ 2004-08-04 07:56:44   38,912   ----a-w   c:\windows\PCHealth\HelpCtr\Binaries\pchsvc(3).dll
+ 2004-08-04 07:56:44   38,912   ----a-w   c:\windows\PCHealth\HelpCtr\Binaries\pchsvc(4).dll
+ 2009-03-31 22:45:07   184,426   ----a-w   c:\windows\PCHealth\HelpCtr\Config\Cache\Personal_32_1033.dat
+ 2009-03-31 22:45:07   184,426   ----a-w   c:\windows\PCHealth\HelpCtr\Config\Cache\Personal_32_1033.dat.bak
- 2000-08-31 13:00:00   98,816   ----a-w   c:\windows\sed.exe
+ 2000-08-31 12:00:00   98,816   ----a-w   c:\windows\sed.exe
- 2004-08-04 08:07:21   1,788   ----a-w   c:\windows\ServicePackFiles\i386\dcache.bin
+ 2008-04-14 00:25:26   1,804   ----a-w   c:\windows\ServicePackFiles\i386\dcache.bin
- 2000-08-31 13:00:00   161,792   ----a-w   c:\windows\SWREG.exe
+ 2000-08-31 12:00:00   161,792   ----a-w   c:\windows\SWREG.exe
- 2000-08-31 13:00:00   136,704   ----a-w   c:\windows\SWSC.exe
+ 2000-08-31 12:00:00   136,704   ----a-w   c:\windows\SWSC.exe
- 2000-08-31 13:00:00   212,480   ----a-w   c:\windows\SWXCACLS.exe
+ 2000-08-31 12:00:00   212,480   ----a-w   c:\windows\SWXCACLS.exe
+ 2004-08-04 07:56:41   194,048   ----a-w   c:\windows\system32\activeds(2).dll
+ 2004-08-04 07:56:41   194,048   ----a-w   c:\windows\system32\activeds(3).dll
+ 2004-08-04 07:56:41   194,048   ----a-w   c:\windows\system32\activeds(4).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\actxprxy(2).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\actxprxy(3).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\actxprxy(4).dll
+ 2004-08-04 07:56:41   143,360   ----a-w   c:\windows\system32\adsldpc(2).dll
+ 2004-08-04 07:56:41   143,360   ----a-w   c:\windows\system32\adsldpc(3).dll
+ 2004-08-04 07:56:41   143,360   ----a-w   c:\windows\system32\adsldpc(4).dll
+ 2004-08-04 07:56:41   99,840   ----a-w   c:\windows\system32\advpack(2).dll
+ 2004-08-04 07:56:41   99,840   ----a-w   c:\windows\system32\advpack(3).dll
+ 2004-08-04 07:56:41   99,840   ----a-w   c:\windows\system32\advpack(4).dll
+ 2004-08-04 07:56:47   44,544   ----a-w   c:\windows\system32\alg(2).exe
+ 2004-08-04 07:56:47   44,544   ----a-w   c:\windows\system32\alg(3).exe
+ 2004-08-04 07:56:47   44,544   ----a-w   c:\windows\system32\alg(4).exe
+ 2004-08-04 07:56:41   65,024   ----a-w   c:\windows\system32\asycfilt(2).dll
+ 2004-08-04 07:56:41   65,024   ----a-w   c:\windows\system32\asycfilt(3).dll
+ 2004-08-04 07:56:41   65,024   ----a-w   c:\windows\system32\asycfilt(4).dll
+ 2004-08-04 07:56:41   58,880   ----a-w   c:\windows\system32\atl(2).dll
+ 2004-08-04 07:56:41   58,880   ----a-w   c:\windows\system32\atl(3).dll
+ 2004-08-04 07:56:41   58,880   ----a-w   c:\windows\system32\atl(4).dll
+ 2004-08-04 07:56:41   42,496   ----a-w   c:\windows\system32\audiosrv(2).dll
+ 2004-08-04 07:56:41   42,496   ----a-w   c:\windows\system32\audiosrv(3).dll
+ 2004-08-04 07:56:41   42,496   ----a-w   c:\windows\system32\audiosrv(4).dll
+ 2005-03-02 18:09:29   56,832   ----a-w   c:\windows\system32\authz(2).dll
+ 2005-03-02 18:09:29   56,832   ----a-w   c:\windows\system32\authz(3).dll
+ 2005-03-02 18:09:29   56,832   ----a-w   c:\windows\system32\authz(4).dll
+ 2004-08-04 07:56:41   28,672   ----a-w   c:\windows\system32\batmeter(2).dll
+ 2004-08-04 07:56:41   28,672   ----a-w   c:\windows\system32\batmeter(3).dll
+ 2004-08-04 07:56:41   28,672   ----a-w   c:\windows\system32\batmeter(4).dll
+ 2004-08-04 07:55:59   63,488   ----a-w   c:\windows\system32\browselc(2).dll
+ 2004-08-04 07:55:59   63,488   ----a-w   c:\windows\system32\browselc(3).dll
+ 2004-08-04 07:55:59   63,488   ----a-w   c:\windows\system32\browselc(4).dll
+ 2004-08-04 07:56:41   77,312   ----a-w   c:\windows\system32\browser(2).dll
+ 2004-08-04 07:56:41   77,312   ----a-w   c:\windows\system32\browser(3).dll
+ 2004-08-04 07:56:41   77,312   ----a-w   c:\windows\system32\browser(4).dll
+ 2008-10-16 10:20:52   1,024,000   ----a-w   c:\windows\system32\browseui(2).dll
+ 2008-10-16 10:20:52   1,024,000   ----a-w   c:\windows\system32\browseui(3).dll
+ 2008-10-16 10:20:52   1,024,000   ----a-w   c:\windows\system32\browseui(4).dll
- 2008-08-20 05:33:19   1,024,000   ----a-w   c:\windows\system32\browseui.dll
+ 2008-10-16 10:20:52   1,024,000   ----a-w   c:\windows\system32\browseui.dll
+ 2004-08-04 07:56:41   59,904   ----a-w   c:\windows\system32\cabinet(2).dll
+ 2004-08-04 07:56:41   59,904   ----a-w   c:\windows\system32\cabinet(3).dll
+ 2004-08-04 07:56:41   59,904   ----a-w   c:\windows\system32\cabinet(4).dll
+ 2005-07-26 04:39:42   225,792   ----a-w   c:\windows\system32\catsrv(2).dll
+ 2005-07-26 04:39:42   225,792   ----a-w   c:\windows\system32\catsrv(3).dll
+ 2005-07-26 04:39:42   225,792   ----a-w   c:\windows\system32\catsrv(4).dll
+ 2005-07-26 04:39:43   625,152   ----a-w   c:\windows\system32\catsrvut(2).dll
+ 2005-07-26 04:39:43   625,152   ----a-w   c:\windows\system32\catsrvut(3).dll
+ 2005-07-26 04:39:43   625,152   ----a-w   c:\windows\system32\catsrvut(4).dll
- 2008-08-20 05:33:17   151,040   ----a-w   c:\windows\system32\cdfview.dll
+ 2008-10-16 10:20:42   151,040   ----a-w   c:\windows\system32\cdfview.dll
- 2008-07-19 02:10:48   94,920   ----a-w   c:\windows\system32\cdm.dll
+ 2008-10-16 19:09:44   92,696   ----a-w   c:\windows\system32\cdm.dll
+ 2004-08-04 07:56:41   194,560   ----a-w   c:\windows\system32\certcli(2).dll
+ 2004-08-04 07:56:41   194,560   ----a-w   c:\windows\system32\certcli(3).dll
+ 2004-08-04 07:56:41   194,560   ----a-w   c:\windows\system32\certcli(4).dll
+ 2004-08-04 07:56:00   16,896   ----a-w   c:\windows\system32\cfgmgr32(2).dll
+ 2004-08-04 07:56:00   16,896   ----a-w   c:\windows\system32\cfgmgr32(3).dll
+ 2004-08-04 07:56:00   16,896   ----a-w   c:\windows\system32\cfgmgr32(4).dll
+ 2005-07-26 04:39:43   498,688   ----a-w   c:\windows\system32\clbcatq(2).dll
+ 2005-07-26 04:39:43   498,688   ----a-w   c:\windows\system32\clbcatq(3).dll
+ 2005-07-26 04:39:43   498,688   ----a-w   c:\windows\system32\clbcatq(4).dll
+ 2004-08-04 07:56:41   57,856   ----a-w   c:\windows\system32\clusapi(2).dll
+ 2004-08-04 07:56:41   57,856   ----a-w   c:\windows\system32\clusapi(3).dll
+ 2004-08-04 07:56:41   57,856   ----a-w   c:\windows\system32\clusapi(4).dll
+ 2004-08-04 07:56:41   47,104   ----a-w   c:\windows\system32\cnbjmon(2).dll
+ 2004-08-04 07:56:41   47,104   ----a-w   c:\windows\system32\cnbjmon(3).dll
+ 2004-08-04 07:56:41   47,104   ----a-w   c:\windows\system32\cnbjmon(4).dll
+ 2005-07-26 04:39:43   60,416   ----a-w   c:\windows\system32\colbact(2).dll
+ 2005-07-26 04:39:43   60,416   ----a-w   c:\windows\system32\colbact(3).dll
+ 2005-07-26 04:39:43   60,416   ----a-w   c:\windows\system32\colbact(4).dll
+ 2004-08-04 07:56:41   792,064   ----a-w   c:\windows\system32\comres(2).dll
+ 2004-08-04 07:56:41   792,064   ----a-w   c:\windows\system32\comres(3).dll
+ 2004-08-04 07:56:41   792,064   ----a-w   c:\windows\system32\comres(4).dll
+ 2005-07-26 04:39:44   1,267,200   ----a-w   c:\windows\system32\comsvcs(2).dll
+ 2005-07-26 04:39:44   1,267,200   ----a-w   c:\windows\system32\comsvcs(3).dll
+ 2005-07-26 04:39:44   1,267,200   ----a-w   c:\windows\system32\comsvcs(4).dll
+ 2004-08-04 07:56:41   163,840   ----a-w   c:\windows\system32\credui(2).dll
+ 2004-08-04 07:56:41   163,840   ----a-w   c:\windows\system32\credui(3).dll
+ 2004-08-04 07:56:41   163,840   ----a-w   c:\windows\system32\credui(4).dll
+ 2004-08-04 07:56:41   597,504   ----a-w   c:\windows\system32\crypt32(2).dll
+ 2004-08-04 07:56:41   597,504   ----a-w   c:\windows\system32\crypt32(3).dll
+ 2004-08-04 07:56:41   597,504   ----a-w   c:\windows\system32\crypt32(4).dll
+ 2004-08-04 07:56:41   33,280   ----a-w   c:\windows\system32\cryptdll(2).dll
+ 2004-08-04 07:56:41   33,280   ----a-w   c:\windows\system32\cryptdll(3).dll
+ 2004-08-04 07:56:41   33,280   ----a-w   c:\windows\system32\cryptdll(4).dll
+ 2004-08-04 07:56:41   63,488   ----a-w   c:\windows\system32\cryptnet(2).dll
+ 2004-08-04 07:56:41   63,488   ----a-w   c:\windows\system32\cryptnet(3).dll
+ 2004-08-04 07:56:41   63,488   ----a-w   c:\windows\system32\cryptnet(4).dll
+ 2004-08-04 07:56:41   60,416   ----a-w   c:\windows\system32\cryptsvc(2).dll
+ 2004-08-04 07:56:41   60,416   ----a-w   c:\windows\system32\cryptsvc(3).dll
+ 2004-08-04 07:56:41   60,416   ----a-w   c:\windows\system32\cryptsvc(4).dll
+ 2004-08-04 07:56:41   512,512   ----a-w   c:\windows\system32\cryptui(2).dll
+ 2004-08-04 07:56:41   512,512   ----a-w   c:\windows\system32\cryptui(3).dll
+ 2004-08-04 07:56:41   512,512   ----a-w   c:\windows\system32\cryptui(4).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\cscdll(2).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\cscdll(3).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\cscdll(4).dll
+ 2004-08-04 07:56:41   326,656   ----a-w   c:\windows\system32\cscui(2).dll
+ 2004-08-04 07:56:41   326,656   ----a-w   c:\windows\system32\cscui(3).dll
+ 2004-08-04 07:56:41   326,656   ----a-w   c:\windows\system32\cscui(4).dll
+ 2004-08-04 07:56:48   6,144   ----a-w   c:\windows\system32\csrss(2).exe
+ 2004-08-04 07:56:48   6,144   ----a-w   c:\windows\system32\csrss(3).exe
+ 2004-08-04 07:56:48   6,144   ----a-w   c:\windows\system32\csrss(4).exe
+ 2004-08-04 07:56:48   15,360   ----a-w   c:\windows\system32\ctfmon(2).exe
+ 2004-08-04 07:56:48   15,360   ----a-w   c:\windows\system32\ctfmon(3).exe
+ 2004-08-04 07:56:48   15,360   ----a-w   c:\windows\system32\ctfmon(4).exe
+ 2008-12-26 18:34:50   4,012   ----a-w   c:\windows\system32\d3d9caps.dat
+ 2004-08-04 07:56:41   825,344   ----a-w   c:\windows\system32\d3dim700(2).dll
+ 2004-08-04 07:56:41   825,344   ----a-w   c:\windows\system32\d3dim700(3).dll
+ 2004-08-04 07:56:41   825,344   ----a-w   c:\windows\system32\d3dim700(4).dll
- 2008-08-20 05:33:18   1,054,208   ----a-w   c:\windows\system32\danim.dll
+ 2008-10-16 10:20:45   1,054,208   ----a-w   c:\windows\system32\danim.dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\davclnt(2).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\davclnt(3).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\davclnt(4).dll
+ 2004-08-04 07:56:42   640,000   ----a-w   c:\windows\system32\dbghelp(2).dll
+ 2004-08-04 07:56:42   640,000   ----a-w   c:\windows\system32\dbghelp(3).dll
+ 2004-08-04 07:56:42   640,000   ----a-w   c:\windows\system32\dbghelp(4).dll
- 2004-08-04 08:07:21   1,788   ----a-w   c:\windows\system32\dcache.bin
+ 2008-04-14 00:25:26   1,804   ----a-w   c:\windows\system32\dcache.bin
+ 2004-08-04 07:56:42   8,704   ----a-w   c:\windows\system32\dciman32(2).dll
+ 2004-08-04 07:56:42   8,704   ----a-w   c:\windows\system32\dciman32(3).dll
+ 2004-08-04 07:56:42   8,704   ----a-w   c:\windows\system32\dciman32(4).dll
+ 2004-08-04 07:56:42   266,240   ----a-w   c:\windows\system32\ddraw(2).dll
+ 2004-08-04 07:56:42   266,240   ----a-w   c:\windows\system32\ddraw(3).dll
+ 2004-08-04 07:56:42   266,240   ----a-w   c:\windows\system32\ddraw(4).dll
+ 2004-08-04 07:56:42   27,136   ----a-w   c:\windows\system32\ddrawex(2).dll
+ 2004-08-04 07:56:42   27,136   ----a-w   c:\windows\system32\ddrawex(3).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\devenum(2).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\devenum(3).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\devenum(4).dll
- 2008-08-20 05:33:19   1,024,000   -c--a-w   c:\windows\system32\dllcache\browseui.dll
+ 2008-10-16 10:20:52   1,024,000   -c--a-w   c:\windows\system32\dllcache\browseui.dll
- 2008-08-20 05:33:17   151,040   -c--a-w   c:\windows\system32\dllcache\cdfview.dll
+ 2008-10-16 10:20:42   151,040   -c--a-w   c:\windows\system32\dllcache\cdfview.dll
- 2008-07-19 02:10:48   94,920   -c--a-w   c:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 19:09:44   92,696   -c--a-w   c:\windows\system32\dllcache\cdm.dll
- 2008-08-20 05:33:18   1,054,208   -c--a-w   c:\windows\system32\dllcache\danim.dll
+ 2008-10-16 10:20:45   1,054,208   -c--a-w   c:\windows\system32\dllcache\danim.dll
- 2008-08-20 05:33:18   357,888   -c--a-w   c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 10:20:45   357,888   -c--a-w   c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-20 05:33:18   205,312   -c--a-w   c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 10:20:45   205,312   -c--a-w   c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-20 05:33:18   55,808   -c--a-w   c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 10:20:46   55,808   -c--a-w   c:\windows\system32\dllcache\extmgr.dll
- 2008-02-20 06:51:05   282,624   ----a-w   c:\windows\system32\dllcache\gdi32.dll
+ 2008-10-23 13:01:36   283,648   -c--a-w   c:\windows\system32\dllcache\gdi32.dll
- 2008-08-19 09:38:57   18,432   -c--a-w   c:\windows\system32\dllcache\iedw.exe
+ 2008-10-15 14:18:21   18,432   -c--a-w   c:\windows\system32\dllcache\iedw.exe
- 2008-08-20 05:33:18   251,904   -c--a-w   c:\windows\system32\dllcache\iepeers.dll
+ 2008-10-16 10:20:46   251,904   -c--a-w   c:\windows\system32\dllcache\iepeers.dll
- 2008-08-20 05:33:18   96,256   -c--a-w   c:\windows\system32\dllcache\inseng.dll
+ 2008-10-16 10:20:46   96,256   -c--a-w   c:\windows\system32\dllcache\inseng.dll
- 2008-08-20 05:33:19   16,384   -c--a-w   c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 10:20:50   16,384   -c--a-w   c:\windows\system32\dllcache\jsproxy.dll
- 2006-10-19 01:03:58   100,864   -c--a-w   c:\windows\system32\dllcache\logagent.exe
+ 2008-06-18 06:09:22   100,864   -c--a-w   c:\windows\system32\dllcache\logagent.exe
- 2008-08-20 05:33:20   3,067,392   -c--a-w   c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-12 17:27:54   3,067,392   -c--a-w   c:\windows\system32\dllcache\mshtml.dll
- 2008-08-20 05:33:19   449,024   -c--a-w   c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 10:20:50   449,024   -c--a-w   c:\windows\system32\dllcache\mshtmled.dll
- 2008-08-20 05:33:18   146,432   -c--a-w   c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 10:20:46   146,432   -c--a-w   c:\windows\system32\dllcache\msrating.dll
- 2008-08-20 05:33:18   532,480   -c--a-w   c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 10:20:46   532,480   -c--a-w   c:\windows\system32\dllcache\mstime.dll
- 2008-08-20 05:33:18   39,424   -c--a-w   c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 10:20:46   39,424   -c--a-w   c:\windows\system32\dllcache\pngfilt.dll
- 2007-04-25 14:21:15   144,896   ----a-w   c:\windows\system32\dllcache\schannel.dll
+ 2008-12-05 07:12:45   144,896   -c--a-w   c:\windows\system32\dllcache\schannel.dll
- 2008-08-20 05:33:19   1,499,136   -c--a-w   c:\windows\system32\dllcache\shdocvw.dll
+ 2008-10-16 10:20:48   1,499,136   -c--a-w   c:\windows\system32\dllcache\shdocvw.dll
- 2007-10-26 03:34:01   8,460,288   ----a-w   c:\windows\system32\dllcache\shell32.dll
+ 2008-07-03 13:03:29   8,460,800   -c--a-w   c:\windows\system32\dllcache\shell32.dll
- 2008-08-20 05:33:19   474,112   -c--a-w   c:\windows\system32\dllcache\shlwapi.dll
+ 2008-10-16 10:20:51   474,112   -c--a-w   c:\windows\system32\dllcache\shlwapi.dll
- 2008-08-28 10:04:17   333,056   -c--a-w   c:\windows\system32\dllcache\srv.sys
+ 2008-12-11 11:57:21   333,184   -c--a-w   c:\windows\system32\dllcache\srv.sys
- 2006-08-21 14:52:08   246,814   ----a-w   c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:15:47   247,326   -c--a-w   c:\windows\system32\dllcache\strmdll.dll
- 2008-08-20 05:33:19   619,008   -c--a-w   c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 10:20:53   619,008   -c--a-w   c:\windows\system32\dllcache\urlmon.dll
- 2008-09-15 11:57:41   1,846,016   -c--a-w   c:\windows\system32\dllcache\win32k.sys
+ 2009-02-09 10:19:34   1,846,272   -c--a-w   c:\windows\system32\dllcache\win32k.sys
- 2008-08-20 05:33:19   667,648   -c--a-w   c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 10:20:49   667,648   -c--a-w   c:\windows\system32\dllcache\wininet.dll
- 2006-10-19 02:47:20   937,984   -c--a-w   c:\windows\system32\dllcache\WMNetMgr.dll
+ 2008-06-18 10:03:08   938,496   -c--a-w   c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-19 02:47:22   2,450,944   -c--a-w   c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 10:03:14   2,458,112   -c--a-w   c:\windows\system32\dllcache\WMVCore.dll
- 2008-07-19 02:09:44   563,912   -c--a-w   c:\windows\system32\dllcache\wuapi.dll
+ 2008-10-16 19:12:20   561,688   -c--a-w   c:\windows\system32\dllcache\wuapi.dll
- 2008-07-19 02:10:42   53,448   -c--a-w   c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 19:09:44   51,224   -c--a-w   c:\windows\system32\dllcache\wuauclt.exe
- 2008-07-19 02:09:42   1,811,656   -c--a-w   c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 19:13:40   1,809,944   -c--a-w   c:\windows\system32\dllcache\wuaueng.dll
- 2008-07-19 02:09:46   325,832   -c--a-w   c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 19:12:22   323,608   -c--a-w   c:\windows\system32\dllcache\wucltui.dll
- 2008-07-19 02:10:20   36,552   -c--a-w   c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 19:08:58   34,328   -c--a-w   c:\windows\system32\dllcache\wups.dll
- 2008-07-19 02:09:44   205,000   -c--a-w   c:\windows\system32\dllcache\wuweb.dll
+ 2008-10-16 19:13:40   202,776   -c--a-w   c:\windows\system32\dllcache\wuweb.dll
+ 2008-06-20 17:41:10   148,992   ----a-w   c:\windows\system32\dnsapi(2).dll
+ 2008-06-20 17:41:10   148,992   ----a-w   c:\windows\system32\dnsapi(3).dll
+ 2008-06-20 17:41:10   148,992   ----a-w   c:\windows\system32\dnsapi(4).dll
+ 2008-02-20 05:32:43   45,568   ----a-w   c:\windows\system32\dnsrslvr(2).dll
+ 2008-02-20 05:32:43   45,568   ----a-w   c:\windows\system32\dnsrslvr(3).dll
+ 2008-02-20 05:32:43   45,568   ----a-w   c:\windows\system32\dnsrslvr(4).dll
+ 2004-08-04 06:00:54   71,040   ------w   c:\windows\system32\drivers\_003705_.tmp.dll
+ 2004-08-04 06:00:54   71,040   ------w   c:\windows\system32\drivers\_003716_.tmp.dll
+ 2004-08-04 06:00:54   71,040   ------w   c:\windows\system32\drivers\_003725_.tmp.dll
- 2008-09-22 01:10:32   97,928   ----a-w   c:\windows\system32\drivers\avgldx86.sys
+ 2009-02-04 13:40:18   325,128   ----a-w   c:\windows\system32\drivers\avgldx86.sys
- 2008-09-22 01:10:30   26,824   ----a-w   c:\windows\system32\drivers\avgmfx86.sys
+ 2009-02-04 13:40:18   27,656   ----a-w   c:\windows\system32\drivers\avgmfx86.sys
- 2008-09-22 01:10:37   76,040   ----a-w   c:\windows\system32\drivers\avgtdix.sys
+ 2009-02-04 13:40:14   107,272   ----a-w   c:\windows\system32\drivers\avgtdix.sys
+ 2008-10-07 05:09:32   178,376   ----a-w   c:\windows\system32\drivers\OADriver.sys
+ 2008-10-07 05:09:48   30,920   ----a-w   c:\windows\system32\drivers\OAmon.sys
+ 2008-10-07 05:09:36   28,872   ----a-w   c:\windows\system32\drivers\OAnet.sys
- 2008-08-28 10:04:17   333,056   ----a-w   c:\windows\system32\drivers\srv.sys
+ 2008-12-11 11:57:21   333,184   ----a-w   c:\windows\system32\drivers\srv.sys
+ 2004-08-04 07:56:42   14,336   ----a-w   c:\windows\system32\drprov(2).dll
+ 2004-08-04 07:56:42   14,336   ----a-w   c:\windows\system32\drprov(3).dll
+ 2004-08-04 07:56:42   14,336   ----a-w   c:\windows\system32\drprov(4).dll
+ 2004-08-04 07:56:42   367,616   ----a-w   c:\windows\system32\dsound(2).dll
+ 2004-08-04 07:56:42   367,616   ----a-w   c:\windows\system32\dsound(3).dll
+ 2004-08-04 07:56:42   367,616   ----a-w   c:\windows\system32\dsound(4).dll
+ 2004-08-04 05:31:43   137,216   ----a-w   c:\windows\system32\dssenh(2).dll
+ 2004-08-04 05:31:43   137,216   ----a-w   c:\windows\system32\dssenh(3).dll
+ 2004-08-04 05:31:43   137,216   ----a-w   c:\windows\system32\dssenh(4).dll
+ 2004-08-04 07:56:42   304,128   ----a-w   c:\windows\system32\duser(2).dll
+ 2004-08-04 07:56:42   304,128   ----a-w   c:\windows\system32\duser(3).dll
+ 2004-08-04 07:56:42   304,128   ----a-w   c:\windows\system32\duser(4).dll
- 2008-08-20 05:33:18   357,888   ----a-w   c:\windows\system32\dxtmsft.dll
+ 2008-10-16 10:20:45   357,888   ----a-w   c:\windows\system32\dxtmsft.dll
- 2008-08-20 05:33:18   205,312   ----a-w   c:\windows\system32\dxtrans.dll
+ 2008-10-16 10:20:45   205,312   ----a-w   c:\windows\system32\dxtrans.dll
+ 2004-08-04 07:56:42   23,040   ----a-w   c:\windows\system32\ersvc(2).dll
+ 2004-08-04 07:56:42   23,040   ----a-w   c:\windows\system32\ersvc(3).dll
+ 2004-08-04 07:56:42   23,040   ----a-w   c:\windows\system32\ersvc(4).dll
+ 2008-07-07 20:32:22   253,952   ----a-w   c:\windows\system32\es(2).dll
+ 2008-07-07 20:32:22   253,952   ----a-w   c:\windows\system32\es(3).dll
+ 2008-07-07 20:32:22   253,952   ----a-w   c:\windows\system32\es(4).dll
+ 2005-10-20 22:20:03   1,082,368   ----a-w   c:\windows\system32\esent(2).dll
+ 2005-10-20 22:20:03   1,082,368   ----a-w   c:\windows\system32\esent(3).dll
+ 2005-10-20 22:20:03   1,082,368   ----a-w   c:\windows\system32\esent(4).dll
+ 2004-08-04 07:56:42   55,808   ----a-w   c:\windows\system32\eventlog(2).dll
+ 2004-08-04 07:56:42   55,808   ----a-w   c:\windows\system32\eventlog(3).dll
+ 2004-08-04 07:56:42   55,808   ----a-w   c:\windows\system32\eventlog(4).dll
- 2008-08-20 05:33:18   55,808   ----a-w   c:\windows\system32\extmgr.dll
+ 2008-10-16 10:20:46   55,808   ----a-w   c:\windows\system32\extmgr.dll
+ 2004-08-04 07:56:42   80,384   ----a-w   c:\windows\system32\faultrep(2).dll
+ 2004-08-04 07:56:42   80,384   ----a-w   c:\windows\system32\faultrep(3).dll
+ 2004-08-04 07:56:42   80,384   ----a-w   c:\windows\system32\faultrep(4).dll
- 2008-10-16 07:12:49   228,800   ----a-w   c:\windows\system32\FNTCACHE.DAT
+ 2009-04-03 07:08:43   228,800   ----a-w   c:\windows\system32\FNTCACHE.DAT
- 2008-02-20 06:51:05   282,624   ----a-w   c:\windows\system32\gdi32.dll
+ 2008-10-23 13:01:36   283,648   ----a-w   c:\windows\system32\gdi32.dll
+ 2004-08-04 07:56:42   20,992   ----a-w   c:\windows\system32\hid(2).dll
+ 2004-08-04 07:56:42   20,992   ----a-w   c:\windows\system32\hid(3).dll
+ 2004-08-04 07:56:42   20,992   ----a-w   c:\windows\system32\hid(4).dll
+ 2004-08-04 07:56:42   344,064   ----a-w   c:\windows\system32\hnetcfg(2).dll
+ 2004-08-04 07:56:42   344,064   ----a-w   c:\windows\system32\hnetcfg(3).dll
+ 2004-08-04 07:56:42   344,064   ----a-w   c:\windows\system32\hnetcfg(4).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\httpapi(2).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\httpapi(3).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\httpapi(4).dll
+ 2004-08-04 07:56:42   11,264   ----a-w   c:\windows\system32\icaapi(2).dll
+ 2004-08-04 07:56:42   11,264   ----a-w   c:\windows\system32\icaapi(3).dll
+ 2004-08-04 07:56:42   11,264   ----a-w   c:\windows\system32\icaapi(4).dll
+ 2004-08-04 07:56:07   3,584   ----a-w   c:\windows\system32\icmp(2).dll
- 2008-08-20 05:33:18   251,904   ----a-w   c:\windows\system32\iepeers.dll
+ 2008-10-16 10:20:46   251,904   ----a-w   c:\windows\system32\iepeers.dll
+ 2004-08-04 07:56:42   35,840   ----a-w   c:\windows\system32\imgutil(2).dll
+ 2008-04-11 18:50:43   683,520   ----a-w   c:\windows\system32\inetcomm(2).dll
+ 2008-04-11 18:50:43   683,520   ----a-w   c:\windows\system32\inetcomm(3).dll
+ 2008-04-11 18:50:43   683,520   ----a-w   c:\windows\system32\inetcomm(4).dll
+ 2004-08-04 07:56:42   75,264   ----a-w   c:\windows\system32\inetpp(2).dll
+ 2004-08-04 07:56:42   75,264   ----a-w   c:\windows\system32\inetpp(3).dll
+ 2004-08-04 07:56:42   75,264   ----a-w   c:\windows\system32\inetpp(4).dll
+ 2004-08-04 07:56:08   48,128   ----a-w   c:\windows\system32\inetres(2).dll
+ 2004-08-04 07:56:08   48,128   ----a-w   c:\windows\system32\inetres(3).dll
+ 2004-08-04 07:56:08   48,128   ----a-w   c:\windows\system32\inetres(4).dll
- 2008-08-20 05:33:18   96,256   ----a-w   c:\windows\system32\inseng.dll
+ 2008-10-16 10:20:46   96,256   ----a-w   c:\windows\system32\inseng.dll
+ 2006-05-19 12:59:41   94,720   ----a-w   c:\windows\system32\iphlpapi(2).dll
+ 2006-05-19 12:59:41   94,720   ----a-w   c:\windows\system32\iphlpapi(3).dll
+ 2006-05-19 12:59:41   94,720   ----a-w   c:\windows\system32\iphlpapi(4).dll
+ 2004-08-04 07:56:42   331,264   ----a-w   c:\windows\system32\ipnathlp(2).dll
+ 2004-08-04 07:56:42   331,264   ----a-w   c:\windows\system32\ipnathlp(3).dll
+ 2004-08-04 07:56:42   331,264   ----a-w   c:\windows\system32\ipnathlp(4).dll
+ 2004-08-04 07:56:42   182,784   ----a-w   c:\windows\system32\ipsecsvc(2).dll
+ 2004-08-04 07:56:42   182,784   ----a-w   c:\windows\system32\ipsecsvc(3).dll
+ 2004-08-04 07:56:42   182,784   ----a-w   c:\windows\system32\ipsecsvc(4).dll
+ 2007-12-18 14:40:58   450,560   ----a-w   c:\windows\system32\jscript(2).dll
+ 2007-12-18 14:40:58   450,560   ----a-w   c:\windows\system32\jscript(3).dll
- 2008-08-20 05:33:19   16,384   ----a-w   c:\windows\system32\jsproxy.dll
+ 2008-10-16 10:20:50   16,384   ----a-w   c:\windows\system32\jsproxy.dll
+ 2005-06-15 17:49:30   295,936   ----a-w   c:\windows\system32\kerberos(2).dll
+ 2005-06-15 17:49:30   295,936   ----a-w   c:\windows\system32\kerberos(3).dll
+ 2005-06-15 17:49:30   295,936   ----a-w   c:\windows\system32\kerberos(4).dll
- 2008-06-11 00:04:26   1,044,480   ----a-w   c:\windows\system32\libdivx.dll
+ 2008-11-21 21:46:10   1,044,480   ----a-w   c:\windows\system32\libdivx.dll
+ 2005-09-01 01:41:53   19,968   ----a-w   c:\windows\system32\linkinfo(2).dll
+ 2005-09-01 01:41:53   19,968   ----a-w   c:\windows\system32\linkinfo(3).dll
+ 2005-09-01 01:41:53   19,968   ----a-w   c:\windows\system32\linkinfo(4).dll
+ 2007-07-27 19:49:02   196,683   ----a-w   c:\windows\system32\lnod32apiA.dll
+ 2007-07-27 19:49:02   225,355   ----a-w   c:\windows\system32\lnod32apiW.dll
+ 2005-12-06 00:25:22   139,264   ----a-w   c:\windows\system32\lnod32umc.dll
+ 2005-12-05 17:37:10   106,496   ----a-w   c:\windows\system32\lnod32upd.dll
+ 2004-08-04 07:56:42   97,280   ----a-w   c:\windows\system32\loadperf(2).dll
+ 2004-08-04 07:56:42   97,280   ----a-w   c:\windows\system32\loadperf(3).dll
+ 2004-08-04 07:56:42   97,280   ----a-w   c:\windows\system32\loadperf(4).dll
- 2006-10-19 01:03:58   100,864   ----a-w   c:\windows\system32\logagent.exe
+ 2008-06-18 06:09:22   100,864   ----a-w   c:\windows\system32\logagent.exe
+ 2004-08-04 07:56:50   13,312   ----a-w   c:\windows\system32\lsass(2).exe
+ 2004-08-04 07:56:50   13,312   ----a-w   c:\windows\system32\lsass(3).exe
+ 2004-08-04 07:56:50   13,312   ----a-w   c:\windows\system32\lsass(4).exe
- 2008-03-25 03:21:18   2,889,088   ----a-w   c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2008-10-05 03:24:02   3,695,008   ----a-w   c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2008-03-25 03:21:20   218,496   ----a-w   c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-10-05 03:24:04   235,936   ----a-w   c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2008-09-27 16:54:53   70,264   ----a-w   c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-11-18 00:22:36   84,661   ----a-w   c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2004-08-04 07:56:42   22,528   ----a-w   c:\windows\system32\mfcsubs(2).dll
+ 2004-08-04 07:56:42   22,528   ----a-w   c:\windows\system32\mfcsubs(3).dll
+ 2004-08-04 07:56:42   22,528   ----a-w   c:\windows\system32\mfcsubs(4).dll
+ 2004-08-04 07:56:42   18,944   ----a-w   c:\windows\system32\midimap(2).dll
+ 2004-08-04 07:56:42   18,944   ----a-w   c:\windows\system32\midimap(3).dll
+ 2004-08-04 07:56:42   18,944   ----a-w   c:\windows\system32\midimap(4).dll
+ 2004-08-04 07:56:42   586,240   ----a-w   c:\windows\system32\mlang(2).dll
+ 2004-08-04 07:56:42   586,240   ----a-w   c:\windows\system32\mlang(3).dll
+ 2004-08-04 07:56:42   586,240   ----a-w   c:\windows\system32\mlang(4).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\mpr(2).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\mpr(3).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\mpr(4).dll
+ 2004-08-04 07:56:42   87,040   ----a-w   c:\windows\system32\mprapi(2).dll
+ 2004-08-04 07:56:42   87,040   ----a-w   c:\windows\system32\mprapi(3).dll
+ 2004-08-04 07:56:42   87,040   ----a-w   c:\windows\system32\mprapi(4).dll
- 2008-11-04 00:10:25   17,318,336   ----a-w   c:\windows\system32\MRT.exe
+ 2009-02-25 16:55:00   24,768,960   ----a-w   c:\windows\system32\MRT.exe
+ 2004-08-04 07:56:42   71,680   ----a-w   c:\windows\system32\msacm32(2).dll
+ 2004-08-04 07:56:42   71,680   ----a-w   c:\windows\system32\msacm32(3).dll
+ 2004-08-04 07:56:42   71,680   ----a-w   c:\windows\system32\msacm32(4).dll
+ 2004-08-04 07:56:42   57,344   ----a-w   c:\windows\system32\msasn1(2).dll
+ 2004-08-04 07:56:42   57,344   ----a-w   c:\windows\system32\msasn1(3).dll
+ 2004-08-04 07:56:42   57,344   ----a-w   c:\windows\system32\msasn1(4).dll
+ 2008-06-24 16:23:05   74,240   ----a-w   c:\windows\system32\mscms(2).dll
+ 2008-06-24 16:23:05   74,240   ----a-w   c:\windows\system32\mscms(3).dll
+ 2008-06-24 16:23:05   74,240   ----a-w   c:\windows\system32\mscms(4).dll
+ 2004-08-04 07:56:42   294,400   ----a-w   c:\windows\system32\msctf(2).dll
+ 2004-08-04 07:56:42   294,400   ----a-w   c:\windows\system32\msctf(3).dll
+ 2004-08-04 07:56:42   294,400   ----a-w   c:\windows\system32\msctf(4).dll
+ 2004-08-04 07:56:43   14,336   ----a-w   c:\windows\system32\msdmo(2).dll
+ 2004-08-04 07:56:43   14,336   ----a-w   c:\windows\system32\msdmo(3).dll
+ 2004-08-04 07:56:43   14,336   ----a-w   c:\windows\system32\msdmo(4).dll
- 2008-08-20 05:33:20   3,067,392   ----a-w   c:\windows\system32\mshtml.dll
+ 2008-12-12 17:27:54   3,067,392   ----a-w   c:\windows\system32\mshtml.dll
+ 2008-10-16 10:20:50   449,024   ----a-w   c:\windows\system32\mshtmled(2).dll
+ 2008-10-16 10:20:50   449,024   ----a-w   c:\windows\system32\mshtmled(3).dll
+ 2008-10-16 10:20:50   449,024   ----a-w   c:\windows\system32\mshtmled(4).dll
- 2008-08-20 05:33:19   449,024   ----a-w   c:\windows\system32\mshtmled.dll
+ 2008-10-16 10:20:50   449,024   ----a-w   c:\windows\system32\mshtmled.dll
+ 2004-08-04 07:56:43   6,656   ----a-w   c:\windows\system32\msidle(2).dll
+ 2004-08-04 07:56:43   6,656   ----a-w   c:\windows\system32\msidle(3).dll
+ 2004-08-04 07:56:43   6,656   ----a-w   c:\windows\system32\msidle(4).dll
+ 2004-08-04 07:56:43   4,608   ----a-w   c:\windows\system32\msimg32(2).dll
+ 2004-08-04 07:56:43   4,608   ----a-w   c:\windows\system32\msimg32(3).dll
+ 2004-08-04 07:56:43   4,608   ----a-w   c:\windows\system32\msimg32(4).dll
+ 2004-08-04 07:56:43   159,232   ----a-w   c:\windows\system32\msimtf(2).dll
+ 2004-08-04 07:56:43   159,232   ----a-w   c:\windows\system32\msimtf(3).dll
+ 2004-08-04 07:56:43   159,232   ----a-w   c:\windows\system32\msimtf(4).dll
+ 2004-08-04 07:56:43   105,984   ----a-w   c:\windows\system32\msoert2(2).dll
+ 2004-08-04 07:56:43   105,984   ----a-w   c:\windows\system32\msoert2(3).dll
+ 2004-08-04 07:56:43   105,984   ----a-w   c:\windows\system32\msoert2(4).dll
+ 2004-08-04 07:56:43   30,208   ----a-w   c:\windows\system32\mspatcha(2).dll
+ 2004-08-04 07:56:43   30,208   ----a-w   c:\windows\system32\mspatcha(3).dll
+ 2004-08-04 07:56:43   30,208   ----a-w   c:\windows\system32\mspatcha(4).dll
+ 2004-08-04 07:56:18   48,128   ----a-w   c:\windows\system32\msprivs(2).dll
+ 2004-08-04 07:56:18   48,128   ----a-w   c:\windows\system32\msprivs(3).dll
+ 2004-08-04 07:56:18   48,128   ----a-w   c:\windows\system32\msprivs(4).dll
- 2008-08-20 05:33:18   146,432   ----a-w   c:\windows\system32\msrating.dll
+ 2008-10-16 10:20:46   146,432   ----a-w   c:\windows\system32\msrating.dll
- 2008-08-20 05:33:18   532,480   ----a-w   c:\windows\system32\mstime.dll
+ 2008-10-16 10:20:46   532,480   ----a-w   c:\windows\system32\mstime.dll
+ 2004-08-04 07:56:43   115,712   ----a-w   c:\windows\system32\mstlsapi(2).dll
+ 2004-08-04 07:56:43   115,712   ----a-w   c:\windows\system32\mstlsapi(3).dll
+ 2004-08-04 07:56:43   115,712   ----a-w   c:\windows\system32\mstlsapi(4).dll
+ 2004-08-04 07:56:43   195,072   ----a-w   c:\windows\system32\msutb(2).dll
+ 2004-08-04 07:56:43   195,072   ----a-w   c:\windows\system32\msutb(3).dll
+ 2004-08-04 07:56:43   195,072   ----a-w   c:\windows\system32\msutb(4).dll
+ 2004-08-04 07:56:43   413,696   ----a-w   c:\windows\system32\msvcp60(2).dll
+ 2004-08-04 07:56:43   413,696   ----a-w   c:\windows\system32\msvcp60(3).dll
+ 2004-08-04 07:56:43   413,696   ----a-w   c:\windows\system32\msvcp60(4).dll
- 2003-03-19 02:14:52   499,712   ----a-r   c:\windows\system32\msvcp71.dll
+ 2008-11-17 23:25:13   499,712   ----a-w   c:\windows\system32\msvcp71.dll
- 2003-02-21 08:42:22   348,160   ------w   c:\windows\system32\msvcr71.dll
+ 2008-11-17 23:25:13   348,160   ----a-w   c:\windows\system32\msvcr71.dll
+ 2004-08-04 07:56:43   343,040   ----a-w   c:\windows\system32\msvcrt(2).dll
+ 2004-08-04 07:56:43   343,040   ----a-w   c:\windows\system32\msvcrt(3).dll
+ 2004-08-04 07:56:43   343,040   ----a-w   c:\windows\system32\msvcrt(4).dll
+ 2004-08-04 07:56:43   120,832   ----a-w   c:\windows\system32\msvfw32(2).dll
+ 2004-08-04 07:56:43   120,832   ----a-w   c:\windows\system32\msvfw32(3).dll
+ 2004-08-04 07:56:43   120,832   ----a-w   c:\windows\system32\msvfw32(4).dll
+ 2008-06-20 17:41:10   245,248   ----a-w   c:\windows\system32\mswsock(2).dll
+ 2008-06-20 17:41:10   245,248   ----a-w   c:\windows\system32\mswsock(3).dll
+ 2008-06-20 17:41:10   245,248   ----a-w   c:\windows\system32\mswsock(4).dll
+ 2006-03-01 19:42:42   66,560   ----a-w   c:\windows\system32\mtxclu(2).dll
+ 2006-03-01 19:42:42   66,560   ----a-w   c:\windows\system32\mtxclu(3).dll
+ 2006-03-01 19:42:42   66,560   ----a-w   c:\windows\system32\mtxclu(4).dll
- 2008-07-19 02:07:34   270,880   ----a-w   c:\windows\system32\mucltui.dll
+ 2008-10-16 19:06:48   268,648   ----a-w   c:\windows\system32\mucltui.dll
- 2008-07-19 02:07:32   210,976   ----a-w   c:\windows\system32\muweb.dll
+ 2008-10-16 19:06:48   208,744   ----a-w   c:\windows\system32\muweb.dll
+ 2004-08-04 07:56:44   90,624   ----a-w   c:\windows\system32\mydocs(2).dll
+ 2004-08-04 07:56:44   90,624   ----a-w   c:\windows\system32\mydocs(3).dll
+ 2004-08-04 07:56:44   90,624   ----a-w   c:\windows\system32\mydocs(4).dll
+ 2004-08-04 07:56:44   17,920   ----a-w   c:\windows\system32\nddeapi(2).dll
+ 2004-08-04 07:56:44   17,920   ----a-w   c:\windows\system32\nddeapi(3).dll
+ 2004-08-04 07:56:44   17,920   ----a-w   c:\windows\system32\nddeapi(4).dll
+ 2008-10-15 16:57:55   332,800   ----a-w   c:\windows\system32\netapi32(2).dll
+ 2008-10-15 16:57:55   332,800   ----a-w   c:\windows\system32\netapi32(3).dll
+ 2008-10-15 16:57:55   332,800   ----a-w   c:\windows\system32\netapi32(4).dll
+ 2004-08-04 07:56:44   622,080   ----a-w   c:\windows\system32\netcfgx(2).dll
+ 2004-08-04 07:56:44   622,080   ----a-w   c:\windows\system32\netcfgx(3).dll
+ 2004-08-04 07:56:44   622,080   ----a-w   c:\windows\system32\netcfgx(4).dll
+ 2004-08-04 07:56:44   407,040   ----a-w   c:\windows\system32\netlogon(2).dll
+ 2004-08-04 07:56:44   407,040   ----a-w   c:\windows\system32\netlogon(3).dll
+ 2004-08-04 07:56:44   407,040   ----a-w   c:\windows\system32\netlogon(4).dll
+ 2005-08-22 18:29:46   197,632   ----a-w   c:\windows\system32\netman(2).dll
+ 2005-08-22 18:29:46   197,632   ----a-w   c:\windows\system32\netman(3).dll
+ 2005-08-22 18:29:46   197,632   ----a-w   c:\windows\system32\netman(4).dll
+ 2004-08-04 07:56:44   12,288   ----a-w   c:\windows\system32\netrap(2).dll
+ 2004-08-04 07:56:44   12,288   ----a-w   c:\windows\system32\netrap(3).dll
+ 2004-08-04 07:56:44   12,288   ----a-w   c:\windows\system32\netrap(4).dll
+ 2004-08-04 07:56:44   1,708,032   ----a-w   c:\windows\system32\netshell(2).dll
+ 2004-08-04 07:56:44   1,708,032   ----a-w   c:\windows\system32\netshell(3).dll
+ 2004-08-04 07:56:44   1,708,032   ----a-w   c:\windows\system32\netshell(4).dll
+ 2004-08-04 07:56:44   80,896   ----a-w   c:\windows\system32\netui0(2).dll
+ 2004-08-04 07:56:44   80,896   ----a-w   c:\windows\system32\netui0(3).dll
+ 2004-08-04 07:56:44   80,896   ----a-w   c:\windows\system32\netui0(4).dll
+ 2004-08-04 07:56:44   245,760   ----a-w   c:\windows\system32\netui1(2).dll
+ 2004-08-04 07:56:44   245,760   ----a-w   c:\windows\system32\netui1(3).dll
+ 2004-08-04 07:56:44   245,760   ----a-w   c:\windows\system32\netui1(4).dll
+ 2004-08-04 07:56:44   248,832   ----a-w   c:\windows\system32\newdev(2).dll
+ 2004-08-04 07:56:44   248,832   ----a-w   c:\windows\system32\newdev(3).dll
+ 2004-08-04 07:56:44   248,832   ----a-w   c:\windows\system32\newdev(4).dll
+ 2004-08-04 07:56:44   67,072   ----a-w   c:\windows\system32\ntdsapi(2).dll
+ 2004-08-04 07:56:44   67,072   ----a-w   c:\windows\system32\ntdsapi(3).dll
+ 2004-08-04 07:56:44   67,072   ----a-w   c:\windows\system32\ntdsapi(4).dll
+ 2004-08-04 07:56:44   43,520   ----a-w   c:\windows\system32\ntlanman(2).dll
+ 2004-08-04 07:56:44   43,520   ----a-w   c:\windows\system32\ntlanman(3).dll
+ 2004-08-04 07:56:44   43,520   ----a-w   c:\windows\system32\ntlanman(4).dll
+ 2004-08-04 07:56:44   118,784   ----a-w   c:\windows\system32\ntmarta(2).dll
+ 2004-08-04 07:56:44   118,784   ----a-w   c:\windows\system32\ntmarta(3).dll
+ 2004-08-04 07:56:44   118,784   ----a-w   c:\windows\system32\ntmarta(4).dll
+ 2004-08-04 07:56:44   143,872   ----a-w   c:\windows\system32\ntshrui(2).dll
+ 2004-08-04 07:56:44   143,872   ----a-w   c:\windows\system32\ntshrui(3).dll
+ 2004-08-04 07:56:44   143,872   ----a-w   c:\windows\system32\ntshrui(4).dll
+ 2004-08-04 07:56:44   266,752   ----a-w   c:\windows\system32\oakley(2).dll
+ 2004-08-04 07:56:44   266,752   ----a-w   c:\windows\system32\oakley(3).dll
+ 2004-08-04 07:56:44   266,752   ----a-w   c:\windows\system32\oakley(4).dll
+ 2003-07-16 20:40:13   60,928   ----a-w   c:\windows\system32\ocmanage(2).dll
+ 2003-07-16 20:40:13   60,928   ----a-w   c:\windows\system32\ocmanage(3).dll
+ 2003-07-16 20:40:13   60,928   ----a-w   c:\windows\system32\ocmanage(4).dll
+ 2004-08-04 07:56:44   120,832   ----a-w   c:\windows\system32\offfilt(2).dll
+ 2004-08-04 07:56:44   120,832   ----a-w   c:\windows\system32\offfilt(3).dll
+ 2005-07-26 04:39:48   1,285,120   ----a-w   c:\windows\system32\ole32(2).dll
+ 2005-07-26 04:39:48   1,285,120   ----a-w   c:\windows\system32\ole32(3).dll
+ 2005-07-26 04:39:48   1,285,120   ----a-w   c:\windows\system32\ole32(4).dll
+ 2005-07-26 04:39:48   74,752   ----a-w   c:\windows\system32\olecli32(2).dll
+ 2005-07-26 04:39:48   74,752   ----a-w   c:\windows\system32\olecli32(3).dll
+ 2005-07-26 04:39:48   74,752   ----a-w   c:\windows\system32\olecli32(4).dll
+ 2004-08-04 07:56:44   83,456   ----a-w   c:\windows\system32\olepro32(2).dll
+ 2004-08-04 07:56:44   83,456   ----a-w   c:\windows\system32\olepro32(3).dll
+ 2004-08-04 07:56:44   83,456   ----a-w   c:\windows\system32\olepro32(4).dll
+ 2008-02-11 14:39:26   253,952   ----a-w   c:\windows\system32\OnlineScannerDLLA.dll
+ 2008-02-11 14:39:18   237,568   ----a-w   c:\windows\system32\OnlineScannerDLLW.dll
+ 2008-02-08 18:53:46   110,592   ----a-w   c:\windows\system32\OnlineScannerLang.dll
+ 2008-02-05 13:48:04   77,824   ----a-w   c:\windows\system32\OnlineScannerUninstaller.exe
- 2008-11-02 09:49:07   53,724   ----a-w   c:\windows\system32\perfc009.dat
+ 2009-04-04 09:17:33   53,724   ----a-w   c:\windows\system32\perfc009.dat
- 2008-11-02 09:49:07   383,562   ----a-w   c:\windows\system32\perfh009.dat
+ 2009-04-04 09:17:33   383,562   ----a-w   c:\windows\system32\perfh009.dat
+ 2004-08-04 07:56:44   25,088   ----a-w   c:\windows\system32\perfos(2).dll
+ 2004-08-04 07:56:44   25,088   ----a-w   c:\windows\system32\perfos(3).dll
+ 2004-08-04 07:56:44   25,088   ----a-w   c:\windows\system32\perfos(4).dll
+ 2004-08-04 07:56:44   15,360   ----a-w   c:\windows\system32\pjlmon(2).dll
+ 2004-08-04 07:56:44   15,360   ----a-w   c:\windows\system32\pjlmon(3).dll<
Logged

Offline cbfr

  • Newbie
  • *
  • Posts: 26
Re: I think I might have another virus?!
« Reply #7 on: April 10, 2009, 06:21:40 PM »
Combo Fix

ComboFix 09-04-04.01 - Christina 2009-04-07 20:51:01.3 - NTFSx86
Running from: c:\documents and settings\Christina\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\system32\_003728_.tmp.dll
c:\windows\system32\_003729_.tmp.dll
c:\windows\system32\_003730_.tmp.dll
c:\windows\system32\_003731_.tmp.dll
c:\windows\system32\_003738_.tmp.dll
c:\windows\system32\_003739_.tmp.dll
c:\windows\system32\_003740_.tmp.dll
c:\windows\system32\_003741_.tmp.dll
c:\windows\system32\_003742_.tmp.dll
c:\windows\system32\_003743_.tmp.dll
c:\windows\system32\_003744_.tmp.dll
c:\windows\system32\_003745_.tmp.dll
c:\windows\system32\_003746_.tmp.dll
c:\windows\system32\_003747_.tmp.dll
c:\windows\system32\_003748_.tmp.dll
c:\windows\system32\_003749_.tmp.dll
c:\windows\system32\_003750_.tmp.dll
c:\windows\system32\_003751_.tmp.dll
c:\windows\system32\_003752_.tmp.dll
c:\windows\system32\_003753_.tmp.dll
c:\windows\system32\_003754_.tmp.dll
c:\windows\system32\_003755_.tmp.dll
c:\windows\system32\_003756_.tmp.dll
c:\windows\system32\_003757_.tmp.dll
c:\windows\system32\_003758_.tmp.dll
c:\windows\system32\_003761_.tmp.dll
c:\windows\system32\_003762_.tmp.dll
c:\windows\system32\_003763_.tmp.dll
c:\windows\system32\_003764_.tmp.dll
c:\windows\system32\_003765_.tmp.dll
c:\windows\system32\_003766_.tmp.dll
c:\windows\system32\_003767_.tmp.dll
c:\windows\system32\_003769_.tmp.dll
c:\windows\system32\_003770_.tmp.dll
c:\windows\system32\_003771_.tmp.dll
c:\windows\system32\_003772_.tmp.dll
c:\windows\system32\_003773_.tmp.dll
c:\windows\system32\_003774_.tmp.dll
c:\windows\system32\_003775_.tmp.dll
c:\windows\system32\_003776_.tmp.dll
c:\windows\system32\_003777_.tmp.dll
c:\windows\system32\_003778_.tmp.dll
c:\windows\system32\_003779_.tmp.dll
c:\windows\system32\_003782_.tmp.dll
c:\windows\system32\_003783_.tmp.dll
c:\windows\system32\_003784_.tmp.dll
c:\windows\system32\_003786_.tmp.dll
c:\windows\system32\_003787_.tmp.dll
c:\windows\system32\_003788_.tmp.dll
c:\windows\system32\_003789_.tmp.dll
c:\windows\system32\_003790_.tmp.dll
c:\windows\system32\_003791_.tmp.dll
c:\windows\system32\_003792_.tmp.dll
c:\windows\system32\_003793_.tmp.dll
c:\windows\system32\_003794_.tmp.dll
c:\windows\system32\_003795_.tmp.dll
c:\windows\system32\_003797_.tmp.dll
c:\windows\system32\_003798_.tmp.dll
c:\windows\system32\_003799_.tmp.dll
c:\windows\system32\_003800_.tmp.dll
c:\windows\system32\_003802_.tmp.dll
c:\windows\system32\_003804_.tmp.dll
c:\windows\system32\_003805_.tmp.dll
c:\windows\system32\_003806_.tmp.dll
c:\windows\system32\_003807_.tmp.dll
c:\windows\system32\_003808_.tmp.dll
c:\windows\system32\_003809_.tmp.dll
c:\windows\system32\_003810_.tmp.dll
c:\windows\system32\_003812_.tmp.dll
c:\windows\system32\_003813_.tmp.dll
c:\windows\system32\_003814_.tmp.dll
c:\windows\system32\_003815_.tmp.dll
c:\windows\system32\_003816_.tmp.dll
c:\windows\system32\_003817_.tmp.dll
c:\windows\system32\_003818_.tmp.dll
c:\windows\system32\_003819_.tmp.dll
c:\windows\system32\_003821_.tmp.dll
c:\windows\system32\_003822_.tmp.dll
c:\windows\system32\_003823_.tmp.dll
c:\windows\system32\_003824_.tmp.dll
c:\windows\system32\_003825_.tmp.dll
c:\windows\system32\_003827_.tmp.dll
c:\windows\system32\_003828_.tmp.dll
c:\windows\system32\_003832_.tmp.dll
c:\windows\system32\_003833_.tmp.dll
c:\windows\system32\_003835_.tmp.dll
c:\windows\system32\_003838_.tmp.dll
c:\windows\system32\_003840_.tmp.dll
c:\windows\system32\_003841_.tmp.dll
c:\windows\system32\_003842_.tmp.dll
c:\windows\system32\_003843_.tmp.dll
c:\windows\system32\_003846_.tmp.dll
c:\windows\system32\_003847_.tmp.dll
c:\windows\system32\_003848_.tmp.dll
c:\windows\system32\_003849_.tmp.dll
c:\windows\system32\_003850_.tmp.dll
c:\windows\system32\_003855_.tmp.dll
c:\windows\system32\_003857_.tmp.dll
c:\windows\system32\_003858_.tmp.dll
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
(((((((((((((((((((((((((   Files Created from 2009-03-08 to 2009-04-08  )))))))))))))))))))))))))))))))
.

2009-04-02 06:53 . 2009-04-02 06:53   <DIR>   d--------   c:\program files\Adobe Media Player
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Kodak
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Common Files\Scanner
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Common Files\Authentium
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Bonjour
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Bell
2009-04-01 21:21 . 2001-01-12 16:10   6,550   --a------   c:\windows\jautoexp.dat
2009-03-25 19:41 . 2009-02-09 06:19   1,846,272   --a------   c:\windows\system32\win32k.sys
2009-03-25 19:40 . 2008-08-14 06:00   2,180,352   --a------   c:\windows\system32\ntoskrnl.exe
2009-03-21 20:45 . 2009-04-02 06:50   <DIR>   d--------   c:\documents and settings\Christina\Tracing
2009-03-21 15:39 . 2009-04-02 06:50   <DIR>   d--------   c:\documents and settings\Anita\Tracing
2009-03-21 09:42 . 2009-03-21 09:42   <DIR>   d--------   c:\program files\Common Files\Windows Live
2009-03-11 19:54 . 2009-03-11 19:54   <DIR>   d--------   c:\program files\Alwil Software

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-07 23:22   ---------   d-----w   c:\documents and settings\Christina\Application Data\OnlineArmor
2009-04-07 08:42   ---------   d-----w   c:\documents and settings\Anita\Application Data\OnlineArmor
2009-04-06 01:11   ---------   d-----w   c:\documents and settings\Christina\Application Data\Image Zone Express
2009-04-02 10:53   ---------   d-----w   c:\documents and settings\All Users.WINDOWS\Application Data\avg8
2009-04-02 01:21   155,995   ----a-w   c:\windows\java\Packages\QFDN1BTV.ZIP
2009-03-27 21:08   ---------   d-----w   c:\program files\RealArcade
2009-03-21 13:59   ---------   d-----w   c:\program files\Windows Live
2009-03-12 23:03   ---------   d-----w   c:\program files\Google
2009-02-24 11:24   ---------   d-----w   c:\program files\FrostWire
2009-02-10 15:31   ---------   d---a-w   c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-02-10 14:30   ---------   d-----w   c:\documents and settings\Anita\Application Data\Skip-Bo
2009-02-04 13:40   10,520   ----a-w   c:\windows\system32\avgrsstx.dll
2008-02-29 20:46   0   -c--a-w   c:\program files\temp01
2008-02-25 22:26   32   ----a-w   c:\documents and settings\All Users.WINDOWS\Application Data\ezsid.dat
2007-01-30 15:16   28,952   ----a-w   c:\documents and settings\Anita\Application Data\GDIPFONTCACHEV1.DAT
2007-01-09 00:50   28,952   ----a-w   c:\documents and settings\Christina\Application Data\GDIPFONTCACHEV1.DAT
2006-04-12 09:26   774,144   ----a-w   c:\program files\RngInterstitial.dll
2009-01-06 00:56   122,880   ----a-w   c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((   snapshot@2008-11-16_17.23.03.73   )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-03 09:57:49   247,326   ----a-w   c:\windows\$hf_mig$\KB954600\SP2QFE\strmdll.dll
+ 2008-10-03 10:02:42   247,326   ----a-w   c:\windows\$hf_mig$\KB954600\SP3GDR\strmdll.dll
+ 2008-10-03 09:49:31   247,326   ----a-w   c:\windows\$hf_mig$\KB954600\SP3QFE\strmdll.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB954600\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB954600\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB954600\update\spcustom.dll
+ 2007-11-30 11:18:51   755,576   ----a-w   c:\windows\$hf_mig$\KB954600\update\update.exe
+ 2007-11-30 11:18:51   382,840   ----a-w   c:\windows\$hf_mig$\KB954600\update\updspapi.dll
+ 2008-10-22 09:47:25   62,976   ----a-w   c:\windows\$hf_mig$\KB955839\SP2QFE\tzchange.exe
+ 2008-10-23 10:06:59   62,976   ----a-w   c:\windows\$hf_mig$\KB955839\SP3GDR\tzchange.exe
+ 2008-10-23 10:17:49   62,976   ----a-w   c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB955839\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB955839\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB955839\update\spcustom.dll
+ 2007-11-30 12:39:22   755,576   ----a-w   c:\windows\$hf_mig$\KB955839\update\update.exe
+ 2007-11-30 12:39:22   382,840   ----a-w   c:\windows\$hf_mig$\KB955839\update\updspapi.dll
+ 2008-10-23 12:51:04   284,160   ----a-w   c:\windows\$hf_mig$\KB956802\SP2QFE\gdi32.dll
+ 2008-10-23 12:36:14   286,720   ----a-w   c:\windows\$hf_mig$\KB956802\SP3GDR\gdi32.dll
+ 2008-10-23 12:43:42   286,720   ----a-w   c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll
+ 2008-07-08 13:02:01   17,272   ----a-w   c:\windows\$hf_mig$\KB956802\spmsg.dll
+ 2008-07-08 13:02:02   231,288   ----a-w   c:\windows\$hf_mig$\KB956802\spuninst.exe
+ 2008-07-08 13:02:01   26,488   ----a-w   c:\windows\$hf_mig$\KB956802\update\spcustom.dll
+ 2008-07-09 07:38:29   755,576   ----a-w   c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB956802\update\updspapi.dll
+ 2008-10-16 01:00:11   3,067,904   ----a-w   c:\windows\$hf_mig$\KB958215\SP3GDR\mshtml.dll
+ 2008-10-16 01:00:10   1,499,136   ----a-w   c:\windows\$hf_mig$\KB958215\SP3GDR\shdocvw.dll
+ 2008-10-16 01:00:11   619,520   ----a-w   c:\windows\$hf_mig$\KB958215\SP3GDR\urlmon.dll
+ 2008-10-16 01:00:11   666,112   ----a-w   c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll
+ 2008-10-16 11:34:08   3,067,904   ----a-w   c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll
+ 2008-10-16 01:04:06   1,499,136   ----a-w   c:\windows\$hf_mig$\KB958215\SP3QFE\shdocvw.dll
+ 2008-10-16 01:04:06   620,032   ----a-w   c:\windows\$hf_mig$\KB958215\SP3QFE\urlmon.dll
+ 2008-10-16 01:04:06   667,136   ----a-w   c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB958215\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB958215\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB958215\update\spcustom.dll
+ 2007-11-30 12:39:22   755,576   ----a-w   c:\windows\$hf_mig$\KB958215\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB958215\update\updspapi.dll
+ 2008-12-11 10:24:44   333,184   ----a-w   c:\windows\$hf_mig$\KB958687\SP2QFE\srv.sys
+ 2008-12-11 10:57:09   333,952   ----a-w   c:\windows\$hf_mig$\KB958687\SP3GDR\srv.sys
+ 2008-12-11 12:33:59   333,952   ----a-w   c:\windows\$hf_mig$\KB958687\SP3QFE\srv.sys
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB958687\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB958687\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB958687\update\spcustom.dll
+ 2007-11-30 11:18:51   755,576   ----a-w   c:\windows\$hf_mig$\KB958687\update\update.exe
+ 2007-11-30 11:18:51   382,840   ----a-w   c:\windows\$hf_mig$\KB958687\update\updspapi.dll
+ 2009-02-09 10:20:05   1,847,424   ----a-w   c:\windows\$hf_mig$\KB958690\SP2QFE\win32k.sys
+ 2009-02-09 11:13:27   1,846,784   ----a-w   c:\windows\$hf_mig$\KB958690\SP3GDR\win32k.sys
+ 2009-02-09 11:08:53   1,847,552   ----a-w   c:\windows\$hf_mig$\KB958690\SP3QFE\win32k.sys
+ 2008-07-09 07:38:24   17,272   ----a-w   c:\windows\$hf_mig$\KB958690\spmsg.dll
+ 2008-07-09 07:38:25   231,288   ----a-w   c:\windows\$hf_mig$\KB958690\spuninst.exe
+ 2008-07-09 07:38:24   26,488   ----a-w   c:\windows\$hf_mig$\KB958690\update\spcustom.dll
+ 2008-07-09 07:38:29   755,576   ----a-w   c:\windows\$hf_mig$\KB958690\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB958690\update\updspapi.dll
+ 2008-12-05 06:41:26   144,896   ----a-w   c:\windows\$hf_mig$\KB960225\SP2QFE\schannel.dll
+ 2008-12-05 06:54:55   144,896   ----a-w   c:\windows\$hf_mig$\KB960225\SP3GDR\schannel.dll
+ 2008-12-05 06:58:08   144,896   ----a-w   c:\windows\$hf_mig$\KB960225\SP3QFE\schannel.dll
+ 2007-11-30 11:18:51   17,272   ----a-w   c:\windows\$hf_mig$\KB960225\spmsg.dll
+ 2007-11-30 11:18:51   231,288   ----a-w   c:\windows\$hf_mig$\KB960225\spuninst.exe
+ 2007-11-30 11:18:51   26,488   ----a-w   c:\windows\$hf_mig$\KB960225\update\spcustom.dll
+ 2007-11-30 12:39:22   755,576   ----a-w   c:\windows\$hf_mig$\KB960225\update\update.exe
+ 2007-11-30 12:39:22   382,840   ----a-w   c:\windows\$hf_mig$\KB960225\update\updspapi.dll
+ 2008-12-12 17:01:00   3,067,904   ----a-w   c:\windows\$hf_mig$\KB960714\SP3GDR\mshtml.dll
+ 2008-12-12 17:14:50   3,067,904   ----a-w   c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB960714\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB960714\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB960714\update\spcustom.dll
+ 2008-07-09 07:38:29   755,576   ----a-w   c:\windows\$hf_mig$\KB960714\update\update.exe
+ 2007-11-30 11:18:51   382,840   ----a-w   c:\windows\$hf_mig$\KB960714\update\updspapi.dll
+ 2008-07-09 07:38:24   17,272   ----a-w   c:\windows\$hf_mig$\KB960715\spmsg.dll
+ 2008-07-09 07:38:25   231,288   ----a-w   c:\windows\$hf_mig$\KB960715\spuninst.exe
+ 2008-07-09 07:38:24   26,488   ----a-w   c:\windows\$hf_mig$\KB960715\update\spcustom.dll
+ 2008-11-15 17:18:04   755,576   ----a-w   c:\windows\$hf_mig$\KB960715\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB960715\update\updspapi.dll
+ 2008-06-17 19:02:19   8,461,312   ----a-w   c:\windows\$hf_mig$\KB967715\SP3GDR\shell32.dll
+ 2008-06-17 19:04:34   8,461,824   ----a-w   c:\windows\$hf_mig$\KB967715\SP3QFE\shell32.dll
+ 2008-07-09 07:38:24   17,272   ----a-w   c:\windows\$hf_mig$\KB967715\spmsg.dll
+ 2008-07-09 07:38:25   231,288   ----a-w   c:\windows\$hf_mig$\KB967715\spuninst.exe
+ 2008-07-09 07:38:24   26,488   ----a-w   c:\windows\$hf_mig$\KB967715\update\spcustom.dll
+ 2008-07-09 07:38:29   755,576   ----a-w   c:\windows\$hf_mig$\KB967715\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB967715\update\updspapi.dll
+ 2006-10-19 01:03:58   100,864   -c----w   c:\windows\$NtUninstallKB952069_WM9$\logagent.exe
+ 2007-07-27 14:41:48   231,288   -c----w   c:\windows\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe
+ 2007-07-27 14:41:48   382,840   -c----w   c:\windows\$NtUninstallKB952069_WM9$\spuninst\updspapi.dll
+ 2006-10-19 02:47:20   937,984   -c----w   c:\windows\$NtUninstallKB952069_WM9$\wmnetmgr.dll
+ 2006-10-19 02:47:22   2,450,944   -c----w   c:\windows\$NtUninstallKB952069_WM9$\wmvcore.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51   382,840   -c----w   c:\windows\$NtUninstallKB954600$\spuninst\updspapi.dll
+ 2006-08-21 14:52:08   246,814   -c----w   c:\windows\$NtUninstallKB954600$\strmdll.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB955839$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22   382,840   -c----w   c:\windows\$NtUninstallKB955839$\spuninst\updspapi.dll
+ 2008-07-14 11:09:18   62,976   -c----w   c:\windows\$NtUninstallKB955839$\tzchange.exe
+ 2008-02-20 06:51:05   282,624   -c----w   c:\windows\$NtUninstallKB956802$\gdi32.dll
+ 2008-07-08 13:02:02   231,288   -c----w   c:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB956802$\spuninst\updspapi.dll
+ 2008-08-20 05:33:19   1,024,000   -c----w   c:\windows\$NtUninstallKB958215$\browseui.dll
+ 2008-08-20 05:33:17   151,040   -c----w   c:\windows\$NtUninstallKB958215$\cdfview.dll
+ 2008-08-20 05:33:18   1,054,208   -c----w   c:\windows\$NtUninstallKB958215$\danim.dll
+ 2008-08-20 05:33:18   357,888   -c----w   c:\windows\$NtUninstallKB958215$\dxtmsft.dll
+ 2008-08-20 05:33:18   205,312   -c----w   c:\windows\$NtUninstallKB958215$\dxtrans.dll
+ 2008-08-20 05:33:18   55,808   -c----w   c:\windows\$NtUninstallKB958215$\extmgr.dll
+ 2008-08-19 09:38:57   18,432   -c----w   c:\windows\$NtUninstallKB958215$\iedw.exe
+ 2008-08-20 05:33:18   251,904   -c----w   c:\windows\$NtUninstallKB958215$\iepeers.dll
+ 2008-08-20 05:33:18   96,256   -c----w   c:\windows\$NtUninstallKB958215$\inseng.dll
+ 2008-08-20 05:33:19   16,384   -c----w   c:\windows\$NtUninstallKB958215$\jsproxy.dll
+ 2008-08-20 05:33:20   3,067,392   -c----w   c:\windows\$NtUninstallKB958215$\mshtml.dll
+ 2008-08-20 05:33:19   449,024   -c----w   c:\windows\$NtUninstallKB958215$\mshtmled.dll
+ 2008-08-20 05:33:18   146,432   -c----w   c:\windows\$NtUninstallKB958215$\msrating.dll
+ 2008-08-20 05:33:18   532,480   -c----w   c:\windows\$NtUninstallKB958215$\mstime.dll
+ 2008-08-20 05:33:18   39,424   -c----w   c:\windows\$NtUninstallKB958215$\pngfilt.dll
+ 2008-08-20 05:33:19   1,499,136   -c----w   c:\windows\$NtUninstallKB958215$\shdocvw.dll
+ 2008-08-20 05:33:19   474,112   -c----w   c:\windows\$NtUninstallKB958215$\shlwapi.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB958215$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB958215$\spuninst\updspapi.dll
+ 2008-08-20 05:33:19   619,008   -c----w   c:\windows\$NtUninstallKB958215$\urlmon.dll
+ 2008-08-20 05:33:19   667,648   -c----w   c:\windows\$NtUninstallKB958215$\wininet.dll
+ 2008-08-19 09:20:32   351,744   -c----w   c:\windows\$NtUninstallKB958215$\xpsp3res.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51   382,840   -c----w   c:\windows\$NtUninstallKB958687$\spuninst\updspapi.dll
+ 2008-08-28 10:04:17   333,056   -c----w   c:\windows\$NtUninstallKB958687$\srv.sys
+ 2008-07-09 07:38:25   231,288   -c----w   c:\windows\$NtUninstallKB958690$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB958690$\spuninst\updspapi.dll
+ 2008-09-15 11:57:41   1,846,016   -c----w   c:\windows\$NtUninstallKB958690$\win32k.sys
+ 2007-07-27 13:41:48   231,288   -c----w   c:\windows\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe
+ 2007-07-27 13:41:48   382,840   -c----w   c:\windows\$NtUninstallKB959772_WM11$\spuninst\updspapi.dll
+ 2007-06-12 03:51:12   10,834,944   -c----w   c:\windows\$NtUninstallKB959772_WM11$\wmp.dll
+ 2007-04-25 14:21:15   144,896   -c----w   c:\windows\$NtUninstallKB960225$\schannel.dll
+ 2007-11-30 11:18:51   231,288   -c----w   c:\windows\$NtUninstallKB960225$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22   382,840   -c----w   c:\windows\$NtUninstallKB960225$\spuninst\updspapi.dll
+ 2008-10-16 10:20:56   3,067,392   -c----w   c:\windows\$NtUninstallKB960714$\mshtml.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB960714$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51   382,840   -c----w   c:\windows\$NtUninstallKB960714$\spuninst\updspapi.dll
+ 2008-07-09 07:38:25   231,288   -c----w   c:\windows\$NtUninstallKB960715$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB960715$\spuninst\updspapi.dll
+ 2007-10-26 03:34:01   8,460,288   -c----w   c:\windows\$NtUninstallKB967715$\shell32.dll
+ 2008-07-09 07:38:25   231,288   -c----w   c:\windows\$NtUninstallKB967715$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB967715$\spuninst\updspapi.dll
+ 2006-10-04 14:05:26   39,424   ----a-w   c:\windows\AppPatch\acadproc(2).dll
+ 2006-10-04 14:05:26   39,424   ----a-w   c:\windows\AppPatch\acadproc(3).dll
+ 2006-10-04 14:05:26   39,424   ----a-w   c:\windows\AppPatch\acadproc(4).dll
+ 2006-10-04 14:05:26   39,424   ----a-w   c:\windows\AppPatch\acadproc(5).dll
+ 2004-08-04 07:56:41   1,852,416   ----a-w   c:\windows\AppPatch\acgenral(3).dll
+ 2004-08-04 07:56:41   1,852,416   ----a-w   c:\windows\AppPatch\acgenral(4).dll
- 2005-10-21 01:02:28   163,328   ----a-w   c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
+ 2005-10-21 00:02:28   163,328   ----a-w   c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
- 2005-10-21 01:02:28   163,328   ----a-w   c:\windows\ERDNT\subs\ERDNT.EXE
+ 2005-10-21 00:02:28   163,328   ----a-w   c:\windows\ERDNT\subs\ERDNT.EXE
+ 2007-06-13 10:23:07   1,033,216   ----a-w   c:\windows\explorer(2).exe
+ 2007-06-13 10:23:07   1,033,216   ----a-w   c:\windows\explorer(3).exe
+ 2007-06-13 10:23:07   1,033,216   ----a-w   c:\windows\explorer(4).exe
- 2000-08-31 13:00:00   89,504   ----a-w   c:\windows\fdsv.exe
+ 2000-08-31 12:00:00   89,504   ----a-w   c:\windows\fdsv.exe
- 2000-08-31 13:00:00   80,412   ----a-w   c:\windows\grep.exe
+ 2000-08-31 12:00:00   80,412   ----a-w   c:\windows\grep.exe
- 2008-11-12 23:01:50   593,920   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-04-03 07:06:58   593,920   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-11-12 23:01:50   12,288   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-04-03 07:06:58   12,288   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-11-12 23:01:50   86,016   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-04-03 07:06:58   86,016   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-11-12 23:01:50   135,168   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-04-03 07:06:58   135,168   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-11-12 23:01:50   11,264   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-04-03 07:06:58   11,264   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-11-12 23:01:50   27,136   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-04-03 07:06:58   27,136   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-11-12 23:01:50   4,096   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-04-03 07:06:58   4,096   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-11-12 23:01:50   794,624   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-04-03 07:06:59   794,624   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-11-12 23:01:50   249,856   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-04-03 07:06:58   249,856   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-11-12 23:01:50   61,440   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-04-03 07:06:58   61,440   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-11-12 23:01:50   23,040   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-04-03 07:06:59   23,040   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-11-12 23:01:50   286,720   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-04-03 07:06:58   286,720   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-11-12 23:01:50   409,600   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-04-03 07:06:57   409,600   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-11-12 23:02:08   35,600   ----a-r   c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-12-10 08:15:02   35,600   ----a-r   c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-11-20 01:48:13   295,606   ----a-r   c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81300000003}\SC_Reader.exe
+ 2009-01-05 21:52:55   173,430   ----a-r   c:\windows\Installer\{B7F98125-4955-41E3-8A71-4CE11CE9C198}\KGUSNewShortcut2_B7F98125495541E38A714CE11CE9C198.exe
+ 2009-01-05 21:52:55   173,430   ----a-r   c:\windows\Installer\{B7F98125-4955-41E3-8A71-4CE11CE9C198}\KGUSNewShortcut3_B7F98125495541E38A714CE11CE9C198.exe
+ 2009-04-02 01:21:58   2,232   ----a-w   c:\windows\java\Packages\Data\57FR7JBJ.DAT
+ 2009-04-02 01:21:29   2,678   ----a-w   c:\windows\java\Packages\Data\8KCG9J13.DAT
+ 2009-04-02 01:21:49   2,678   ----a-w   c:\windows\java\Packages\Data\HVB3RNJ1.DAT
+ 2009-04-02 01:21:30   2,678   ----a-w   c:\windows\java\Packages\Data\KCZFN93F.DAT
+ 2009-04-02 01:21:31   2,678   ----a-w   c:\windows\java\Packages\Data\R5R7RHNJ.DAT
+ 2009-04-02 01:21:33   2,678   ----a-w   c:\windows\java\Packages\Data\RZBDF7V7.DAT
- 2000-08-31 13:00:00   28,672   ----a-w   c:\windows\nircmd.exe
+ 2000-08-31 12:00:00   29,696   ----a-w   c:\windows\nircmd.exe
+ 2004-08-04 07:56:44   38,912   ----a-w   c:\windows\PCHealth\HelpCtr\Binaries\pchsvc(2).dll
+ 2004-08-04 07:56:44   38,912   ----a-w   c:\windows\PCHealth\HelpCtr\Binaries\pchsvc(3).dll
+ 2004-08-04 07:56:44   38,912   ----a-w   c:\windows\PCHealth\HelpCtr\Binaries\pchsvc(4).dll
+ 2009-03-31 22:45:07   184,426   ----a-w   c:\windows\PCHealth\HelpCtr\Config\Cache\Personal_32_1033.dat
+ 2009-03-31 22:45:07   184,426   ----a-w   c:\windows\PCHealth\HelpCtr\Config\Cache\Personal_32_1033.dat.bak
- 2000-08-31 13:00:00   98,816   ----a-w   c:\windows\sed.exe
+ 2000-08-31 12:00:00   98,816   ----a-w   c:\windows\sed.exe
- 2004-08-04 08:07:21   1,788   ----a-w   c:\windows\ServicePackFiles\i386\dcache.bin
+ 2008-04-14 00:25:26   1,804   ----a-w   c:\windows\ServicePackFiles\i386\dcache.bin
- 2000-08-31 13:00:00   161,792   ----a-w   c:\windows\SWREG.exe
+ 2000-08-31 12:00:00   161,792   ----a-w   c:\windows\SWREG.exe
- 2000-08-31 13:00:00   136,704   ----a-w   c:\windows\SWSC.exe
+ 2000-08-31 12:00:00   136,704   ----a-w   c:\windows\SWSC.exe
- 2000-08-31 13:00:00   212,480   ----a-w   c:\windows\SWXCACLS.exe
+ 2000-08-31 12:00:00   212,480   ----a-w   c:\windows\SWXCACLS.exe
+ 2004-08-04 07:56:41   194,048   ----a-w   c:\windows\system32\activeds(2).dll
+ 2004-08-04 07:56:41   194,048   ----a-w   c:\windows\system32\activeds(3).dll
+ 2004-08-04 07:56:41   194,048   ----a-w   c:\windows\system32\activeds(4).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\actxprxy(2).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\actxprxy(3).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\actxprxy(4).dll
+ 2004-08-04 07:56:41   143,360   ----a-w   c:\windows\system32\adsldpc(2).dll
+ 2004-08-04 07:56:41   143,360   ----a-w   c:\windows\system32\adsldpc(3).dll
+ 2004-08-04 07:56:41   143,360   ----a-w   c:\windows\system32\adsldpc(4).dll
+ 2004-08-04 07:56:41   99,840   ----a-w   c:\windows\system32\advpack(2).dll
+ 2004-08-04 07:56:41   99,840   ----a-w   c:\windows\system32\advpack(3).dll
+ 2004-08-04 07:56:41   99,840   ----a-w   c:\windows\system32\advpack(4).dll
+ 2004-08-04 07:56:47   44,544   ----a-w   c:\windows\system32\alg(2).exe
+ 2004-08-04 07:56:47   44,544   ----a-w   c:\windows\system32\alg(3).exe
+ 2004-08-04 07:56:47   44,544   ----a-w   c:\windows\system32\alg(4).exe
+ 2004-08-04 07:56:41   65,024   ----a-w   c:\windows\system32\asycfilt(2).dll
+ 2004-08-04 07:56:41   65,024   ----a-w   c:\windows\system32\asycfilt(3).dll
+ 2004-08-04 07:56:41   65,024   ----a-w   c:\windows\system32\asycfilt(4).dll
+ 2004-08-04 07:56:41   58,880   ----a-w   c:\windows\system32\atl(2).dll
+ 2004-08-04 07:56:41   58,880   ----a-w   c:\windows\system32\atl(3).dll
+ 2004-08-04 07:56:41   58,880   ----a-w   c:\windows\system32\atl(4).dll
+ 2004-08-04 07:56:41   42,496   ----a-w   c:\windows\system32\audiosrv(2).dll
+ 2004-08-04 07:56:41   42,496   ----a-w   c:\windows\system32\audiosrv(3).dll
+ 2004-08-04 07:56:41   42,496   ----a-w   c:\windows\system32\audiosrv(4).dll
+ 2005-03-02 18:09:29   56,832   ----a-w   c:\windows\system32\authz(2).dll
+ 2005-03-02 18:09:29   56,832   ----a-w   c:\windows\system32\authz(3).dll
+ 2005-03-02 18:09:29   56,832   ----a-w   c:\windows\system32\authz(4).dll
+ 2004-08-04 07:56:41   28,672   ----a-w   c:\windows\system32\batmeter(2).dll
+ 2004-08-04 07:56:41   28,672   ----a-w   c:\windows\system32\batmeter(3).dll
+ 2004-08-04 07:56:41   28,672   ----a-w   c:\windows\system32\batmeter(4).dll
+ 2004-08-04 07:55:59   63,488   ----a-w   c:\windows\system32\browselc(2).dll
+ 2004-08-04 07:55:59   63,488   ----a-w   c:\windows\system32\browselc(3).dll
+ 2004-08-04 07:55:59   63,488   ----a-w   c:\windows\system32\browselc(4).dll
+ 2004-08-04 07:56:41   77,312   ----a-w   c:\windows\system32\browser(2).dll
+ 2004-08-04 07:56:41   77,312   ----a-w   c:\windows\system32\browser(3).dll
+ 2004-08-04 07:56:41   77,312   ----a-w   c:\windows\system32\browser(4).dll
+ 2008-10-16 10:20:52   1,024,000   ----a-w   c:\windows\system32\browseui(2).dll
+ 2008-10-16 10:20:52   1,024,000   ----a-w   c:\windows\system32\browseui(3).dll
+ 2008-10-16 10:20:52   1,024,000   ----a-w   c:\windows\system32\browseui(4).dll
- 2008-08-20 05:33:19   1,024,000   ----a-w   c:\windows\system32\browseui.dll
+ 2008-10-16 10:20:52   1,024,000   ----a-w   c:\windows\system32\browseui.dll
+ 2004-08-04 07:56:41   59,904   ----a-w   c:\windows\system32\cabinet(2).dll
+ 2004-08-04 07:56:41   59,904   ----a-w   c:\windows\system32\cabinet(3).dll
+ 2004-08-04 07:56:41   59,904   ----a-w   c:\windows\system32\cabinet(4).dll
+ 2005-07-26 04:39:42   225,792   ----a-w   c:\windows\system32\catsrv(2).dll
+ 2005-07-26 04:39:42   225,792   ----a-w   c:\windows\system32\catsrv(3).dll
+ 2005-07-26 04:39:42   225,792   ----a-w   c:\windows\system32\catsrv(4).dll
+ 2005-07-26 04:39:43   625,152   ----a-w   c:\windows\system32\catsrvut(2).dll
+ 2005-07-26 04:39:43   625,152   ----a-w   c:\windows\system32\catsrvut(3).dll
+ 2005-07-26 04:39:43   625,152   ----a-w   c:\windows\system32\catsrvut(4).dll
- 2008-08-20 05:33:17   151,040   ----a-w   c:\windows\system32\cdfview.dll
+ 2008-10-16 10:20:42   151,040   ----a-w   c:\windows\system32\cdfview.dll
- 2008-07-19 02:10:48   94,920   ----a-w   c:\windows\system32\cdm.dll
+ 2008-10-16 19:09:44   92,696   ----a-w   c:\windows\system32\cdm.dll
+ 2004-08-04 07:56:41   194,560   ----a-w   c:\windows\system32\certcli(2).dll
+ 2004-08-04 07:56:41   194,560   ----a-w   c:\windows\system32\certcli(3).dll
+ 2004-08-04 07:56:41   194,560   ----a-w   c:\windows\system32\certcli(4).dll
+ 2004-08-04 07:56:00   16,896   ----a-w   c:\windows\system32\cfgmgr32(2).dll
+ 2004-08-04 07:56:00   16,896   ----a-w   c:\windows\system32\cfgmgr32(3).dll
+ 2004-08-04 07:56:00   16,896   ----a-w   c:\windows\system32\cfgmgr32(4).dll
+ 2005-07-26 04:39:43   498,688   ----a-w   c:\windows\system32\clbcatq(2).dll
+ 2005-07-26 04:39:43   498,688   ----a-w   c:\windows\system32\clbcatq(3).dll
+ 2005-07-26 04:39:43   498,688   ----a-w   c:\windows\system32\clbcatq(4).dll
+ 2004-08-04 07:56:41   57,856   ----a-w   c:\windows\system32\clusapi(2).dll
+ 2004-08-04 07:56:41   57,856   ----a-w   c:\windows\system32\clusapi(3).dll
+ 2004-08-04 07:56:41   57,856   ----a-w   c:\windows\system32\clusapi(4).dll
+ 2004-08-04 07:56:41   47,104   ----a-w   c:\windows\system32\cnbjmon(2).dll
+ 2004-08-04 07:56:41   47,104   ----a-w   c:\windows\system32\cnbjmon(3).dll
+ 2004-08-04 07:56:41   47,104   ----a-w   c:\windows\system32\cnbjmon(4).dll
+ 2005-07-26 04:39:43   60,416   ----a-w   c:\windows\system32\colbact(2).dll
+ 2005-07-26 04:39:43   60,416   ----a-w   c:\windows\system32\colbact(3).dll
+ 2005-07-26 04:39:43   60,416   ----a-w   c:\windows\system32\colbact(4).dll
+ 2004-08-04 07:56:41   792,064   ----a-w   c:\windows\system32\comres(2).dll
+ 2004-08-04 07:56:41   792,064   ----a-w   c:\windows\system32\comres(3).dll
+ 2004-08-04 07:56:41   792,064   ----a-w   c:\windows\system32\comres(4).dll
+ 2005-07-26 04:39:44   1,267,200   ----a-w   c:\windows\system32\comsvcs(2).dll
+ 2005-07-26 04:39:44   1,267,200   ----a-w   c:\windows\system32\comsvcs(3).dll
+ 2005-07-26 04:39:44   1,267,200   ----a-w   c:\windows\system32\comsvcs(4).dll
+ 2004-08-04 07:56:41   163,840   ----a-w   c:\windows\system32\credui(2).dll
+ 2004-08-04 07:56:41   163,840   ----a-w   c:\windows\system32\credui(3).dll
+ 2004-08-04 07:56:41   163,840   ----a-w   c:\windows\system32\credui(4).dll
+ 2004-08-04 07:56:41   597,504   ----a-w   c:\windows\system32\crypt32(2).dll
+ 2004-08-04 07:56:41   597,504   ----a-w   c:\windows\system32\crypt32(3).dll
+ 2004-08-04 07:56:41   597,504   ----a-w   c:\windows\system32\crypt32(4).dll
+ 2004-08-04 07:56:41   33,280   ----a-w   c:\windows\system32\cryptdll(2).dll
+ 2004-08-04 07:56:41   33,280   ----a-w   c:\windows\system32\cryptdll(3).dll
+ 2004-08-04 07:56:41   33,280   ----a-w   c:\windows\system32\cryptdll(4).dll
+ 2004-08-04 07:56:41   63,488   ----a-w   c:\windows\system32\cryptnet(2).dll
+ 2004-08-04 07:56:41   63,488   ----a-w   c:\windows\system32\cryptnet(3).dll
+ 2004-08-04 07:56:41   63,488   ----a-w   c:\windows\system32\cryptnet(4).dll
+ 2004-08-04 07:56:41   60,416   ----a-w   c:\windows\system32\cryptsvc(2).dll
+ 2004-08-04 07:56:41   60,416   ----a-w   c:\windows\system32\cryptsvc(3).dll
+ 2004-08-04 07:56:41   60,416   ----a-w   c:\windows\system32\cryptsvc(4).dll
+ 2004-08-04 07:56:41   512,512   ----a-w   c:\windows\system32\cryptui(2).dll
+ 2004-08-04 07:56:41   512,512   ----a-w   c:\windows\system32\cryptui(3).dll
+ 2004-08-04 07:56:41   512,512   ----a-w   c:\windows\system32\cryptui(4).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\cscdll(2).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\cscdll(3).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\cscdll(4).dll
+ 2004-08-04 07:56:41   326,656   ----a-w   c:\windows\system32\cscui(2).dll
+ 2004-08-04 07:56:41   326,656   ----a-w   c:\windows\system32\cscui(3).dll
+ 2004-08-04 07:56:41   326,656   ----a-w   c:\windows\system32\cscui(4).dll
+ 2004-08-04 07:56:48   6,144   ----a-w   c:\windows\system32\csrss(2).exe
+ 2004-08-04 07:56:48   6,144   ----a-w   c:\windows\system32\csrss(3).exe
+ 2004-08-04 07:56:48   6,144   ----a-w   c:\windows\system32\csrss(4).exe
+ 2004-08-04 07:56:48   15,360   ----a-w   c:\windows\system32\ctfmon(2).exe
+ 2004-08-04 07:56:48   15,360   ----a-w   c:\windows\system32\ctfmon(3).exe
+ 2004-08-04 07:56:48   15,360   ----a-w   c:\windows\system32\ctfmon(4).exe
+ 2008-12-26 18:34:50   4,012   ----a-w   c:\windows\system32\d3d9caps.dat
+ 2004-08-04 07:56:41   825,344   ----a-w   c:\windows\system32\d3dim700(2).dll
+ 2004-08-04 07:56:41   825,344   ----a-w   c:\windows\system32\d3dim700(3).dll
+ 2004-08-04 07:56:41   825,344   ----a-w   c:\windows\system32\d3dim700(4).dll
- 2008-08-20 05:33:18   1,054,208   ----a-w   c:\windows\system32\danim.dll
+ 2008-10-16 10:20:45   1,054,208   ----a-w   c:\windows\system32\danim.dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\davclnt(2).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\davclnt(3).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\davclnt(4).dll
+ 2004-08-04 07:56:42   640,000   ----a-w   c:\windows\system32\dbghelp(2).dll
+ 2004-08-04 07:56:42   640,000   ----a-w   c:\windows\system32\dbghelp(3).dll
+ 2004-08-04 07:56:42   640,000   ----a-w   c:\windows\system32\dbghelp(4).dll
- 2004-08-04 08:07:21   1,788   ----a-w   c:\windows\system32\dcache.bin
+ 2008-04-14 00:25:26   1,804   ----a-w   c:\windows\system32\dcache.bin
+ 2004-08-04 07:56:42   8,704   ----a-w   c:\windows\system32\dciman32(2).dll
+ 2004-08-04 07:56:42   8,704   ----a-w   c:\windows\system32\dciman32(3).dll
+ 2004-08-04 07:56:42   8,704   ----a-w   c:\windows\system32\dciman32(4).dll
+ 2004-08-04 07:56:42   266,240   ----a-w   c:\windows\system32\ddraw(2).dll
+ 2004-08-04 07:56:42   266,240   ----a-w   c:\windows\system32\ddraw(3).dll
+ 2004-08-04 07:56:42   266,240   ----a-w   c:\windows\system32\ddraw(4).dll
+ 2004-08-04 07:56:42   27,136   ----a-w   c:\windows\system32\ddrawex(2).dll
+ 2004-08-04 07:56:42   27,136   ----a-w   c:\windows\system32\ddrawex(3).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\devenum(2).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\devenum(3).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\devenum(4).dll
- 2008-08-20 05:33:19   1,024,000   -c--a-w   c:\windows\system32\dllcache\browseui.dll
+ 2008-10-16 10:20:52   1,024,000   -c--a-w   c:\windows\system32\dllcache\browseui.dll
- 2008-08-20 05:33:17   151,040   -c--a-w   c:\windows\system32\dllcache\cdfview.dll
+ 2008-10-16 10:20:42   151,040   -c--a-w   c:\windows\system32\dllcache\cdfview.dll
- 2008-07-19 02:10:48   94,920   -c--a-w   c:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 19:09:44   92,696   -c--a-w   c:\windows\system32\dllcache\cdm.dll
- 2008-08-20 05:33:18   1,054,208   -c--a-w   c:\windows\system32\dllcache\danim.dll
+ 2008-10-16 10:20:45   1,054,208   -c--a-w   c:\windows\system32\dllcache\danim.dll
- 2008-08-20 05:33:18   357,888   -c--a-w   c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 10:20:45   357,888   -c--a-w   c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-20 05:33:18   205,312   -c--a-w   c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 10:20:45   205,312   -c--a-w   c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-20 05:33:18   55,808   -c--a-w   c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 10:20:46   55,808   -c--a-w   c:\windows\system32\dllcache\extmgr.dll
- 2008-02-20 06:51:05   282,624   ----a-w   c:\windows\system32\dllcache\gdi32.dll
+ 2008-10-23 13:01:36   283,648   -c--a-w   c:\windows\system32\dllcache\gdi32.dll
- 2008-08-19 09:38:57   18,432   -c--a-w   c:\windows\system32\dllcache\iedw.exe
+ 2008-10-15 14:18:21   18,432   -c--a-w   c:\windows\system32\dllcache\iedw.exe
- 2008-08-20 05:33:18   251,904   -c--a-w   c:\windows\system32\dllcache\iepeers.dll
+ 2008-10-16 10:20:46   251,904   -c--a-w   c:\windows\system32\dllcache\iepeers.dll
- 2008-08-20 05:33:18   96,256   -c--a-w   c:\windows\system32\dllcache\inseng.dll
+ 2008-10-16 10:20:46   96,256   -c--a-w   c:\windows\system32\dllcache\inseng.dll
- 2008-08-20 05:33:19   16,384   -c--a-w   c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 10:20:50   16,384   -c--a-w   c:\windows\system32\dllcache\jsproxy.dll
- 2006-10-19 01:03:58   100,864   -c--a-w   c:\windows\system32\dllcache\logagent.exe
+ 2008-06-18 06:09:22   100,864   -c--a-w   c:\windows\system32\dllcache\logagent.exe
- 2008-08-20 05:33:20   3,067,392   -c--a-w   c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-12 17:27:54   3,067,392   -c--a-w   c:\windows\system32\dllcache\mshtml.dll
- 2008-08-20 05:33:19   449,024   -c--a-w   c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 10:20:50   449,024   -c--a-w   c:\windows\system32\dllcache\mshtmled.dll
- 2008-08-20 05:33:18   146,432   -c--a-w   c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 10:20:46   146,432   -c--a-w   c:\windows\system32\dllcache\msrating.dll
- 2008-08-20 05:33:18   532,480   -c--a-w   c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 10:20:46   532,480   -c--a-w   c:\windows\system32\dllcache\mstime.dll
- 2008-08-20 05:33:18   39,424   -c--a-w   c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 10:20:46   39,424   -c--a-w   c:\windows\system32\dllcache\pngfilt.dll
- 2007-04-25 14:21:15   144,896   ----a-w   c:\windows\system32\dllcache\schannel.dll
+ 2008-12-05 07:12:45   144,896   -c--a-w   c:\windows\system32\dllcache\schannel.dll
- 2008-08-20 05:33:19   1,499,136   -c--a-w   c:\windows\system32\dllcache\shdocvw.dll
+ 2008-10-16 10:20:48   1,499,136   -c--a-w   c:\windows\system32\dllcache\shdocvw.dll
- 2007-10-26 03:34:01   8,460,288   ----a-w   c:\windows\system32\dllcache\shell32.dll
+ 2008-07-03 13:03:29   8,460,800   -c--a-w   c:\windows\system32\dllcache\shell32.dll
- 2008-08-20 05:33:19   474,112   -c--a-w   c:\windows\system32\dllcache\shlwapi.dll
+ 2008-10-16 10:20:51   474,112   -c--a-w   c:\windows\system32\dllcache\shlwapi.dll
- 2008-08-28 10:04:17   333,056   -c--a-w   c:\windows\system32\dllcache\srv.sys
+ 2008-12-11 11:57:21   333,184   -c--a-w   c:\windows\system32\dllcache\srv.sys
- 2006-08-21 14:52:08   246,814   ----a-w   c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:15:47   247,326   -c--a-w   c:\windows\system32\dllcache\strmdll.dll
- 2008-08-20 05:33:19   619,008   -c--a-w   c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 10:20:53   619,008   -c--a-w   c:\windows\system32\dllcache\urlmon.dll
- 2008-09-15 11:57:41   1,846,016   -c--a-w   c:\windows\system32\dllcache\win32k.sys
+ 2009-02-09 10:19:34   1,846,272   -c--a-w   c:\windows\system32\dllcache\win32k.sys
- 2008-08-20 05:33:19   667,648   -c--a-w   c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 10:20:49   667,648   -c--a-w   c:\windows\system32\dllcache\wininet.dll
- 2006-10-19 02:47:20   937,984   -c--a-w   c:\windows\system32\dllcache\WMNetMgr.dll
+ 2008-06-18 10:03:08   938,496   -c--a-w   c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-19 02:47:22   2,450,944   -c--a-w   c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 10:03:14   2,458,112   -c--a-w   c:\windows\system32\dllcache\WMVCore.dll
- 2008-07-19 02:09:44   563,912   -c--a-w   c:\windows\system32\dllcache\wuapi.dll
+ 2008-10-16 19:12:20   561,688   -c--a-w   c:\windows\system32\dllcache\wuapi.dll
- 2008-07-19 02:10:42   53,448   -c--a-w   c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 19:09:44   51,224   -c--a-w   c:\windows\system32\dllcache\wuauclt.exe
- 2008-07-19 02:09:42   1,811,656   -c--a-w   c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 19:13:40   1,809,944   -c--a-w   c:\windows\system32\dllcache\wuaueng.dll
- 2008-07-19 02:09:46   325,832   -c--a-w   c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 19:12:22   323,608   -c--a-w   c:\windows\system32\dllcache\wucltui.dll
- 2008-07-19 02:10:20   36,552   -c--a-w   c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 19:08:58   34,328   -c--a-w   c:\windows\system32\dllcache\wups.dll
- 2008-07-19 02:09:44   205,000   -c--a-w   c:\windows\system32\dllcache\wuweb.dll
+ 2008-10-16 19:13:40   202,776   -c--a-w   c:\windows\system32\dllcache\wuweb.dll
+ 2008-06-20 17:41:10   148,992   ----a-w   c:\windows\system32\dnsapi(2).dll
+ 2008-06-20 17:41:10   148,992   ----a-w   c:\windows\system32\dnsapi(3).dll
+ 2008-06-20 17:41:10   148,992   ----a-w   c:\windows\system32\dnsapi(4).dll
+ 2008-02-20 05:32:43   45,568   ----a-w   c:\windows\system32\dnsrslvr(2).dll
+ 2008-02-20 05:32:43   45,568   ----a-w   c:\windows\system32\dnsrslvr(3).dll
+ 2008-02-20 05:32:43   45,568   ----a-w   c:\windows\system32\dnsrslvr(4).dll
+ 2004-08-04 06:00:54   71,040   ------w   c:\windows\system32\drivers\_003705_.tmp.dll
+ 2004-08-04 06:00:54   71,040   ------w   c:\windows\system32\drivers\_003716_.tmp.dll
+ 2004-08-04 06:00:54   71,040   ------w   c:\windows\system32\drivers\_003725_.tmp.dll
- 2008-09-22 01:10:32   97,928   ----a-w   c:\windows\system32\drivers\avgldx86.sys
+ 2009-02-04 13:40:18   325,128   ----a-w   c:\windows\system32\drivers\avgldx86.sys
- 2008-09-22 01:10:30   26,824   ----a-w   c:\windows\system32\drivers\avgmfx86.sys
+ 2009-02-04 13:40:18   27,656   ----a-w   c:\windows\system32\drivers\avgmfx86.sys
- 2008-09-22 01:10:37   76,040   ----a-w   c:\windows\system32\drivers\avgtdix.sys
+ 2009-02-04 13:40:14   107,272   ----a-w   c:\windows\system32\drivers\avgtdix.sys
+ 2008-10-07 05:09:32   178,376   ----a-w   c:\windows\system32\drivers\OADriver.sys
+ 2008-10-07 05:09:48   30,920   ----a-w   c:\windows\system32\drivers\OAmon.sys
+ 2008-10-07 05:09:36   28,872   ----a-w   c:\windows\system32\drivers\OAnet.sys
- 2008-08-28 10:04:17   333,056   ----a-w   c:\windows\system32\drivers\srv.sys
+ 2008-12-11 11:57:21   333,184   ----a-w   c:\windows\system32\drivers\srv.sys
+ 2004-08-04 07:56:42   14,336   ----a-w   c:\windows\system32\drprov(2).dll
+ 2004-08-04 07:56:42   14,336   ----a-w   c:\windows\system32\drprov(3).dll
+ 2004-08-04 07:56:42   14,336   ----a-w   c:\windows\system32\drprov(4).dll
+ 2004-08-04 07:56:42   367,616   ----a-w   c:\windows\system32\dsound(2).dll
+ 2004-08-04 07:56:42   367,616   ----a-w   c:\windows\system32\dsound(3).dll
+ 2004-08-04 07:56:42   367,616   ----a-w   c:\windows\system32\dsound(4).dll
+ 2004-08-04 05:31:43   137,216   ----a-w   c:\windows\system32\dssenh(2).dll
+ 2004-08-04 05:31:43   137,216   ----a-w   c:\windows\system32\dssenh(3).dll
+ 2004-08-04 05:31:43   137,216   ----a-w   c:\windows\system32\dssenh(4).dll
+ 2004-08-04 07:56:42   304,128   ----a-w   c:\windows\system32\duser(2).dll
+ 2004-08-04 07:56:42   304,128   ----a-w   c:\windows\system32\duser(3).dll
+ 2004-08-04 07:56:42   304,128   ----a-w   c:\windows\system32\duser(4).dll
- 2008-08-20 05:33:18   357,888   ----a-w   c:\windows\system32\dxtmsft.dll
+ 2008-10-16 10:20:45   357,888   ----a-w   c:\windows\system32\dxtmsft.dll
- 2008-08-20 05:33:18   205,312   ----a-w   c:\windows\system32\dxtrans.dll
+ 2008-10-16 10:20:45   205,312   ----a-w   c:\windows\system32\dxtrans.dll
+ 2004-08-04 07:56:42   23,040   ----a-w   c:\windows\system32\ersvc(2).dll
+ 2004-08-04 07:56:42   23,040   ----a-w   c:\windows\system32\ersvc(3).dll
+ 2004-08-04 07:56:42   23,040   ----a-w   c:\windows\system32\ersvc(4).dll
+ 2008-07-07 20:32:22   253,952   ----a-w   c:\windows\system32\es(2).dll
+ 2008-07-07 20:32:22   253,952   ----a-w   c:\windows\system32\es(3).dll
+ 2008-07-07 20:32:22   253,952   ----a-w   c:\windows\system32\es(4).dll
+ 2005-10-20 22:20:03   1,082,368   ----a-w   c:\windows\system32\esent(2).dll
+ 2005-10-20 22:20:03   1,082,368   ----a-w   c:\windows\system32\esent(3).dll
+ 2005-10-20 22:20:03   1,082,368   ----a-w   c:\windows\system32\esent(4).dll
+ 2004-08-04 07:56:42   55,808   ----a-w   c:\windows\system32\eventlog(2).dll
+ 2004-08-04 07:56:42   55,808   ----a-w   c:\windows\system32\eventlog(3).dll
+ 2004-08-04 07:56:42   55,808   ----a-w   c:\windows\system32\eventlog(4).dll
- 2008-08-20 05:33:18   55,808   ----a-w   c:\windows\system32\extmgr.dll
+ 2008-10-16 10:20:46   55,808   ----a-w   c:\windows\system32\extmgr.dll
+ 2004-08-04 07:56:42   80,384   ----a-w   c:\windows\system32\faultrep(2).dll
+ 2004-08-04 07:56:42   80,384   ----a-w   c:\windows\system32\faultrep(3).dll
+ 2004-08-04 07:56:42   80,384   ----a-w   c:\windows\system32\faultrep(4).dll
- 2008-10-16 07:12:49   228,800   ----a-w   c:\windows\system32\FNTCACHE.DAT
+ 2009-04-03 07:08:43   228,800   ----a-w   c:\windows\system32\FNTCACHE.DAT
- 2008-02-20 06:51:05   282,624   ----a-w   c:\windows\system32\gdi32.dll
+ 2008-10-23 13:01:36   283,648   ----a-w   c:\windows\system32\gdi32.dll
+ 2004-08-04 07:56:42   20,992   ----a-w   c:\windows\system32\hid(2).dll
+ 2004-08-04 07:56:42   20,992   ----a-w   c:\windows\system32\hid(3).dll
+ 2004-08-04 07:56:42   20,992   ----a-w   c:\windows\system32\hid(4).dll
+ 2004-08-04 07:56:42   344,064   ----a-w   c:\windows\system32\hnetcfg(2).dll
+ 2004-08-04 07:56:42   344,064   ----a-w   c:\windows\system32\hnetcfg(3).dll
+ 2004-08-04 07:56:42   344,064   ----a-w   c:\windows\system32\hnetcfg(4).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\httpapi(2).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\httpapi(3).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\httpapi(4).dll
+ 2004-08-04 07:56:42   11,264   ----a-w   c:\windows\system32\icaapi(2).dll
+ 2004-08-04 07:56:42   11,264   ----a-w   c:\windows\system32\icaapi(3).dll
+ 2004-08-04 07:56:42   11,264   ----a-w   c:\windows\system32\icaapi(4).dll
+ 2004-08-04 07:56:07   3,584   ----a-w   c:\windows\system32\icmp(2).dll
- 2008-08-20 05:33:18   251,904   ----a-w   c:\windows\system32\iepeers.dll
+ 2008-10-16 10:20:46   251,904   ----a-w   c:\windows\system32\iepeers.dll
+ 2004-08-04 07:56:42   35,840   ----a-w   c:\windows\system32\imgutil(2).dll
+ 2008-04-11 18:50:43   683,520   ----a-w   c:\windows\system32\inetcomm(2).dll
+ 2008-04-11 18:50:43   683,520   ----a-w   c:\windows\system32\inetcomm(3).dll
+ 2008-04-11 18:50:43   683,520   ----a-w   c:\windows\system32\inetcomm(4).dll
+ 2004-08-04 07:56:42   75,264   ----a-w   c:\windows\system32\inetpp(2).dll
+ 2004-08-04 07:56:42   75,264   ----a-w   c:\windows\system32\inetpp(3).dll
+ 2004-08-04 07:56:42   75,264   ----a-w   c:\windows\system32\inetpp(4).dll
+ 2004-08-04 07:56:08   48,128   ----a-w   c:\windows\system32\inetres(2).dll
+ 2004-08-04 07:56:08   48,128   ----a-w   c:\windows\system32\inetres(3).dll
+ 2004-08-04 07:56:08   48,128   ----a-w   c:\windows\system32\inetres(4).dll
- 2008-08-20 05:33:18   96,256   ----a-w   c:\windows\system32\inseng.dll
+ 2008-10-16 10:20:46   96,256   ----a-w   c:\windows\system32\inseng.dll
+ 2006-05-19 12:59:41   94,720   ----a-w   c:\windows\system32\iphlpapi(2).dll
+ 2006-05-19 12:59:41   94,720   ----a-w   c:\windows\system32\iphlpapi(3).dll
+ 2006-05-19 12:59:41   94,720   ----a-w   c:\windows\system32\iphlpapi(4).dll
+ 2004-08-04 07:56:42   331,264   ----a-w   c:\windows\system32\ipnathlp(2).dll
+ 2004-08-04 07:56:42   331,264   ----a-w   c:\windows\system32\ipnathlp(3).dll
+ 2004-08-04 07:56:42   331,264   ----a-w   c:\windows\system32\ipnathlp(4).dll
+ 2004-08-04 07:56:42   182,784   ----a-w   c:\windows\system32\ipsecsvc(2).dll
+ 2004-08-04 07:56:42   182,784   ----a-w   c:\windows\system32\ipsecsvc(3).dll
+ 2004-08-04 07:56:42   182,784   ----a-w   c:\windows\system32\ipsecsvc(4).dll
+ 2007-12-18 14:40:58   450,560   ----a-w   c:\windows\system32\jscript(2).dll
+ 2007-12-18 14:40:58   450,560   ----a-w   c:\windows\system32\jscript(3).dll
- 2008-08-20 05:33:19   16,384   ----a-w   c:\windows\system32\jsproxy.dll
+ 2008-10-16 10:20:50   16,384   ----a-w   c:\windows\system32\jsproxy.dll
+ 2005-06-15 17:49:30   295,936   ----a-w   c:\windows\system32\kerberos(2).dll
+ 2005-06-15 17:49:30   295,936   ----a-w   c:\windows\system32\kerberos(3).dll
+ 2005-06-15 17:49:30   295,936   ----a-w   c:\windows\system32\kerberos(4).dll
- 2008-06-11 00:04:26   1,044,480   ----a-w   c:\windows\system32\libdivx.dll
+ 2008-11-21 21:46:10   1,044,480   ----a-w   c:\windows\system32\libdivx.dll
+ 2005-09-01 01:41:53   19,968   ----a-w   c:\windows\system32\linkinfo(2).dll
+ 2005-09-01 01:41:53   19,968   ----a-w   c:\windows\system32\linkinfo(3).dll
+ 2005-09-01 01:41:53   19,968   ----a-w   c:\windows\system32\linkinfo(4).dll
+ 2007-07-27 19:49:02   196,683   ----a-w   c:\windows\system32\lnod32apiA.dll
+ 2007-07-27 19:49:02   225,355   ----a-w   c:\windows\system32\lnod32apiW.dll
+ 2005-12-06 00:25:22   139,264   ----a-w   c:\windows\system32\lnod32umc.dll
+ 2005-12-05 17:37:10   106,496   ----a-w   c:\windows\system32\lnod32upd.dll
+ 2004-08-04 07:56:42   97,280   ----a-w   c:\windows\system32\loadperf(2).dll
+ 2004-08-04 07:56:42   97,280   ----a-w   c:\windows\system32\loadperf(3).dll
+ 2004-08-04 07:56:42   97,280   ----a-w   c:\windows\system32\loadperf(4).dll
- 2006-10-19 01:03:58   100,864   ----a-w   c:\windows\system32\logagent.exe
+ 2008-06-18 06:09:22   100,864   ----a-w   c:\windows\system32\logagent.exe
+ 2004-08-04 07:56:50   13,312   ----a-w   c:\windows\system32\lsass(2).exe
+ 2004-08-04 07:56:50   13,312   ----a-w   c:\windows\system32\lsass(3).exe
+ 2004-08-04 07:56:50   13,312   ----a-w   c:\windows\system32\lsass(4).exe
- 2008-03-25 03:21:18   2,889,088   ----a-w   c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2008-10-05 03:24:02   3,695,008   ----a-w   c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2008-03-25 03:21:20   218,496   ----a-w   c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-10-05 03:24:04   235,936   ----a-w   c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2008-09-27 16:54:53   70,264   ----a-w   c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-11-18 00:22:36   84,661   ----a-w   c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2004-08-04 07:56:42   22,528   ----a-w   c:\windows\system32\mfcsubs(2).dll
+ 2004-08-04 07:56:42   22,528   ----a-w   c:\windows\system32\mfcsubs(3).dll
+ 2004-08-04 07:56:42   22,528   ----a-w   c:\windows\system32\mfcsubs(4).dll
+ 2004-08-04 07:56:42   18,944   ----a-w   c:\windows\system32\midimap(2).dll
+ 2004-08-04 07:56:42   18,944   ----a-w   c:\windows\system32\midimap(3).dll
+ 2004-08-04 07:56:42   18,944   ----a-w   c:\windows\system32\midimap(4).dll
+ 2004-08-04 07:56:42   586,240   ----a-w   c:\windows\system32\mlang(2).dll
+ 2004-08-04 07:56:42   586,240   ----a-w   c:\windows\system32\mlang(3).dll
+ 2004-08-04 07:56:42   586,240   ----a-w   c:\windows\system32\mlang(4).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\mpr(2).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\mpr(3).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\mpr(4).dll
+ 2004-08-04 07:56:42   87,040   ----a-w   c:\windows\system32\mprapi(2).dll
+ 2004-08-04 07:56:42   87,040   ----a-w   c:\windows\system32\mprapi(3).dll
+ 2004-08-04 07:56:42   87,040   ----a-w   c:\windows\system32\mprapi(4).dll
- 2008-11-04 00:10:25   17,318,336   ----a-w   c:\windows\system32\MRT.exe
+ 2009-02-25 16:55:00   24,768,960   ----a-w   c:\windows\system32\MRT.exe
+ 2004-08-04 07:56:42   71,680   ----a-w   c:\windows\system32\msacm32(2).dll
+ 2004-08-04 07:56:42   71,680   ----a-w   c:\windows\system32\msacm32(3).dll
+ 2004-08-04 07:56:42   71,680   ----a-w   c:\windows\system32\msacm32(4).dll
+ 2004-08-04 07:56:42   57,344   ----a-w   c:\windows\system32\msasn1(2).dll
+ 2004-08-04 07:56:42   57,344   ----a-w   c:\windows\system32\msasn1(3).dll
+ 2004-08-04 07:56:42   57,344   ----a-w   c:\windows\system32\msasn1(4).dll
+ 2008-06-24 16:23:05   74,240   ----a-w   c:\windows\system32\mscms(2).dll
+ 2008-06-24 16:23:05   74,240   ----a-w   c:\windows\system32\mscms(3).dll
+ 2008-06-24 16:23:05   74,240   ----a-w   c:\windows\system32\mscms(4).dll
+ 2004-08-04 07:56:42   294,400   ----a-w   c:\windows\system32\msctf(2).dll
+ 2004-08-04 07:56:42   294,400   ----a-w   c:\windows\system32\msctf(3).dll
+ 2004-08-04 07:56:42   294,400   ----a-w   c:\windows\system32\msctf(4).dll
+ 2004-08-04 07:56:43   14,336   ----a-w   c:\windows\system32\msdmo(2).dll
+ 2004-08-04 07:56:43   14,336   ----a-w   c:\windows\system32\msdmo(3).dll
+ 2004-08-04 07:56:43   14,336   ----a-w   c:\windows\system32\msdmo(4).dll
- 2008-08-20 05:33:20   3,067,392   ----a-w   c:\windows\system32\mshtml.dll
+ 2008-12-12 17:27:54   3,067,392   ----a-w   c:\windows\system32\mshtml.dll
+ 2008-10-16 10:20:50   449,024   ----a-w   c:\windows\system32\mshtmled(2).dll
+ 2008-10-16 10:20:50   449,024   ----a-w   c:\windows\system32\mshtmled(3).dll
+ 2008-10-16 10:20:50   449,024   ----a-w   c:\windows\system32\mshtmled(4).dll
- 2008-08-20 05:33:19   449,024   ----a-w   c:\windows\system32\mshtmled.dll
+ 2008-10-16 10:20:50   449,024   ----a-w   c:\windows\system32\mshtmled.dll
+ 2004-08-04 07:56:43   6,656   ----a-w   c:\windows\system32\msidle(2).dll
+ 2004-08-04 07:56:43   6,656   ----a-w   c:\windows\system32\msidle(3).dll
+ 2004-08-04 07:56:43   6,656   ----a-w   c:\windows\system32\msidle(4).dll
+ 2004-08-04 07:56:43   4,608   ----a-w   c:\windows\system32\msimg32(2).dll
+ 2004-08-04 07:56:43   4,608   ----a-w   c:\windows\system32\msimg32(3).dll
+ 2004-08-04 07:56:43   4,608   ----a-w   c:\windows\system32\msimg32(4).dll
+ 2004-08-04 07:56:43   159,232   ----a-w   c:\windows\system32\msimtf(2).dll
+ 2004-08-04 07:56:43   159,232   ----a-w   c:\windows\system32\msimtf(3).dll
+ 2004-08-04 07:56:43   159,232   ----a-w   c:\windows\system32\msimtf(4).dll
+ 2004-08-04 07:56:43   105,984   ----a-w   c:\windows\system32\msoert2(2).dll
+ 2004-08-04 07:56:43   105,984   ----a-w   c:\windows\system32\msoert2(3).dll
+ 2004-08-04 07:56:43   105,984   ----a-w   c:\windows\system32\msoert2(4).dll
+ 2004-08-04 07:56:43   30,208   ----a-w   c:\windows\system32\mspatcha(2).dll
+ 2004-08-04 07:56:43   30,208   ----a-w   c:\windows\system32\mspatcha(3).dll
+ 2004-08-04 07:56:43   30,208   ----a-w   c:\windows\system32\mspatcha(4).dll
+ 2004-08-04 07:56:18   48,128   ----a-w   c:\windows\system32\msprivs(2).dll
+ 2004-08-04 07:56:18   48,128   ----a-w   c:\windows\system32\msprivs(3).dll
+ 2004-08-04 07:56:18   48,128   ----a-w   c:\windows\system32\msprivs(4).dll
- 2008-08-20 05:33:18   146,432   ----a-w   c:\windows\system32\msrating.dll
+ 2008-10-16 10:20:46   146,432   ----a-w   c:\windows\system32\msrating.dll
- 2008-08-20 05:33:18   532,480   ----a-w   c:\windows\system32\mstime.dll
+ 2008-10-16 10:20:46   532,480   ----a-w   c:\windows\system32\mstime.dll
+ 2004-08-04 07:56:43   115,712   ----a-w   c:\windows\system32\mstlsapi(2).dll
+ 2004-08-04 07:56:43   115,712   ----a-w   c:\windows\system32\mstlsapi(3).dll
+ 2004-08-04 07:56:43   115,712   ----a-w   c:\windows\system32\mstlsapi(4).dll
+ 2004-08-04 07:56:43   195,072   ----a-w   c:\windows\system32\msutb(2).dll
+ 2004-08-04 07:56:43   195,072   ----a-w   c:\windows\system32\msutb(3).dll
+ 2004-08-04 07:56:43   195,072   ----a-w   c:\windows\system32\msutb(4).dll
+ 2004-08-04 07:56:43   413,696   ----a-w   c:\windows\system32\msvcp60(2).dll
+ 2004-08-04 07:56:43   413,696   ----a-w   c:\windows\system32\msvcp60(3).dll
+ 2004-08-04 07:56:43   413,696   ----a-w   c:\windows\system32\msvcp60(4).dll
- 2003-03-19 02:14:52   499,712   ----a-r   c:\windows\system32\msvcp71.dll
+ 2008-11-17 23:25:13   499,712   ----a-w   c:\windows\system32\msvcp71.dll
- 2003-02-21 08:42:22   348,160   ------w   c:\windows\system32\msvcr71.dll
+ 2008-11-17 23:25:13   348,160   ----a-w   c:\windows\system32\msvcr71.dll
+ 2004-08-04 07:56:43   343,040   ----a-w   c:\windows\system32\msvcrt(2).dll
+ 2004-08-04 07:56:43   343,040   ----a-w   c:\windows\system32\msvcrt(3).dll
+ 2004-08-04 07:56:43   343,040   ----a-w   c:\windows\system32\msvcrt(4).dll
+ 2004-08-04 07:56:43   120,832   ----a-w   c:\windows\system32\msvfw32(2).dll
+ 2004-08-04 07:56:43   120,832   ----a-w   c:\windows\system32\msvfw32(3).dll
+ 2004-08-04 07:56:43   120,832   ----a-w   c:\windows\system32\msvfw32(4).dll
+ 2008-06-20 17:41:10   245,248   ----a-w   c:\windows\system32\mswsock(2).dll
+ 2008-06-20 17:41:10   245,248   ----a-w   c:\windows\system32\mswsock(3).dll
+ 2008-06-20 17:41:10   245,248   ----a-w   c:\windows\system32\mswsock(4).dll
+ 2006-03-01 19:42:42   66,560   ----a-w   c:\windows\system32\mtxclu(2).dll
+ 2006-03-01 19:42:42   66,560   ----a-w   c:\windows\system32\mtxclu(3).dll
+ 2006-03-01 19:42:42   66,560   ----a-w   c:\windows\system32\mtxclu(4).dll
- 2008-07-19 02:07:34   270,880   ----a-w   c:\windows\system32\mucltui.dll
+ 2008-10-16 19:06:48   268,648   ----a-w   c:\windows\system32\mucltui.dll
- 2008-07-19 02:07:32   210,976   ----a-w   c:\windows\system32\muweb.dll
+ 2008-10-16 19:06:48   208,744   ----a-w   c:\windows\system32\muweb.dll
+ 2004-08-04 07:56:44   90,624   ----a-w   c:\windows\system32\mydocs(2).dll
+ 2004-08-04 07:56:44   90,624   ----a-w   c:\windows\system32\mydocs(3).dll
+ 2004-08-04 07:56:44   90,624   ----a-w   c:\windows\system32\mydocs(4).dll
+ 2004-08-04 07:56:44   17,920   ----a-w   c:\windows\system32\nddeapi(2).dll
+ 2004-08-04 07:56:44   17,920   ----a-w   c:\windows\system32\nddeapi(3).dll
+ 2004-08-04 07:56:44   17,920   ----a-w   c:\windows\system32\nddeapi(4).dll
+ 2008-10-15 16:57:55   332,800   ----a-w   c:\windows\system32\netapi32(2).dll
+ 2008-10-15 16:57:55   332,800   ----a-w   c:\windows\system32\netapi32(3).dll
+ 2008-10-15 16:57:55   332,800   ----a-w   c:\windows\system32\netapi32(4).dll
+ 2004-08-04 07:56:44   622,080   ----a-w   c:\windows\system32\netcfgx(2).dll
+ 2004-08-04 07:56:44   622,080   ----a-w   c:\windows\system32\netcfgx(3).dll
+ 2004-08-04 07:56:44   622,080   ----a-w   c:\windows\system32\netcfgx(4).dll
+ 2004-08-04 07:56:44   407,040   ----a-w   c:\windows\system32\netlogon(2).dll
+ 2004-08-04 07:56:44   407,040   ----a-w   c:\windows\system32\netlogon(3).dll
+ 2004-08-04 07:56:44   407,040   ----a-w   c:\windows\system32\netlogon(4).dll
+ 2005-08-22 18:29:46   197,632   ----a-w   c:\windows\system32\netman(2).dll
+ 2005-08-22 18:29:46   197,632   ----a-w   c:\windows\system32\netman(3).dll
+ 2005-08-22 18:29:46   197,632   ----a-w   c:\windows\system32\netman(4).dll
+ 2004-08-04 07:56:44   12,288   ----a-w   c:\windows\system32\netrap(2).dll
+ 2004-08-04 07:56:44   12,288   ----a-w   c:\windows\system32\netrap(3).dll
+ 2004-08-04 07:56:44   12,288   ----a-w   c:\windows\system32\netrap(4).dll
+ 2004-08-04 07:56:44   1,708,032   ----a-w   c:\windows\system32\netshell(2).dll
+ 2004-08-04 07:56:44   1,708,032   ----a-w   c:\windows\system32\netshell(3).dll
+ 2004-08-04 07:56:44   1,708,032   ----a-w   c:\windows\system32\netshell(4).dll
+ 2004-08-04 07:56:44   80,896   ----a-w   c:\windows\system32\netui0(2).dll
+ 2004-08-04 07:56:44   80,896   ----a-w   c:\windows\system32\netui0(3).dll
+ 2004-08-04 07:56:44   80,896   ----a-w   c:\windows\system32\netui0(4).dll
+ 2004-08-04 07:56:44   245,760   ----a-w   c:\windows\system32\netui1(2).dll
+ 2004-08-04 07:56:44   245,760   ----a-w   c:\windows\system32\netui1(3).dll
+ 2004-08-04 07:56:44   245,760   ----a-w   c:\windows\system32\netui1(4).dll
+ 2004-08-04 07:56:44   248,832   ----a-w   c:\windows\system32\newdev(2).dll
+ 2004-08-04 07:56:44   248,832   ----a-w   c:\windows\system32\newdev(3).dll
+ 2004-08-04 07:56:44   248,832   ----a-w   c:\windows\system32\newdev(4).dll
+ 2004-08-04 07:56:44   67,072   ----a-w   c:\windows\system32\ntdsapi(2).dll
+ 2004-08-04 07:56:44   67,072   ----a-w   c:\windows\system32\ntdsapi(3).dll
+ 2004-08-04 07:56:44   67,072   ----a-w   c:\windows\system32\ntdsapi(4).dll
+ 2004-08-04 07:56:44   43,520   ----a-w   c:\windows\system32\ntlanman(2).dll
+ 2004-08-04 07:56:44   43,520   ----a-w   c:\windows\system32\ntlanman(3).dll
+ 2004-08-04 07:56:44   43,520   ----a-w   c:\windows\system32\ntlanman(4).dll
+ 2004-08-04 07:56:44   118,784   ----a-w   c:\windows\system32\ntmarta(2).dll
+ 2004-08-04 07:56:44   118,784   ----a-w   c:\windows\system32\ntmarta(3).dll
+ 2004-08-04 07:56:44   118,784   ----a-w   c:\windows\system32\ntmarta(4).dll
+ 2004-08-04 07:56:44   143,872   ----a-w   c:\windows\system32\ntshrui(2).dll
+ 2004-08-04 07:56:44   143,872   ----a-w   c:\windows\system32\ntshrui(3).dll
+ 2004-08-04 07:56:44   143,872   ----a-w   c:\windows\system32\ntshrui(4).dll
+ 2004-08-04 07:56:44   266,752   ----a-w   c:\windows\system32\oakley(2).dll
+ 2004-08-04 07:56:44   266,752   ----a-w   c:\windows\system32\oakley(3).dll
+ 2004-08-04 07:56:44   266,752   ----a-w   c:\windows\system32\oakley(4).dll
+ 2003-07-16 20:40:13   60,928   ----a-w   c:\windows\system32\ocmanage(2).dll
+ 2003-07-16 20:40:13   60,928   ----a-w   c:\windows\system32\ocmanage(3).dll
+ 2003-07-16 20:40:13   60,928   ----a-w   c:\windows\system32\ocmanage(4).dll
+ 2004-08-04 07:56:44   120,832   ----a-w   c:\windows\system32\offfilt(2).dll
+ 2004-08-04 07:56:44   120,832   ----a-w   c:\windows\system32\offfilt(3).dll
+ 2005-07-26 04:39:48   1,285,120   ----a-w   c:\windows\system32\ole32(2).dll
+ 2005-07-26 04:39:48   1,285,120   ----a-w   c:\windows\system32\ole32(3).dll
+ 2005-07-26 04:39:48   1,285,120   ----a-w   c:\windows\system32\ole32(4).dll
+ 2005-07-26 04:39:48   74,752   ----a-w   c:\windows\system32\olecli32(2).dll
+ 2005-07-26 04:39:48   74,752   ----a-w   c:\windows\system32\olecli32(3).dll
+ 2005-07-26 04:39:48   74,752   ----a-w   c:\windows\system32\olecli32(4).dll
+ 2004-08-04 07:56:44   83,456   ----a-w   c:\windows\system32\olepro32(2).dll
+ 2004-08-04 07:56:44   83,456   ----a-w   c:\windows\system32\olepro32(3).dll
+ 2004-08-04 07:56:44   83,456   ----a-w   c:\windows\system32\olepro32(4).dll
+ 2008-02-11 14:39:26   253,952   ----a-w   c:\windows\system32\OnlineScannerDLLA.dll
+ 2008-02-11 14:39:18   237,568   ----a-w   c:\windows\system32\OnlineScannerDLLW.dll
+ 2008-02-08 18:53:46   110,592   ----a-w   c:\windows\system32\OnlineScannerLang.dll
+ 2008-02-05 13:48:04   77,824   ----a-w   c:\windows\system32\OnlineScannerUninstaller.exe
- 2008-11-02 09:49:07   53,724   ----a-w   c:\windows\system32\perfc009.dat
+ 2009-04-04 09:17:33   53,724   ----a-w   c:\windows\system32\perfc009.dat
- 2008-11-02 09:49:07   383,562   ----a-w   c:\windows\system32\perfh009.dat
+ 2009-04-04 09:17:33   383,562   ----a-w   c:\windows\system32\perfh009.dat
+ 2004-08-04 07:56:44   25,088   ----a-w   c:\windows\system32\perfos(2).dll
+ 2004-08-04 07:56:44   25,088   ----a-w   c:\windows\system32\perfos(3).dll
+ 2004-08-04 07:56:44   25,088   ----a-w   c:\windows\system32\perfos(4).dll
+ 2004-08-04 07:56:44   15,360   ----a-w   c:\windows\system32\pjlmon(2).dll
+ 2004-08-04 07:56:44   15,360   ----a-w   c:\windows\system32\pjlmon(3).dll
+ 2004-08-04 07:56:44   15,360   ----a-w   c:\wi
Logged

Offline cbfr

  • Newbie
  • *
  • Posts: 26
Re: I think I might have another virus?!
« Reply #8 on: April 10, 2009, 06:23:22 PM »
HiJackThis Log

ComboFix 09-04-04.01 - Christina 2009-04-07 20:51:01.3 - NTFSx86
Running from: c:\documents and settings\Christina\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\system32\_003728_.tmp.dll
c:\windows\system32\_003729_.tmp.dll
c:\windows\system32\_003730_.tmp.dll
c:\windows\system32\_003731_.tmp.dll
c:\windows\system32\_003738_.tmp.dll
c:\windows\system32\_003739_.tmp.dll
c:\windows\system32\_003740_.tmp.dll
c:\windows\system32\_003741_.tmp.dll
c:\windows\system32\_003742_.tmp.dll
c:\windows\system32\_003743_.tmp.dll
c:\windows\system32\_003744_.tmp.dll
c:\windows\system32\_003745_.tmp.dll
c:\windows\system32\_003746_.tmp.dll
c:\windows\system32\_003747_.tmp.dll
c:\windows\system32\_003748_.tmp.dll
c:\windows\system32\_003749_.tmp.dll
c:\windows\system32\_003750_.tmp.dll
c:\windows\system32\_003751_.tmp.dll
c:\windows\system32\_003752_.tmp.dll
c:\windows\system32\_003753_.tmp.dll
c:\windows\system32\_003754_.tmp.dll
c:\windows\system32\_003755_.tmp.dll
c:\windows\system32\_003756_.tmp.dll
c:\windows\system32\_003757_.tmp.dll
c:\windows\system32\_003758_.tmp.dll
c:\windows\system32\_003761_.tmp.dll
c:\windows\system32\_003762_.tmp.dll
c:\windows\system32\_003763_.tmp.dll
c:\windows\system32\_003764_.tmp.dll
c:\windows\system32\_003765_.tmp.dll
c:\windows\system32\_003766_.tmp.dll
c:\windows\system32\_003767_.tmp.dll
c:\windows\system32\_003769_.tmp.dll
c:\windows\system32\_003770_.tmp.dll
c:\windows\system32\_003771_.tmp.dll
c:\windows\system32\_003772_.tmp.dll
c:\windows\system32\_003773_.tmp.dll
c:\windows\system32\_003774_.tmp.dll
c:\windows\system32\_003775_.tmp.dll
c:\windows\system32\_003776_.tmp.dll
c:\windows\system32\_003777_.tmp.dll
c:\windows\system32\_003778_.tmp.dll
c:\windows\system32\_003779_.tmp.dll
c:\windows\system32\_003782_.tmp.dll
c:\windows\system32\_003783_.tmp.dll
c:\windows\system32\_003784_.tmp.dll
c:\windows\system32\_003786_.tmp.dll
c:\windows\system32\_003787_.tmp.dll
c:\windows\system32\_003788_.tmp.dll
c:\windows\system32\_003789_.tmp.dll
c:\windows\system32\_003790_.tmp.dll
c:\windows\system32\_003791_.tmp.dll
c:\windows\system32\_003792_.tmp.dll
c:\windows\system32\_003793_.tmp.dll
c:\windows\system32\_003794_.tmp.dll
c:\windows\system32\_003795_.tmp.dll
c:\windows\system32\_003797_.tmp.dll
c:\windows\system32\_003798_.tmp.dll
c:\windows\system32\_003799_.tmp.dll
c:\windows\system32\_003800_.tmp.dll
c:\windows\system32\_003802_.tmp.dll
c:\windows\system32\_003804_.tmp.dll
c:\windows\system32\_003805_.tmp.dll
c:\windows\system32\_003806_.tmp.dll
c:\windows\system32\_003807_.tmp.dll
c:\windows\system32\_003808_.tmp.dll
c:\windows\system32\_003809_.tmp.dll
c:\windows\system32\_003810_.tmp.dll
c:\windows\system32\_003812_.tmp.dll
c:\windows\system32\_003813_.tmp.dll
c:\windows\system32\_003814_.tmp.dll
c:\windows\system32\_003815_.tmp.dll
c:\windows\system32\_003816_.tmp.dll
c:\windows\system32\_003817_.tmp.dll
c:\windows\system32\_003818_.tmp.dll
c:\windows\system32\_003819_.tmp.dll
c:\windows\system32\_003821_.tmp.dll
c:\windows\system32\_003822_.tmp.dll
c:\windows\system32\_003823_.tmp.dll
c:\windows\system32\_003824_.tmp.dll
c:\windows\system32\_003825_.tmp.dll
c:\windows\system32\_003827_.tmp.dll
c:\windows\system32\_003828_.tmp.dll
c:\windows\system32\_003832_.tmp.dll
c:\windows\system32\_003833_.tmp.dll
c:\windows\system32\_003835_.tmp.dll
c:\windows\system32\_003838_.tmp.dll
c:\windows\system32\_003840_.tmp.dll
c:\windows\system32\_003841_.tmp.dll
c:\windows\system32\_003842_.tmp.dll
c:\windows\system32\_003843_.tmp.dll
c:\windows\system32\_003846_.tmp.dll
c:\windows\system32\_003847_.tmp.dll
c:\windows\system32\_003848_.tmp.dll
c:\windows\system32\_003849_.tmp.dll
c:\windows\system32\_003850_.tmp.dll
c:\windows\system32\_003855_.tmp.dll
c:\windows\system32\_003857_.tmp.dll
c:\windows\system32\_003858_.tmp.dll
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
(((((((((((((((((((((((((   Files Created from 2009-03-08 to 2009-04-08  )))))))))))))))))))))))))))))))
.

2009-04-02 06:53 . 2009-04-02 06:53   <DIR>   d--------   c:\program files\Adobe Media Player
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Kodak
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Common Files\Scanner
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Common Files\Authentium
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Bonjour
2009-04-02 06:52 . 2009-04-02 06:52   <DIR>   d--------   c:\program files\Bell
2009-04-01 21:21 . 2001-01-12 16:10   6,550   --a------   c:\windows\jautoexp.dat
2009-03-25 19:41 . 2009-02-09 06:19   1,846,272   --a------   c:\windows\system32\win32k.sys
2009-03-25 19:40 . 2008-08-14 06:00   2,180,352   --a------   c:\windows\system32\ntoskrnl.exe
2009-03-21 20:45 . 2009-04-02 06:50   <DIR>   d--------   c:\documents and settings\Christina\Tracing
2009-03-21 15:39 . 2009-04-02 06:50   <DIR>   d--------   c:\documents and settings\Anita\Tracing
2009-03-21 09:42 . 2009-03-21 09:42   <DIR>   d--------   c:\program files\Common Files\Windows Live
2009-03-11 19:54 . 2009-03-11 19:54   <DIR>   d--------   c:\program files\Alwil Software

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-07 23:22   ---------   d-----w   c:\documents and settings\Christina\Application Data\OnlineArmor
2009-04-07 08:42   ---------   d-----w   c:\documents and settings\Anita\Application Data\OnlineArmor
2009-04-06 01:11   ---------   d-----w   c:\documents and settings\Christina\Application Data\Image Zone Express
2009-04-02 10:53   ---------   d-----w   c:\documents and settings\All Users.WINDOWS\Application Data\avg8
2009-04-02 01:21   155,995   ----a-w   c:\windows\java\Packages\QFDN1BTV.ZIP
2009-03-27 21:08   ---------   d-----w   c:\program files\RealArcade
2009-03-21 13:59   ---------   d-----w   c:\program files\Windows Live
2009-03-12 23:03   ---------   d-----w   c:\program files\Google
2009-02-24 11:24   ---------   d-----w   c:\program files\FrostWire
2009-02-10 15:31   ---------   d---a-w   c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-02-10 14:30   ---------   d-----w   c:\documents and settings\Anita\Application Data\Skip-Bo
2009-02-04 13:40   10,520   ----a-w   c:\windows\system32\avgrsstx.dll
2008-02-29 20:46   0   -c--a-w   c:\program files\temp01
2008-02-25 22:26   32   ----a-w   c:\documents and settings\All Users.WINDOWS\Application Data\ezsid.dat
2007-01-30 15:16   28,952   ----a-w   c:\documents and settings\Anita\Application Data\GDIPFONTCACHEV1.DAT
2007-01-09 00:50   28,952   ----a-w   c:\documents and settings\Christina\Application Data\GDIPFONTCACHEV1.DAT
2006-04-12 09:26   774,144   ----a-w   c:\program files\RngInterstitial.dll
2009-01-06 00:56   122,880   ----a-w   c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((   snapshot@2008-11-16_17.23.03.73   )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-03 09:57:49   247,326   ----a-w   c:\windows\$hf_mig$\KB954600\SP2QFE\strmdll.dll
+ 2008-10-03 10:02:42   247,326   ----a-w   c:\windows\$hf_mig$\KB954600\SP3GDR\strmdll.dll
+ 2008-10-03 09:49:31   247,326   ----a-w   c:\windows\$hf_mig$\KB954600\SP3QFE\strmdll.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB954600\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB954600\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB954600\update\spcustom.dll
+ 2007-11-30 11:18:51   755,576   ----a-w   c:\windows\$hf_mig$\KB954600\update\update.exe
+ 2007-11-30 11:18:51   382,840   ----a-w   c:\windows\$hf_mig$\KB954600\update\updspapi.dll
+ 2008-10-22 09:47:25   62,976   ----a-w   c:\windows\$hf_mig$\KB955839\SP2QFE\tzchange.exe
+ 2008-10-23 10:06:59   62,976   ----a-w   c:\windows\$hf_mig$\KB955839\SP3GDR\tzchange.exe
+ 2008-10-23 10:17:49   62,976   ----a-w   c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB955839\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB955839\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB955839\update\spcustom.dll
+ 2007-11-30 12:39:22   755,576   ----a-w   c:\windows\$hf_mig$\KB955839\update\update.exe
+ 2007-11-30 12:39:22   382,840   ----a-w   c:\windows\$hf_mig$\KB955839\update\updspapi.dll
+ 2008-10-23 12:51:04   284,160   ----a-w   c:\windows\$hf_mig$\KB956802\SP2QFE\gdi32.dll
+ 2008-10-23 12:36:14   286,720   ----a-w   c:\windows\$hf_mig$\KB956802\SP3GDR\gdi32.dll
+ 2008-10-23 12:43:42   286,720   ----a-w   c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll
+ 2008-07-08 13:02:01   17,272   ----a-w   c:\windows\$hf_mig$\KB956802\spmsg.dll
+ 2008-07-08 13:02:02   231,288   ----a-w   c:\windows\$hf_mig$\KB956802\spuninst.exe
+ 2008-07-08 13:02:01   26,488   ----a-w   c:\windows\$hf_mig$\KB956802\update\spcustom.dll
+ 2008-07-09 07:38:29   755,576   ----a-w   c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB956802\update\updspapi.dll
+ 2008-10-16 01:00:11   3,067,904   ----a-w   c:\windows\$hf_mig$\KB958215\SP3GDR\mshtml.dll
+ 2008-10-16 01:00:10   1,499,136   ----a-w   c:\windows\$hf_mig$\KB958215\SP3GDR\shdocvw.dll
+ 2008-10-16 01:00:11   619,520   ----a-w   c:\windows\$hf_mig$\KB958215\SP3GDR\urlmon.dll
+ 2008-10-16 01:00:11   666,112   ----a-w   c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll
+ 2008-10-16 11:34:08   3,067,904   ----a-w   c:\windows\$hf_mig$\KB958215\SP3QFE\mshtml.dll
+ 2008-10-16 01:04:06   1,499,136   ----a-w   c:\windows\$hf_mig$\KB958215\SP3QFE\shdocvw.dll
+ 2008-10-16 01:04:06   620,032   ----a-w   c:\windows\$hf_mig$\KB958215\SP3QFE\urlmon.dll
+ 2008-10-16 01:04:06   667,136   ----a-w   c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB958215\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB958215\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB958215\update\spcustom.dll
+ 2007-11-30 12:39:22   755,576   ----a-w   c:\windows\$hf_mig$\KB958215\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB958215\update\updspapi.dll
+ 2008-12-11 10:24:44   333,184   ----a-w   c:\windows\$hf_mig$\KB958687\SP2QFE\srv.sys
+ 2008-12-11 10:57:09   333,952   ----a-w   c:\windows\$hf_mig$\KB958687\SP3GDR\srv.sys
+ 2008-12-11 12:33:59   333,952   ----a-w   c:\windows\$hf_mig$\KB958687\SP3QFE\srv.sys
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB958687\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB958687\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB958687\update\spcustom.dll
+ 2007-11-30 11:18:51   755,576   ----a-w   c:\windows\$hf_mig$\KB958687\update\update.exe
+ 2007-11-30 11:18:51   382,840   ----a-w   c:\windows\$hf_mig$\KB958687\update\updspapi.dll
+ 2009-02-09 10:20:05   1,847,424   ----a-w   c:\windows\$hf_mig$\KB958690\SP2QFE\win32k.sys
+ 2009-02-09 11:13:27   1,846,784   ----a-w   c:\windows\$hf_mig$\KB958690\SP3GDR\win32k.sys
+ 2009-02-09 11:08:53   1,847,552   ----a-w   c:\windows\$hf_mig$\KB958690\SP3QFE\win32k.sys
+ 2008-07-09 07:38:24   17,272   ----a-w   c:\windows\$hf_mig$\KB958690\spmsg.dll
+ 2008-07-09 07:38:25   231,288   ----a-w   c:\windows\$hf_mig$\KB958690\spuninst.exe
+ 2008-07-09 07:38:24   26,488   ----a-w   c:\windows\$hf_mig$\KB958690\update\spcustom.dll
+ 2008-07-09 07:38:29   755,576   ----a-w   c:\windows\$hf_mig$\KB958690\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB958690\update\updspapi.dll
+ 2008-12-05 06:41:26   144,896   ----a-w   c:\windows\$hf_mig$\KB960225\SP2QFE\schannel.dll
+ 2008-12-05 06:54:55   144,896   ----a-w   c:\windows\$hf_mig$\KB960225\SP3GDR\schannel.dll
+ 2008-12-05 06:58:08   144,896   ----a-w   c:\windows\$hf_mig$\KB960225\SP3QFE\schannel.dll
+ 2007-11-30 11:18:51   17,272   ----a-w   c:\windows\$hf_mig$\KB960225\spmsg.dll
+ 2007-11-30 11:18:51   231,288   ----a-w   c:\windows\$hf_mig$\KB960225\spuninst.exe
+ 2007-11-30 11:18:51   26,488   ----a-w   c:\windows\$hf_mig$\KB960225\update\spcustom.dll
+ 2007-11-30 12:39:22   755,576   ----a-w   c:\windows\$hf_mig$\KB960225\update\update.exe
+ 2007-11-30 12:39:22   382,840   ----a-w   c:\windows\$hf_mig$\KB960225\update\updspapi.dll
+ 2008-12-12 17:01:00   3,067,904   ----a-w   c:\windows\$hf_mig$\KB960714\SP3GDR\mshtml.dll
+ 2008-12-12 17:14:50   3,067,904   ----a-w   c:\windows\$hf_mig$\KB960714\SP3QFE\mshtml.dll
+ 2007-11-30 12:39:22   17,272   ----a-w   c:\windows\$hf_mig$\KB960714\spmsg.dll
+ 2007-11-30 12:39:22   231,288   ----a-w   c:\windows\$hf_mig$\KB960714\spuninst.exe
+ 2007-11-30 12:39:22   26,488   ----a-w   c:\windows\$hf_mig$\KB960714\update\spcustom.dll
+ 2008-07-09 07:38:29   755,576   ----a-w   c:\windows\$hf_mig$\KB960714\update\update.exe
+ 2007-11-30 11:18:51   382,840   ----a-w   c:\windows\$hf_mig$\KB960714\update\updspapi.dll
+ 2008-07-09 07:38:24   17,272   ----a-w   c:\windows\$hf_mig$\KB960715\spmsg.dll
+ 2008-07-09 07:38:25   231,288   ----a-w   c:\windows\$hf_mig$\KB960715\spuninst.exe
+ 2008-07-09 07:38:24   26,488   ----a-w   c:\windows\$hf_mig$\KB960715\update\spcustom.dll
+ 2008-11-15 17:18:04   755,576   ----a-w   c:\windows\$hf_mig$\KB960715\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB960715\update\updspapi.dll
+ 2008-06-17 19:02:19   8,461,312   ----a-w   c:\windows\$hf_mig$\KB967715\SP3GDR\shell32.dll
+ 2008-06-17 19:04:34   8,461,824   ----a-w   c:\windows\$hf_mig$\KB967715\SP3QFE\shell32.dll
+ 2008-07-09 07:38:24   17,272   ----a-w   c:\windows\$hf_mig$\KB967715\spmsg.dll
+ 2008-07-09 07:38:25   231,288   ----a-w   c:\windows\$hf_mig$\KB967715\spuninst.exe
+ 2008-07-09 07:38:24   26,488   ----a-w   c:\windows\$hf_mig$\KB967715\update\spcustom.dll
+ 2008-07-09 07:38:29   755,576   ----a-w   c:\windows\$hf_mig$\KB967715\update\update.exe
+ 2008-07-09 07:38:37   382,840   ----a-w   c:\windows\$hf_mig$\KB967715\update\updspapi.dll
+ 2006-10-19 01:03:58   100,864   -c----w   c:\windows\$NtUninstallKB952069_WM9$\logagent.exe
+ 2007-07-27 14:41:48   231,288   -c----w   c:\windows\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe
+ 2007-07-27 14:41:48   382,840   -c----w   c:\windows\$NtUninstallKB952069_WM9$\spuninst\updspapi.dll
+ 2006-10-19 02:47:20   937,984   -c----w   c:\windows\$NtUninstallKB952069_WM9$\wmnetmgr.dll
+ 2006-10-19 02:47:22   2,450,944   -c----w   c:\windows\$NtUninstallKB952069_WM9$\wmvcore.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51   382,840   -c----w   c:\windows\$NtUninstallKB954600$\spuninst\updspapi.dll
+ 2006-08-21 14:52:08   246,814   -c----w   c:\windows\$NtUninstallKB954600$\strmdll.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB955839$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22   382,840   -c----w   c:\windows\$NtUninstallKB955839$\spuninst\updspapi.dll
+ 2008-07-14 11:09:18   62,976   -c----w   c:\windows\$NtUninstallKB955839$\tzchange.exe
+ 2008-02-20 06:51:05   282,624   -c----w   c:\windows\$NtUninstallKB956802$\gdi32.dll
+ 2008-07-08 13:02:02   231,288   -c----w   c:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB956802$\spuninst\updspapi.dll
+ 2008-08-20 05:33:19   1,024,000   -c----w   c:\windows\$NtUninstallKB958215$\browseui.dll
+ 2008-08-20 05:33:17   151,040   -c----w   c:\windows\$NtUninstallKB958215$\cdfview.dll
+ 2008-08-20 05:33:18   1,054,208   -c----w   c:\windows\$NtUninstallKB958215$\danim.dll
+ 2008-08-20 05:33:18   357,888   -c----w   c:\windows\$NtUninstallKB958215$\dxtmsft.dll
+ 2008-08-20 05:33:18   205,312   -c----w   c:\windows\$NtUninstallKB958215$\dxtrans.dll
+ 2008-08-20 05:33:18   55,808   -c----w   c:\windows\$NtUninstallKB958215$\extmgr.dll
+ 2008-08-19 09:38:57   18,432   -c----w   c:\windows\$NtUninstallKB958215$\iedw.exe
+ 2008-08-20 05:33:18   251,904   -c----w   c:\windows\$NtUninstallKB958215$\iepeers.dll
+ 2008-08-20 05:33:18   96,256   -c----w   c:\windows\$NtUninstallKB958215$\inseng.dll
+ 2008-08-20 05:33:19   16,384   -c----w   c:\windows\$NtUninstallKB958215$\jsproxy.dll
+ 2008-08-20 05:33:20   3,067,392   -c----w   c:\windows\$NtUninstallKB958215$\mshtml.dll
+ 2008-08-20 05:33:19   449,024   -c----w   c:\windows\$NtUninstallKB958215$\mshtmled.dll
+ 2008-08-20 05:33:18   146,432   -c----w   c:\windows\$NtUninstallKB958215$\msrating.dll
+ 2008-08-20 05:33:18   532,480   -c----w   c:\windows\$NtUninstallKB958215$\mstime.dll
+ 2008-08-20 05:33:18   39,424   -c----w   c:\windows\$NtUninstallKB958215$\pngfilt.dll
+ 2008-08-20 05:33:19   1,499,136   -c----w   c:\windows\$NtUninstallKB958215$\shdocvw.dll
+ 2008-08-20 05:33:19   474,112   -c----w   c:\windows\$NtUninstallKB958215$\shlwapi.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB958215$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB958215$\spuninst\updspapi.dll
+ 2008-08-20 05:33:19   619,008   -c----w   c:\windows\$NtUninstallKB958215$\urlmon.dll
+ 2008-08-20 05:33:19   667,648   -c----w   c:\windows\$NtUninstallKB958215$\wininet.dll
+ 2008-08-19 09:20:32   351,744   -c----w   c:\windows\$NtUninstallKB958215$\xpsp3res.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51   382,840   -c----w   c:\windows\$NtUninstallKB958687$\spuninst\updspapi.dll
+ 2008-08-28 10:04:17   333,056   -c----w   c:\windows\$NtUninstallKB958687$\srv.sys
+ 2008-07-09 07:38:25   231,288   -c----w   c:\windows\$NtUninstallKB958690$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB958690$\spuninst\updspapi.dll
+ 2008-09-15 11:57:41   1,846,016   -c----w   c:\windows\$NtUninstallKB958690$\win32k.sys
+ 2007-07-27 13:41:48   231,288   -c----w   c:\windows\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe
+ 2007-07-27 13:41:48   382,840   -c----w   c:\windows\$NtUninstallKB959772_WM11$\spuninst\updspapi.dll
+ 2007-06-12 03:51:12   10,834,944   -c----w   c:\windows\$NtUninstallKB959772_WM11$\wmp.dll
+ 2007-04-25 14:21:15   144,896   -c----w   c:\windows\$NtUninstallKB960225$\schannel.dll
+ 2007-11-30 11:18:51   231,288   -c----w   c:\windows\$NtUninstallKB960225$\spuninst\spuninst.exe
+ 2007-11-30 12:39:22   382,840   -c----w   c:\windows\$NtUninstallKB960225$\spuninst\updspapi.dll
+ 2008-10-16 10:20:56   3,067,392   -c----w   c:\windows\$NtUninstallKB960714$\mshtml.dll
+ 2007-11-30 12:39:22   231,288   -c----w   c:\windows\$NtUninstallKB960714$\spuninst\spuninst.exe
+ 2007-11-30 11:18:51   382,840   -c----w   c:\windows\$NtUninstallKB960714$\spuninst\updspapi.dll
+ 2008-07-09 07:38:25   231,288   -c----w   c:\windows\$NtUninstallKB960715$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB960715$\spuninst\updspapi.dll
+ 2007-10-26 03:34:01   8,460,288   -c----w   c:\windows\$NtUninstallKB967715$\shell32.dll
+ 2008-07-09 07:38:25   231,288   -c----w   c:\windows\$NtUninstallKB967715$\spuninst\spuninst.exe
+ 2008-07-09 07:38:37   382,840   -c----w   c:\windows\$NtUninstallKB967715$\spuninst\updspapi.dll
+ 2006-10-04 14:05:26   39,424   ----a-w   c:\windows\AppPatch\acadproc(2).dll
+ 2006-10-04 14:05:26   39,424   ----a-w   c:\windows\AppPatch\acadproc(3).dll
+ 2006-10-04 14:05:26   39,424   ----a-w   c:\windows\AppPatch\acadproc(4).dll
+ 2006-10-04 14:05:26   39,424   ----a-w   c:\windows\AppPatch\acadproc(5).dll
+ 2004-08-04 07:56:41   1,852,416   ----a-w   c:\windows\AppPatch\acgenral(3).dll
+ 2004-08-04 07:56:41   1,852,416   ----a-w   c:\windows\AppPatch\acgenral(4).dll
- 2005-10-21 01:02:28   163,328   ----a-w   c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
+ 2005-10-21 00:02:28   163,328   ----a-w   c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
- 2005-10-21 01:02:28   163,328   ----a-w   c:\windows\ERDNT\subs\ERDNT.EXE
+ 2005-10-21 00:02:28   163,328   ----a-w   c:\windows\ERDNT\subs\ERDNT.EXE
+ 2007-06-13 10:23:07   1,033,216   ----a-w   c:\windows\explorer(2).exe
+ 2007-06-13 10:23:07   1,033,216   ----a-w   c:\windows\explorer(3).exe
+ 2007-06-13 10:23:07   1,033,216   ----a-w   c:\windows\explorer(4).exe
- 2000-08-31 13:00:00   89,504   ----a-w   c:\windows\fdsv.exe
+ 2000-08-31 12:00:00   89,504   ----a-w   c:\windows\fdsv.exe
- 2000-08-31 13:00:00   80,412   ----a-w   c:\windows\grep.exe
+ 2000-08-31 12:00:00   80,412   ----a-w   c:\windows\grep.exe
- 2008-11-12 23:01:50   593,920   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-04-03 07:06:58   593,920   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-11-12 23:01:50   12,288   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-04-03 07:06:58   12,288   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-11-12 23:01:50   86,016   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-04-03 07:06:58   86,016   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-11-12 23:01:50   135,168   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-04-03 07:06:58   135,168   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-11-12 23:01:50   11,264   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-04-03 07:06:58   11,264   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-11-12 23:01:50   27,136   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-04-03 07:06:58   27,136   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-11-12 23:01:50   4,096   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-04-03 07:06:58   4,096   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-11-12 23:01:50   794,624   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-04-03 07:06:59   794,624   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-11-12 23:01:50   249,856   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-04-03 07:06:58   249,856   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-11-12 23:01:50   61,440   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-04-03 07:06:58   61,440   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-11-12 23:01:50   23,040   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-04-03 07:06:59   23,040   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-11-12 23:01:50   286,720   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-04-03 07:06:58   286,720   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-11-12 23:01:50   409,600   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-04-03 07:06:57   409,600   ----a-r   c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-11-12 23:02:08   35,600   ----a-r   c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-12-10 08:15:02   35,600   ----a-r   c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-11-20 01:48:13   295,606   ----a-r   c:\windows\Installer\{AC76BA86-7AD7-1033-7B44-A81300000003}\SC_Reader.exe
+ 2009-01-05 21:52:55   173,430   ----a-r   c:\windows\Installer\{B7F98125-4955-41E3-8A71-4CE11CE9C198}\KGUSNewShortcut2_B7F98125495541E38A714CE11CE9C198.exe
+ 2009-01-05 21:52:55   173,430   ----a-r   c:\windows\Installer\{B7F98125-4955-41E3-8A71-4CE11CE9C198}\KGUSNewShortcut3_B7F98125495541E38A714CE11CE9C198.exe
+ 2009-04-02 01:21:58   2,232   ----a-w   c:\windows\java\Packages\Data\57FR7JBJ.DAT
+ 2009-04-02 01:21:29   2,678   ----a-w   c:\windows\java\Packages\Data\8KCG9J13.DAT
+ 2009-04-02 01:21:49   2,678   ----a-w   c:\windows\java\Packages\Data\HVB3RNJ1.DAT
+ 2009-04-02 01:21:30   2,678   ----a-w   c:\windows\java\Packages\Data\KCZFN93F.DAT
+ 2009-04-02 01:21:31   2,678   ----a-w   c:\windows\java\Packages\Data\R5R7RHNJ.DAT
+ 2009-04-02 01:21:33   2,678   ----a-w   c:\windows\java\Packages\Data\RZBDF7V7.DAT
- 2000-08-31 13:00:00   28,672   ----a-w   c:\windows\nircmd.exe
+ 2000-08-31 12:00:00   29,696   ----a-w   c:\windows\nircmd.exe
+ 2004-08-04 07:56:44   38,912   ----a-w   c:\windows\PCHealth\HelpCtr\Binaries\pchsvc(2).dll
+ 2004-08-04 07:56:44   38,912   ----a-w   c:\windows\PCHealth\HelpCtr\Binaries\pchsvc(3).dll
+ 2004-08-04 07:56:44   38,912   ----a-w   c:\windows\PCHealth\HelpCtr\Binaries\pchsvc(4).dll
+ 2009-03-31 22:45:07   184,426   ----a-w   c:\windows\PCHealth\HelpCtr\Config\Cache\Personal_32_1033.dat
+ 2009-03-31 22:45:07   184,426   ----a-w   c:\windows\PCHealth\HelpCtr\Config\Cache\Personal_32_1033.dat.bak
- 2000-08-31 13:00:00   98,816   ----a-w   c:\windows\sed.exe
+ 2000-08-31 12:00:00   98,816   ----a-w   c:\windows\sed.exe
- 2004-08-04 08:07:21   1,788   ----a-w   c:\windows\ServicePackFiles\i386\dcache.bin
+ 2008-04-14 00:25:26   1,804   ----a-w   c:\windows\ServicePackFiles\i386\dcache.bin
- 2000-08-31 13:00:00   161,792   ----a-w   c:\windows\SWREG.exe
+ 2000-08-31 12:00:00   161,792   ----a-w   c:\windows\SWREG.exe
- 2000-08-31 13:00:00   136,704   ----a-w   c:\windows\SWSC.exe
+ 2000-08-31 12:00:00   136,704   ----a-w   c:\windows\SWSC.exe
- 2000-08-31 13:00:00   212,480   ----a-w   c:\windows\SWXCACLS.exe
+ 2000-08-31 12:00:00   212,480   ----a-w   c:\windows\SWXCACLS.exe
+ 2004-08-04 07:56:41   194,048   ----a-w   c:\windows\system32\activeds(2).dll
+ 2004-08-04 07:56:41   194,048   ----a-w   c:\windows\system32\activeds(3).dll
+ 2004-08-04 07:56:41   194,048   ----a-w   c:\windows\system32\activeds(4).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\actxprxy(2).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\actxprxy(3).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\actxprxy(4).dll
+ 2004-08-04 07:56:41   143,360   ----a-w   c:\windows\system32\adsldpc(2).dll
+ 2004-08-04 07:56:41   143,360   ----a-w   c:\windows\system32\adsldpc(3).dll
+ 2004-08-04 07:56:41   143,360   ----a-w   c:\windows\system32\adsldpc(4).dll
+ 2004-08-04 07:56:41   99,840   ----a-w   c:\windows\system32\advpack(2).dll
+ 2004-08-04 07:56:41   99,840   ----a-w   c:\windows\system32\advpack(3).dll
+ 2004-08-04 07:56:41   99,840   ----a-w   c:\windows\system32\advpack(4).dll
+ 2004-08-04 07:56:47   44,544   ----a-w   c:\windows\system32\alg(2).exe
+ 2004-08-04 07:56:47   44,544   ----a-w   c:\windows\system32\alg(3).exe
+ 2004-08-04 07:56:47   44,544   ----a-w   c:\windows\system32\alg(4).exe
+ 2004-08-04 07:56:41   65,024   ----a-w   c:\windows\system32\asycfilt(2).dll
+ 2004-08-04 07:56:41   65,024   ----a-w   c:\windows\system32\asycfilt(3).dll
+ 2004-08-04 07:56:41   65,024   ----a-w   c:\windows\system32\asycfilt(4).dll
+ 2004-08-04 07:56:41   58,880   ----a-w   c:\windows\system32\atl(2).dll
+ 2004-08-04 07:56:41   58,880   ----a-w   c:\windows\system32\atl(3).dll
+ 2004-08-04 07:56:41   58,880   ----a-w   c:\windows\system32\atl(4).dll
+ 2004-08-04 07:56:41   42,496   ----a-w   c:\windows\system32\audiosrv(2).dll
+ 2004-08-04 07:56:41   42,496   ----a-w   c:\windows\system32\audiosrv(3).dll
+ 2004-08-04 07:56:41   42,496   ----a-w   c:\windows\system32\audiosrv(4).dll
+ 2005-03-02 18:09:29   56,832   ----a-w   c:\windows\system32\authz(2).dll
+ 2005-03-02 18:09:29   56,832   ----a-w   c:\windows\system32\authz(3).dll
+ 2005-03-02 18:09:29   56,832   ----a-w   c:\windows\system32\authz(4).dll
+ 2004-08-04 07:56:41   28,672   ----a-w   c:\windows\system32\batmeter(2).dll
+ 2004-08-04 07:56:41   28,672   ----a-w   c:\windows\system32\batmeter(3).dll
+ 2004-08-04 07:56:41   28,672   ----a-w   c:\windows\system32\batmeter(4).dll
+ 2004-08-04 07:55:59   63,488   ----a-w   c:\windows\system32\browselc(2).dll
+ 2004-08-04 07:55:59   63,488   ----a-w   c:\windows\system32\browselc(3).dll
+ 2004-08-04 07:55:59   63,488   ----a-w   c:\windows\system32\browselc(4).dll
+ 2004-08-04 07:56:41   77,312   ----a-w   c:\windows\system32\browser(2).dll
+ 2004-08-04 07:56:41   77,312   ----a-w   c:\windows\system32\browser(3).dll
+ 2004-08-04 07:56:41   77,312   ----a-w   c:\windows\system32\browser(4).dll
+ 2008-10-16 10:20:52   1,024,000   ----a-w   c:\windows\system32\browseui(2).dll
+ 2008-10-16 10:20:52   1,024,000   ----a-w   c:\windows\system32\browseui(3).dll
+ 2008-10-16 10:20:52   1,024,000   ----a-w   c:\windows\system32\browseui(4).dll
- 2008-08-20 05:33:19   1,024,000   ----a-w   c:\windows\system32\browseui.dll
+ 2008-10-16 10:20:52   1,024,000   ----a-w   c:\windows\system32\browseui.dll
+ 2004-08-04 07:56:41   59,904   ----a-w   c:\windows\system32\cabinet(2).dll
+ 2004-08-04 07:56:41   59,904   ----a-w   c:\windows\system32\cabinet(3).dll
+ 2004-08-04 07:56:41   59,904   ----a-w   c:\windows\system32\cabinet(4).dll
+ 2005-07-26 04:39:42   225,792   ----a-w   c:\windows\system32\catsrv(2).dll
+ 2005-07-26 04:39:42   225,792   ----a-w   c:\windows\system32\catsrv(3).dll
+ 2005-07-26 04:39:42   225,792   ----a-w   c:\windows\system32\catsrv(4).dll
+ 2005-07-26 04:39:43   625,152   ----a-w   c:\windows\system32\catsrvut(2).dll
+ 2005-07-26 04:39:43   625,152   ----a-w   c:\windows\system32\catsrvut(3).dll
+ 2005-07-26 04:39:43   625,152   ----a-w   c:\windows\system32\catsrvut(4).dll
- 2008-08-20 05:33:17   151,040   ----a-w   c:\windows\system32\cdfview.dll
+ 2008-10-16 10:20:42   151,040   ----a-w   c:\windows\system32\cdfview.dll
- 2008-07-19 02:10:48   94,920   ----a-w   c:\windows\system32\cdm.dll
+ 2008-10-16 19:09:44   92,696   ----a-w   c:\windows\system32\cdm.dll
+ 2004-08-04 07:56:41   194,560   ----a-w   c:\windows\system32\certcli(2).dll
+ 2004-08-04 07:56:41   194,560   ----a-w   c:\windows\system32\certcli(3).dll
+ 2004-08-04 07:56:41   194,560   ----a-w   c:\windows\system32\certcli(4).dll
+ 2004-08-04 07:56:00   16,896   ----a-w   c:\windows\system32\cfgmgr32(2).dll
+ 2004-08-04 07:56:00   16,896   ----a-w   c:\windows\system32\cfgmgr32(3).dll
+ 2004-08-04 07:56:00   16,896   ----a-w   c:\windows\system32\cfgmgr32(4).dll
+ 2005-07-26 04:39:43   498,688   ----a-w   c:\windows\system32\clbcatq(2).dll
+ 2005-07-26 04:39:43   498,688   ----a-w   c:\windows\system32\clbcatq(3).dll
+ 2005-07-26 04:39:43   498,688   ----a-w   c:\windows\system32\clbcatq(4).dll
+ 2004-08-04 07:56:41   57,856   ----a-w   c:\windows\system32\clusapi(2).dll
+ 2004-08-04 07:56:41   57,856   ----a-w   c:\windows\system32\clusapi(3).dll
+ 2004-08-04 07:56:41   57,856   ----a-w   c:\windows\system32\clusapi(4).dll
+ 2004-08-04 07:56:41   47,104   ----a-w   c:\windows\system32\cnbjmon(2).dll
+ 2004-08-04 07:56:41   47,104   ----a-w   c:\windows\system32\cnbjmon(3).dll
+ 2004-08-04 07:56:41   47,104   ----a-w   c:\windows\system32\cnbjmon(4).dll
+ 2005-07-26 04:39:43   60,416   ----a-w   c:\windows\system32\colbact(2).dll
+ 2005-07-26 04:39:43   60,416   ----a-w   c:\windows\system32\colbact(3).dll
+ 2005-07-26 04:39:43   60,416   ----a-w   c:\windows\system32\colbact(4).dll
+ 2004-08-04 07:56:41   792,064   ----a-w   c:\windows\system32\comres(2).dll
+ 2004-08-04 07:56:41   792,064   ----a-w   c:\windows\system32\comres(3).dll
+ 2004-08-04 07:56:41   792,064   ----a-w   c:\windows\system32\comres(4).dll
+ 2005-07-26 04:39:44   1,267,200   ----a-w   c:\windows\system32\comsvcs(2).dll
+ 2005-07-26 04:39:44   1,267,200   ----a-w   c:\windows\system32\comsvcs(3).dll
+ 2005-07-26 04:39:44   1,267,200   ----a-w   c:\windows\system32\comsvcs(4).dll
+ 2004-08-04 07:56:41   163,840   ----a-w   c:\windows\system32\credui(2).dll
+ 2004-08-04 07:56:41   163,840   ----a-w   c:\windows\system32\credui(3).dll
+ 2004-08-04 07:56:41   163,840   ----a-w   c:\windows\system32\credui(4).dll
+ 2004-08-04 07:56:41   597,504   ----a-w   c:\windows\system32\crypt32(2).dll
+ 2004-08-04 07:56:41   597,504   ----a-w   c:\windows\system32\crypt32(3).dll
+ 2004-08-04 07:56:41   597,504   ----a-w   c:\windows\system32\crypt32(4).dll
+ 2004-08-04 07:56:41   33,280   ----a-w   c:\windows\system32\cryptdll(2).dll
+ 2004-08-04 07:56:41   33,280   ----a-w   c:\windows\system32\cryptdll(3).dll
+ 2004-08-04 07:56:41   33,280   ----a-w   c:\windows\system32\cryptdll(4).dll
+ 2004-08-04 07:56:41   63,488   ----a-w   c:\windows\system32\cryptnet(2).dll
+ 2004-08-04 07:56:41   63,488   ----a-w   c:\windows\system32\cryptnet(3).dll
+ 2004-08-04 07:56:41   63,488   ----a-w   c:\windows\system32\cryptnet(4).dll
+ 2004-08-04 07:56:41   60,416   ----a-w   c:\windows\system32\cryptsvc(2).dll
+ 2004-08-04 07:56:41   60,416   ----a-w   c:\windows\system32\cryptsvc(3).dll
+ 2004-08-04 07:56:41   60,416   ----a-w   c:\windows\system32\cryptsvc(4).dll
+ 2004-08-04 07:56:41   512,512   ----a-w   c:\windows\system32\cryptui(2).dll
+ 2004-08-04 07:56:41   512,512   ----a-w   c:\windows\system32\cryptui(3).dll
+ 2004-08-04 07:56:41   512,512   ----a-w   c:\windows\system32\cryptui(4).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\cscdll(2).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\cscdll(3).dll
+ 2004-08-04 07:56:41   101,888   ----a-w   c:\windows\system32\cscdll(4).dll
+ 2004-08-04 07:56:41   326,656   ----a-w   c:\windows\system32\cscui(2).dll
+ 2004-08-04 07:56:41   326,656   ----a-w   c:\windows\system32\cscui(3).dll
+ 2004-08-04 07:56:41   326,656   ----a-w   c:\windows\system32\cscui(4).dll
+ 2004-08-04 07:56:48   6,144   ----a-w   c:\windows\system32\csrss(2).exe
+ 2004-08-04 07:56:48   6,144   ----a-w   c:\windows\system32\csrss(3).exe
+ 2004-08-04 07:56:48   6,144   ----a-w   c:\windows\system32\csrss(4).exe
+ 2004-08-04 07:56:48   15,360   ----a-w   c:\windows\system32\ctfmon(2).exe
+ 2004-08-04 07:56:48   15,360   ----a-w   c:\windows\system32\ctfmon(3).exe
+ 2004-08-04 07:56:48   15,360   ----a-w   c:\windows\system32\ctfmon(4).exe
+ 2008-12-26 18:34:50   4,012   ----a-w   c:\windows\system32\d3d9caps.dat
+ 2004-08-04 07:56:41   825,344   ----a-w   c:\windows\system32\d3dim700(2).dll
+ 2004-08-04 07:56:41   825,344   ----a-w   c:\windows\system32\d3dim700(3).dll
+ 2004-08-04 07:56:41   825,344   ----a-w   c:\windows\system32\d3dim700(4).dll
- 2008-08-20 05:33:18   1,054,208   ----a-w   c:\windows\system32\danim.dll
+ 2008-10-16 10:20:45   1,054,208   ----a-w   c:\windows\system32\danim.dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\davclnt(2).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\davclnt(3).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\davclnt(4).dll
+ 2004-08-04 07:56:42   640,000   ----a-w   c:\windows\system32\dbghelp(2).dll
+ 2004-08-04 07:56:42   640,000   ----a-w   c:\windows\system32\dbghelp(3).dll
+ 2004-08-04 07:56:42   640,000   ----a-w   c:\windows\system32\dbghelp(4).dll
- 2004-08-04 08:07:21   1,788   ----a-w   c:\windows\system32\dcache.bin
+ 2008-04-14 00:25:26   1,804   ----a-w   c:\windows\system32\dcache.bin
+ 2004-08-04 07:56:42   8,704   ----a-w   c:\windows\system32\dciman32(2).dll
+ 2004-08-04 07:56:42   8,704   ----a-w   c:\windows\system32\dciman32(3).dll
+ 2004-08-04 07:56:42   8,704   ----a-w   c:\windows\system32\dciman32(4).dll
+ 2004-08-04 07:56:42   266,240   ----a-w   c:\windows\system32\ddraw(2).dll
+ 2004-08-04 07:56:42   266,240   ----a-w   c:\windows\system32\ddraw(3).dll
+ 2004-08-04 07:56:42   266,240   ----a-w   c:\windows\system32\ddraw(4).dll
+ 2004-08-04 07:56:42   27,136   ----a-w   c:\windows\system32\ddrawex(2).dll
+ 2004-08-04 07:56:42   27,136   ----a-w   c:\windows\system32\ddrawex(3).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\devenum(2).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\devenum(3).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\devenum(4).dll
- 2008-08-20 05:33:19   1,024,000   -c--a-w   c:\windows\system32\dllcache\browseui.dll
+ 2008-10-16 10:20:52   1,024,000   -c--a-w   c:\windows\system32\dllcache\browseui.dll
- 2008-08-20 05:33:17   151,040   -c--a-w   c:\windows\system32\dllcache\cdfview.dll
+ 2008-10-16 10:20:42   151,040   -c--a-w   c:\windows\system32\dllcache\cdfview.dll
- 2008-07-19 02:10:48   94,920   -c--a-w   c:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 19:09:44   92,696   -c--a-w   c:\windows\system32\dllcache\cdm.dll
- 2008-08-20 05:33:18   1,054,208   -c--a-w   c:\windows\system32\dllcache\danim.dll
+ 2008-10-16 10:20:45   1,054,208   -c--a-w   c:\windows\system32\dllcache\danim.dll
- 2008-08-20 05:33:18   357,888   -c--a-w   c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 10:20:45   357,888   -c--a-w   c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-20 05:33:18   205,312   -c--a-w   c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 10:20:45   205,312   -c--a-w   c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-20 05:33:18   55,808   -c--a-w   c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 10:20:46   55,808   -c--a-w   c:\windows\system32\dllcache\extmgr.dll
- 2008-02-20 06:51:05   282,624   ----a-w   c:\windows\system32\dllcache\gdi32.dll
+ 2008-10-23 13:01:36   283,648   -c--a-w   c:\windows\system32\dllcache\gdi32.dll
- 2008-08-19 09:38:57   18,432   -c--a-w   c:\windows\system32\dllcache\iedw.exe
+ 2008-10-15 14:18:21   18,432   -c--a-w   c:\windows\system32\dllcache\iedw.exe
- 2008-08-20 05:33:18   251,904   -c--a-w   c:\windows\system32\dllcache\iepeers.dll
+ 2008-10-16 10:20:46   251,904   -c--a-w   c:\windows\system32\dllcache\iepeers.dll
- 2008-08-20 05:33:18   96,256   -c--a-w   c:\windows\system32\dllcache\inseng.dll
+ 2008-10-16 10:20:46   96,256   -c--a-w   c:\windows\system32\dllcache\inseng.dll
- 2008-08-20 05:33:19   16,384   -c--a-w   c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 10:20:50   16,384   -c--a-w   c:\windows\system32\dllcache\jsproxy.dll
- 2006-10-19 01:03:58   100,864   -c--a-w   c:\windows\system32\dllcache\logagent.exe
+ 2008-06-18 06:09:22   100,864   -c--a-w   c:\windows\system32\dllcache\logagent.exe
- 2008-08-20 05:33:20   3,067,392   -c--a-w   c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-12 17:27:54   3,067,392   -c--a-w   c:\windows\system32\dllcache\mshtml.dll
- 2008-08-20 05:33:19   449,024   -c--a-w   c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 10:20:50   449,024   -c--a-w   c:\windows\system32\dllcache\mshtmled.dll
- 2008-08-20 05:33:18   146,432   -c--a-w   c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 10:20:46   146,432   -c--a-w   c:\windows\system32\dllcache\msrating.dll
- 2008-08-20 05:33:18   532,480   -c--a-w   c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 10:20:46   532,480   -c--a-w   c:\windows\system32\dllcache\mstime.dll
- 2008-08-20 05:33:18   39,424   -c--a-w   c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 10:20:46   39,424   -c--a-w   c:\windows\system32\dllcache\pngfilt.dll
- 2007-04-25 14:21:15   144,896   ----a-w   c:\windows\system32\dllcache\schannel.dll
+ 2008-12-05 07:12:45   144,896   -c--a-w   c:\windows\system32\dllcache\schannel.dll
- 2008-08-20 05:33:19   1,499,136   -c--a-w   c:\windows\system32\dllcache\shdocvw.dll
+ 2008-10-16 10:20:48   1,499,136   -c--a-w   c:\windows\system32\dllcache\shdocvw.dll
- 2007-10-26 03:34:01   8,460,288   ----a-w   c:\windows\system32\dllcache\shell32.dll
+ 2008-07-03 13:03:29   8,460,800   -c--a-w   c:\windows\system32\dllcache\shell32.dll
- 2008-08-20 05:33:19   474,112   -c--a-w   c:\windows\system32\dllcache\shlwapi.dll
+ 2008-10-16 10:20:51   474,112   -c--a-w   c:\windows\system32\dllcache\shlwapi.dll
- 2008-08-28 10:04:17   333,056   -c--a-w   c:\windows\system32\dllcache\srv.sys
+ 2008-12-11 11:57:21   333,184   -c--a-w   c:\windows\system32\dllcache\srv.sys
- 2006-08-21 14:52:08   246,814   ----a-w   c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:15:47   247,326   -c--a-w   c:\windows\system32\dllcache\strmdll.dll
- 2008-08-20 05:33:19   619,008   -c--a-w   c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 10:20:53   619,008   -c--a-w   c:\windows\system32\dllcache\urlmon.dll
- 2008-09-15 11:57:41   1,846,016   -c--a-w   c:\windows\system32\dllcache\win32k.sys
+ 2009-02-09 10:19:34   1,846,272   -c--a-w   c:\windows\system32\dllcache\win32k.sys
- 2008-08-20 05:33:19   667,648   -c--a-w   c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 10:20:49   667,648   -c--a-w   c:\windows\system32\dllcache\wininet.dll
- 2006-10-19 02:47:20   937,984   -c--a-w   c:\windows\system32\dllcache\WMNetMgr.dll
+ 2008-06-18 10:03:08   938,496   -c--a-w   c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-19 02:47:22   2,450,944   -c--a-w   c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 10:03:14   2,458,112   -c--a-w   c:\windows\system32\dllcache\WMVCore.dll
- 2008-07-19 02:09:44   563,912   -c--a-w   c:\windows\system32\dllcache\wuapi.dll
+ 2008-10-16 19:12:20   561,688   -c--a-w   c:\windows\system32\dllcache\wuapi.dll
- 2008-07-19 02:10:42   53,448   -c--a-w   c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 19:09:44   51,224   -c--a-w   c:\windows\system32\dllcache\wuauclt.exe
- 2008-07-19 02:09:42   1,811,656   -c--a-w   c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 19:13:40   1,809,944   -c--a-w   c:\windows\system32\dllcache\wuaueng.dll
- 2008-07-19 02:09:46   325,832   -c--a-w   c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 19:12:22   323,608   -c--a-w   c:\windows\system32\dllcache\wucltui.dll
- 2008-07-19 02:10:20   36,552   -c--a-w   c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 19:08:58   34,328   -c--a-w   c:\windows\system32\dllcache\wups.dll
- 2008-07-19 02:09:44   205,000   -c--a-w   c:\windows\system32\dllcache\wuweb.dll
+ 2008-10-16 19:13:40   202,776   -c--a-w   c:\windows\system32\dllcache\wuweb.dll
+ 2008-06-20 17:41:10   148,992   ----a-w   c:\windows\system32\dnsapi(2).dll
+ 2008-06-20 17:41:10   148,992   ----a-w   c:\windows\system32\dnsapi(3).dll
+ 2008-06-20 17:41:10   148,992   ----a-w   c:\windows\system32\dnsapi(4).dll
+ 2008-02-20 05:32:43   45,568   ----a-w   c:\windows\system32\dnsrslvr(2).dll
+ 2008-02-20 05:32:43   45,568   ----a-w   c:\windows\system32\dnsrslvr(3).dll
+ 2008-02-20 05:32:43   45,568   ----a-w   c:\windows\system32\dnsrslvr(4).dll
+ 2004-08-04 06:00:54   71,040   ------w   c:\windows\system32\drivers\_003705_.tmp.dll
+ 2004-08-04 06:00:54   71,040   ------w   c:\windows\system32\drivers\_003716_.tmp.dll
+ 2004-08-04 06:00:54   71,040   ------w   c:\windows\system32\drivers\_003725_.tmp.dll
- 2008-09-22 01:10:32   97,928   ----a-w   c:\windows\system32\drivers\avgldx86.sys
+ 2009-02-04 13:40:18   325,128   ----a-w   c:\windows\system32\drivers\avgldx86.sys
- 2008-09-22 01:10:30   26,824   ----a-w   c:\windows\system32\drivers\avgmfx86.sys
+ 2009-02-04 13:40:18   27,656   ----a-w   c:\windows\system32\drivers\avgmfx86.sys
- 2008-09-22 01:10:37   76,040   ----a-w   c:\windows\system32\drivers\avgtdix.sys
+ 2009-02-04 13:40:14   107,272   ----a-w   c:\windows\system32\drivers\avgtdix.sys
+ 2008-10-07 05:09:32   178,376   ----a-w   c:\windows\system32\drivers\OADriver.sys
+ 2008-10-07 05:09:48   30,920   ----a-w   c:\windows\system32\drivers\OAmon.sys
+ 2008-10-07 05:09:36   28,872   ----a-w   c:\windows\system32\drivers\OAnet.sys
- 2008-08-28 10:04:17   333,056   ----a-w   c:\windows\system32\drivers\srv.sys
+ 2008-12-11 11:57:21   333,184   ----a-w   c:\windows\system32\drivers\srv.sys
+ 2004-08-04 07:56:42   14,336   ----a-w   c:\windows\system32\drprov(2).dll
+ 2004-08-04 07:56:42   14,336   ----a-w   c:\windows\system32\drprov(3).dll
+ 2004-08-04 07:56:42   14,336   ----a-w   c:\windows\system32\drprov(4).dll
+ 2004-08-04 07:56:42   367,616   ----a-w   c:\windows\system32\dsound(2).dll
+ 2004-08-04 07:56:42   367,616   ----a-w   c:\windows\system32\dsound(3).dll
+ 2004-08-04 07:56:42   367,616   ----a-w   c:\windows\system32\dsound(4).dll
+ 2004-08-04 05:31:43   137,216   ----a-w   c:\windows\system32\dssenh(2).dll
+ 2004-08-04 05:31:43   137,216   ----a-w   c:\windows\system32\dssenh(3).dll
+ 2004-08-04 05:31:43   137,216   ----a-w   c:\windows\system32\dssenh(4).dll
+ 2004-08-04 07:56:42   304,128   ----a-w   c:\windows\system32\duser(2).dll
+ 2004-08-04 07:56:42   304,128   ----a-w   c:\windows\system32\duser(3).dll
+ 2004-08-04 07:56:42   304,128   ----a-w   c:\windows\system32\duser(4).dll
- 2008-08-20 05:33:18   357,888   ----a-w   c:\windows\system32\dxtmsft.dll
+ 2008-10-16 10:20:45   357,888   ----a-w   c:\windows\system32\dxtmsft.dll
- 2008-08-20 05:33:18   205,312   ----a-w   c:\windows\system32\dxtrans.dll
+ 2008-10-16 10:20:45   205,312   ----a-w   c:\windows\system32\dxtrans.dll
+ 2004-08-04 07:56:42   23,040   ----a-w   c:\windows\system32\ersvc(2).dll
+ 2004-08-04 07:56:42   23,040   ----a-w   c:\windows\system32\ersvc(3).dll
+ 2004-08-04 07:56:42   23,040   ----a-w   c:\windows\system32\ersvc(4).dll
+ 2008-07-07 20:32:22   253,952   ----a-w   c:\windows\system32\es(2).dll
+ 2008-07-07 20:32:22   253,952   ----a-w   c:\windows\system32\es(3).dll
+ 2008-07-07 20:32:22   253,952   ----a-w   c:\windows\system32\es(4).dll
+ 2005-10-20 22:20:03   1,082,368   ----a-w   c:\windows\system32\esent(2).dll
+ 2005-10-20 22:20:03   1,082,368   ----a-w   c:\windows\system32\esent(3).dll
+ 2005-10-20 22:20:03   1,082,368   ----a-w   c:\windows\system32\esent(4).dll
+ 2004-08-04 07:56:42   55,808   ----a-w   c:\windows\system32\eventlog(2).dll
+ 2004-08-04 07:56:42   55,808   ----a-w   c:\windows\system32\eventlog(3).dll
+ 2004-08-04 07:56:42   55,808   ----a-w   c:\windows\system32\eventlog(4).dll
- 2008-08-20 05:33:18   55,808   ----a-w   c:\windows\system32\extmgr.dll
+ 2008-10-16 10:20:46   55,808   ----a-w   c:\windows\system32\extmgr.dll
+ 2004-08-04 07:56:42   80,384   ----a-w   c:\windows\system32\faultrep(2).dll
+ 2004-08-04 07:56:42   80,384   ----a-w   c:\windows\system32\faultrep(3).dll
+ 2004-08-04 07:56:42   80,384   ----a-w   c:\windows\system32\faultrep(4).dll
- 2008-10-16 07:12:49   228,800   ----a-w   c:\windows\system32\FNTCACHE.DAT
+ 2009-04-03 07:08:43   228,800   ----a-w   c:\windows\system32\FNTCACHE.DAT
- 2008-02-20 06:51:05   282,624   ----a-w   c:\windows\system32\gdi32.dll
+ 2008-10-23 13:01:36   283,648   ----a-w   c:\windows\system32\gdi32.dll
+ 2004-08-04 07:56:42   20,992   ----a-w   c:\windows\system32\hid(2).dll
+ 2004-08-04 07:56:42   20,992   ----a-w   c:\windows\system32\hid(3).dll
+ 2004-08-04 07:56:42   20,992   ----a-w   c:\windows\system32\hid(4).dll
+ 2004-08-04 07:56:42   344,064   ----a-w   c:\windows\system32\hnetcfg(2).dll
+ 2004-08-04 07:56:42   344,064   ----a-w   c:\windows\system32\hnetcfg(3).dll
+ 2004-08-04 07:56:42   344,064   ----a-w   c:\windows\system32\hnetcfg(4).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\httpapi(2).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\httpapi(3).dll
+ 2004-08-04 07:56:42   24,576   ----a-w   c:\windows\system32\httpapi(4).dll
+ 2004-08-04 07:56:42   11,264   ----a-w   c:\windows\system32\icaapi(2).dll
+ 2004-08-04 07:56:42   11,264   ----a-w   c:\windows\system32\icaapi(3).dll
+ 2004-08-04 07:56:42   11,264   ----a-w   c:\windows\system32\icaapi(4).dll
+ 2004-08-04 07:56:07   3,584   ----a-w   c:\windows\system32\icmp(2).dll
- 2008-08-20 05:33:18   251,904   ----a-w   c:\windows\system32\iepeers.dll
+ 2008-10-16 10:20:46   251,904   ----a-w   c:\windows\system32\iepeers.dll
+ 2004-08-04 07:56:42   35,840   ----a-w   c:\windows\system32\imgutil(2).dll
+ 2008-04-11 18:50:43   683,520   ----a-w   c:\windows\system32\inetcomm(2).dll
+ 2008-04-11 18:50:43   683,520   ----a-w   c:\windows\system32\inetcomm(3).dll
+ 2008-04-11 18:50:43   683,520   ----a-w   c:\windows\system32\inetcomm(4).dll
+ 2004-08-04 07:56:42   75,264   ----a-w   c:\windows\system32\inetpp(2).dll
+ 2004-08-04 07:56:42   75,264   ----a-w   c:\windows\system32\inetpp(3).dll
+ 2004-08-04 07:56:42   75,264   ----a-w   c:\windows\system32\inetpp(4).dll
+ 2004-08-04 07:56:08   48,128   ----a-w   c:\windows\system32\inetres(2).dll
+ 2004-08-04 07:56:08   48,128   ----a-w   c:\windows\system32\inetres(3).dll
+ 2004-08-04 07:56:08   48,128   ----a-w   c:\windows\system32\inetres(4).dll
- 2008-08-20 05:33:18   96,256   ----a-w   c:\windows\system32\inseng.dll
+ 2008-10-16 10:20:46   96,256   ----a-w   c:\windows\system32\inseng.dll
+ 2006-05-19 12:59:41   94,720   ----a-w   c:\windows\system32\iphlpapi(2).dll
+ 2006-05-19 12:59:41   94,720   ----a-w   c:\windows\system32\iphlpapi(3).dll
+ 2006-05-19 12:59:41   94,720   ----a-w   c:\windows\system32\iphlpapi(4).dll
+ 2004-08-04 07:56:42   331,264   ----a-w   c:\windows\system32\ipnathlp(2).dll
+ 2004-08-04 07:56:42   331,264   ----a-w   c:\windows\system32\ipnathlp(3).dll
+ 2004-08-04 07:56:42   331,264   ----a-w   c:\windows\system32\ipnathlp(4).dll
+ 2004-08-04 07:56:42   182,784   ----a-w   c:\windows\system32\ipsecsvc(2).dll
+ 2004-08-04 07:56:42   182,784   ----a-w   c:\windows\system32\ipsecsvc(3).dll
+ 2004-08-04 07:56:42   182,784   ----a-w   c:\windows\system32\ipsecsvc(4).dll
+ 2007-12-18 14:40:58   450,560   ----a-w   c:\windows\system32\jscript(2).dll
+ 2007-12-18 14:40:58   450,560   ----a-w   c:\windows\system32\jscript(3).dll
- 2008-08-20 05:33:19   16,384   ----a-w   c:\windows\system32\jsproxy.dll
+ 2008-10-16 10:20:50   16,384   ----a-w   c:\windows\system32\jsproxy.dll
+ 2005-06-15 17:49:30   295,936   ----a-w   c:\windows\system32\kerberos(2).dll
+ 2005-06-15 17:49:30   295,936   ----a-w   c:\windows\system32\kerberos(3).dll
+ 2005-06-15 17:49:30   295,936   ----a-w   c:\windows\system32\kerberos(4).dll
- 2008-06-11 00:04:26   1,044,480   ----a-w   c:\windows\system32\libdivx.dll
+ 2008-11-21 21:46:10   1,044,480   ----a-w   c:\windows\system32\libdivx.dll
+ 2005-09-01 01:41:53   19,968   ----a-w   c:\windows\system32\linkinfo(2).dll
+ 2005-09-01 01:41:53   19,968   ----a-w   c:\windows\system32\linkinfo(3).dll
+ 2005-09-01 01:41:53   19,968   ----a-w   c:\windows\system32\linkinfo(4).dll
+ 2007-07-27 19:49:02   196,683   ----a-w   c:\windows\system32\lnod32apiA.dll
+ 2007-07-27 19:49:02   225,355   ----a-w   c:\windows\system32\lnod32apiW.dll
+ 2005-12-06 00:25:22   139,264   ----a-w   c:\windows\system32\lnod32umc.dll
+ 2005-12-05 17:37:10   106,496   ----a-w   c:\windows\system32\lnod32upd.dll
+ 2004-08-04 07:56:42   97,280   ----a-w   c:\windows\system32\loadperf(2).dll
+ 2004-08-04 07:56:42   97,280   ----a-w   c:\windows\system32\loadperf(3).dll
+ 2004-08-04 07:56:42   97,280   ----a-w   c:\windows\system32\loadperf(4).dll
- 2006-10-19 01:03:58   100,864   ----a-w   c:\windows\system32\logagent.exe
+ 2008-06-18 06:09:22   100,864   ----a-w   c:\windows\system32\logagent.exe
+ 2004-08-04 07:56:50   13,312   ----a-w   c:\windows\system32\lsass(2).exe
+ 2004-08-04 07:56:50   13,312   ----a-w   c:\windows\system32\lsass(3).exe
+ 2004-08-04 07:56:50   13,312   ----a-w   c:\windows\system32\lsass(4).exe
- 2008-03-25 03:21:18   2,889,088   ----a-w   c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2008-10-05 03:24:02   3,695,008   ----a-w   c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2008-03-25 03:21:20   218,496   ----a-w   c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-10-05 03:24:04   235,936   ----a-w   c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2008-09-27 16:54:53   70,264   ----a-w   c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-11-18 00:22:36   84,661   ----a-w   c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2004-08-04 07:56:42   22,528   ----a-w   c:\windows\system32\mfcsubs(2).dll
+ 2004-08-04 07:56:42   22,528   ----a-w   c:\windows\system32\mfcsubs(3).dll
+ 2004-08-04 07:56:42   22,528   ----a-w   c:\windows\system32\mfcsubs(4).dll
+ 2004-08-04 07:56:42   18,944   ----a-w   c:\windows\system32\midimap(2).dll
+ 2004-08-04 07:56:42   18,944   ----a-w   c:\windows\system32\midimap(3).dll
+ 2004-08-04 07:56:42   18,944   ----a-w   c:\windows\system32\midimap(4).dll
+ 2004-08-04 07:56:42   586,240   ----a-w   c:\windows\system32\mlang(2).dll
+ 2004-08-04 07:56:42   586,240   ----a-w   c:\windows\system32\mlang(3).dll
+ 2004-08-04 07:56:42   586,240   ----a-w   c:\windows\system32\mlang(4).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\mpr(2).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\mpr(3).dll
+ 2004-08-04 07:56:42   59,904   ----a-w   c:\windows\system32\mpr(4).dll
+ 2004-08-04 07:56:42   87,040   ----a-w   c:\windows\system32\mprapi(2).dll
+ 2004-08-04 07:56:42   87,040   ----a-w   c:\windows\system32\mprapi(3).dll
+ 2004-08-04 07:56:42   87,040   ----a-w   c:\windows\system32\mprapi(4).dll
- 2008-11-04 00:10:25   17,318,336   ----a-w   c:\windows\system32\MRT.exe
+ 2009-02-25 16:55:00   24,768,960   ----a-w   c:\windows\system32\MRT.exe
+ 2004-08-04 07:56:42   71,680   ----a-w   c:\windows\system32\msacm32(2).dll
+ 2004-08-04 07:56:42   71,680   ----a-w   c:\windows\system32\msacm32(3).dll
+ 2004-08-04 07:56:42   71,680   ----a-w   c:\windows\system32\msacm32(4).dll
+ 2004-08-04 07:56:42   57,344   ----a-w   c:\windows\system32\msasn1(2).dll
+ 2004-08-04 07:56:42   57,344   ----a-w   c:\windows\system32\msasn1(3).dll
+ 2004-08-04 07:56:42   57,344   ----a-w   c:\windows\system32\msasn1(4).dll
+ 2008-06-24 16:23:05   74,240   ----a-w   c:\windows\system32\mscms(2).dll
+ 2008-06-24 16:23:05   74,240   ----a-w   c:\windows\system32\mscms(3).dll
+ 2008-06-24 16:23:05   74,240   ----a-w   c:\windows\system32\mscms(4).dll
+ 2004-08-04 07:56:42   294,400   ----a-w   c:\windows\system32\msctf(2).dll
+ 2004-08-04 07:56:42   294,400   ----a-w   c:\windows\system32\msctf(3).dll
+ 2004-08-04 07:56:42   294,400   ----a-w   c:\windows\system32\msctf(4).dll
+ 2004-08-04 07:56:43   14,336   ----a-w   c:\windows\system32\msdmo(2).dll
+ 2004-08-04 07:56:43   14,336   ----a-w   c:\windows\system32\msdmo(3).dll
+ 2004-08-04 07:56:43   14,336   ----a-w   c:\windows\system32\msdmo(4).dll
- 2008-08-20 05:33:20   3,067,392   ----a-w   c:\windows\system32\mshtml.dll
+ 2008-12-12 17:27:54   3,067,392   ----a-w   c:\windows\system32\mshtml.dll
+ 2008-10-16 10:20:50   449,024   ----a-w   c:\windows\system32\mshtmled(2).dll
+ 2008-10-16 10:20:50   449,024   ----a-w   c:\windows\system32\mshtmled(3).dll
+ 2008-10-16 10:20:50   449,024   ----a-w   c:\windows\system32\mshtmled(4).dll
- 2008-08-20 05:33:19   449,024   ----a-w   c:\windows\system32\mshtmled.dll
+ 2008-10-16 10:20:50   449,024   ----a-w   c:\windows\system32\mshtmled.dll
+ 2004-08-04 07:56:43   6,656   ----a-w   c:\windows\system32\msidle(2).dll
+ 2004-08-04 07:56:43   6,656   ----a-w   c:\windows\system32\msidle(3).dll
+ 2004-08-04 07:56:43   6,656   ----a-w   c:\windows\system32\msidle(4).dll
+ 2004-08-04 07:56:43   4,608   ----a-w   c:\windows\system32\msimg32(2).dll
+ 2004-08-04 07:56:43   4,608   ----a-w   c:\windows\system32\msimg32(3).dll
+ 2004-08-04 07:56:43   4,608   ----a-w   c:\windows\system32\msimg32(4).dll
+ 2004-08-04 07:56:43   159,232   ----a-w   c:\windows\system32\msimtf(2).dll
+ 2004-08-04 07:56:43   159,232   ----a-w   c:\windows\system32\msimtf(3).dll
+ 2004-08-04 07:56:43   159,232   ----a-w   c:\windows\system32\msimtf(4).dll
+ 2004-08-04 07:56:43   105,984   ----a-w   c:\windows\system32\msoert2(2).dll
+ 2004-08-04 07:56:43   105,984   ----a-w   c:\windows\system32\msoert2(3).dll
+ 2004-08-04 07:56:43   105,984   ----a-w   c:\windows\system32\msoert2(4).dll
+ 2004-08-04 07:56:43   30,208   ----a-w   c:\windows\system32\mspatcha(2).dll
+ 2004-08-04 07:56:43   30,208   ----a-w   c:\windows\system32\mspatcha(3).dll
+ 2004-08-04 07:56:43   30,208   ----a-w   c:\windows\system32\mspatcha(4).dll
+ 2004-08-04 07:56:18   48,128   ----a-w   c:\windows\system32\msprivs(2).dll
+ 2004-08-04 07:56:18   48,128   ----a-w   c:\windows\system32\msprivs(3).dll
+ 2004-08-04 07:56:18   48,128   ----a-w   c:\windows\system32\msprivs(4).dll
- 2008-08-20 05:33:18   146,432   ----a-w   c:\windows\system32\msrating.dll
+ 2008-10-16 10:20:46   146,432   ----a-w   c:\windows\system32\msrating.dll
- 2008-08-20 05:33:18   532,480   ----a-w   c:\windows\system32\mstime.dll
+ 2008-10-16 10:20:46   532,480   ----a-w   c:\windows\system32\mstime.dll
+ 2004-08-04 07:56:43   115,712   ----a-w   c:\windows\system32\mstlsapi(2).dll
+ 2004-08-04 07:56:43   115,712   ----a-w   c:\windows\system32\mstlsapi(3).dll
+ 2004-08-04 07:56:43   115,712   ----a-w   c:\windows\system32\mstlsapi(4).dll
+ 2004-08-04 07:56:43   195,072   ----a-w   c:\windows\system32\msutb(2).dll
+ 2004-08-04 07:56:43   195,072   ----a-w   c:\windows\system32\msutb(3).dll
+ 2004-08-04 07:56:43   195,072   ----a-w   c:\windows\system32\msutb(4).dll
+ 2004-08-04 07:56:43   413,696   ----a-w   c:\windows\system32\msvcp60(2).dll
+ 2004-08-04 07:56:43   413,696   ----a-w   c:\windows\system32\msvcp60(3).dll
+ 2004-08-04 07:56:43   413,696   ----a-w   c:\windows\system32\msvcp60(4).dll
- 2003-03-19 02:14:52   499,712   ----a-r   c:\windows\system32\msvcp71.dll
+ 2008-11-17 23:25:13   499,712   ----a-w   c:\windows\system32\msvcp71.dll
- 2003-02-21 08:42:22   348,160   ------w   c:\windows\system32\msvcr71.dll
+ 2008-11-17 23:25:13   348,160   ----a-w   c:\windows\system32\msvcr71.dll
+ 2004-08-04 07:56:43   343,040   ----a-w   c:\windows\system32\msvcrt(2).dll
+ 2004-08-04 07:56:43   343,040   ----a-w   c:\windows\system32\msvcrt(3).dll
+ 2004-08-04 07:56:43   343,040   ----a-w   c:\windows\system32\msvcrt(4).dll
+ 2004-08-04 07:56:43   120,832   ----a-w   c:\windows\system32\msvfw32(2).dll
+ 2004-08-04 07:56:43   120,832   ----a-w   c:\windows\system32\msvfw32(3).dll
+ 2004-08-04 07:56:43   120,832   ----a-w   c:\windows\system32\msvfw32(4).dll
+ 2008-06-20 17:41:10   245,248   ----a-w   c:\windows\system32\mswsock(2).dll
+ 2008-06-20 17:41:10   245,248   ----a-w   c:\windows\system32\mswsock(3).dll
+ 2008-06-20 17:41:10   245,248   ----a-w   c:\windows\system32\mswsock(4).dll
+ 2006-03-01 19:42:42   66,560   ----a-w   c:\windows\system32\mtxclu(2).dll
+ 2006-03-01 19:42:42   66,560   ----a-w   c:\windows\system32\mtxclu(3).dll
+ 2006-03-01 19:42:42   66,560   ----a-w   c:\windows\system32\mtxclu(4).dll
- 2008-07-19 02:07:34   270,880   ----a-w   c:\windows\system32\mucltui.dll
+ 2008-10-16 19:06:48   268,648   ----a-w   c:\windows\system32\mucltui.dll
- 2008-07-19 02:07:32   210,976   ----a-w   c:\windows\system32\muweb.dll
+ 2008-10-16 19:06:48   208,744   ----a-w   c:\windows\system32\muweb.dll
+ 2004-08-04 07:56:44   90,624   ----a-w   c:\windows\system32\mydocs(2).dll
+ 2004-08-04 07:56:44   90,624   ----a-w   c:\windows\system32\mydocs(3).dll
+ 2004-08-04 07:56:44   90,624   ----a-w   c:\windows\system32\mydocs(4).dll
+ 2004-08-04 07:56:44   17,920   ----a-w   c:\windows\system32\nddeapi(2).dll
+ 2004-08-04 07:56:44   17,920   ----a-w   c:\windows\system32\nddeapi(3).dll
+ 2004-08-04 07:56:44   17,920   ----a-w   c:\windows\system32\nddeapi(4).dll
+ 2008-10-15 16:57:55   332,800   ----a-w   c:\windows\system32\netapi32(2).dll
+ 2008-10-15 16:57:55   332,800   ----a-w   c:\windows\system32\netapi32(3).dll
+ 2008-10-15 16:57:55   332,800   ----a-w   c:\windows\system32\netapi32(4).dll
+ 2004-08-04 07:56:44   622,080   ----a-w   c:\windows\system32\netcfgx(2).dll
+ 2004-08-04 07:56:44   622,080   ----a-w   c:\windows\system32\netcfgx(3).dll
+ 2004-08-04 07:56:44   622,080   ----a-w   c:\windows\system32\netcfgx(4).dll
+ 2004-08-04 07:56:44   407,040   ----a-w   c:\windows\system32\netlogon(2).dll
+ 2004-08-04 07:56:44   407,040   ----a-w   c:\windows\system32\netlogon(3).dll
+ 2004-08-04 07:56:44   407,040   ----a-w   c:\windows\system32\netlogon(4).dll
+ 2005-08-22 18:29:46   197,632   ----a-w   c:\windows\system32\netman(2).dll
+ 2005-08-22 18:29:46   197,632   ----a-w   c:\windows\system32\netman(3).dll
+ 2005-08-22 18:29:46   197,632   ----a-w   c:\windows\system32\netman(4).dll
+ 2004-08-04 07:56:44   12,288   ----a-w   c:\windows\system32\netrap(2).dll
+ 2004-08-04 07:56:44   12,288   ----a-w   c:\windows\system32\netrap(3).dll
+ 2004-08-04 07:56:44   12,288   ----a-w   c:\windows\system32\netrap(4).dll
+ 2004-08-04 07:56:44   1,708,032   ----a-w   c:\windows\system32\netshell(2).dll
+ 2004-08-04 07:56:44   1,708,032   ----a-w   c:\windows\system32\netshell(3).dll
+ 2004-08-04 07:56:44   1,708,032   ----a-w   c:\windows\system32\netshell(4).dll
+ 2004-08-04 07:56:44   80,896   ----a-w   c:\windows\system32\netui0(2).dll
+ 2004-08-04 07:56:44   80,896   ----a-w   c:\windows\system32\netui0(3).dll
+ 2004-08-04 07:56:44   80,896   ----a-w   c:\windows\system32\netui0(4).dll
+ 2004-08-04 07:56:44   245,760   ----a-w   c:\windows\system32\netui1(2).dll
+ 2004-08-04 07:56:44   245,760   ----a-w   c:\windows\system32\netui1(3).dll
+ 2004-08-04 07:56:44   245,760   ----a-w   c:\windows\system32\netui1(4).dll
+ 2004-08-04 07:56:44   248,832   ----a-w   c:\windows\system32\newdev(2).dll
+ 2004-08-04 07:56:44   248,832   ----a-w   c:\windows\system32\newdev(3).dll
+ 2004-08-04 07:56:44   248,832   ----a-w   c:\windows\system32\newdev(4).dll
+ 2004-08-04 07:56:44   67,072   ----a-w   c:\windows\system32\ntdsapi(2).dll
+ 2004-08-04 07:56:44   67,072   ----a-w   c:\windows\system32\ntdsapi(3).dll
+ 2004-08-04 07:56:44   67,072   ----a-w   c:\windows\system32\ntdsapi(4).dll
+ 2004-08-04 07:56:44   43,520   ----a-w   c:\windows\system32\ntlanman(2).dll
+ 2004-08-04 07:56:44   43,520   ----a-w   c:\windows\system32\ntlanman(3).dll
+ 2004-08-04 07:56:44   43,520   ----a-w   c:\windows\system32\ntlanman(4).dll
+ 2004-08-04 07:56:44   118,784   ----a-w   c:\windows\system32\ntmarta(2).dll
+ 2004-08-04 07:56:44   118,784   ----a-w   c:\windows\system32\ntmarta(3).dll
+ 2004-08-04 07:56:44   118,784   ----a-w   c:\windows\system32\ntmarta(4).dll
+ 2004-08-04 07:56:44   143,872   ----a-w   c:\windows\system32\ntshrui(2).dll
+ 2004-08-04 07:56:44   143,872   ----a-w   c:\windows\system32\ntshrui(3).dll
+ 2004-08-04 07:56:44   143,872   ----a-w   c:\windows\system32\ntshrui(4).dll
+ 2004-08-04 07:56:44   266,752   ----a-w   c:\windows\system32\oakley(2).dll
+ 2004-08-04 07:56:44   266,752   ----a-w   c:\windows\system32\oakley(3).dll
+ 2004-08-04 07:56:44   266,752   ----a-w   c:\windows\system32\oakley(4).dll
+ 2003-07-16 20:40:13   60,928   ----a-w   c:\windows\system32\ocmanage(2).dll
+ 2003-07-16 20:40:13   60,928   ----a-w   c:\windows\system32\ocmanage(3).dll
+ 2003-07-16 20:40:13   60,928   ----a-w   c:\windows\system32\ocmanage(4).dll
+ 2004-08-04 07:56:44   120,832   ----a-w   c:\windows\system32\offfilt(2).dll
+ 2004-08-04 07:56:44   120,832   ----a-w   c:\windows\system32\offfilt(3).dll
+ 2005-07-26 04:39:48   1,285,120   ----a-w   c:\windows\system32\ole32(2).dll
+ 2005-07-26 04:39:48   1,285,120   ----a-w   c:\windows\system32\ole32(3).dll
+ 2005-07-26 04:39:48   1,285,120   ----a-w   c:\windows\system32\ole32(4).dll
+ 2005-07-26 04:39:48   74,752   ----a-w   c:\windows\system32\olecli32(2).dll
+ 2005-07-26 04:39:48   74,752   ----a-w   c:\windows\system32\olecli32(3).dll
+ 2005-07-26 04:39:48   74,752   ----a-w   c:\windows\system32\olecli32(4).dll
+ 2004-08-04 07:56:44   83,456   ----a-w   c:\windows\system32\olepro32(2).dll
+ 2004-08-04 07:56:44   83,456   ----a-w   c:\windows\system32\olepro32(3).dll
+ 2004-08-04 07:56:44   83,456   ----a-w   c:\windows\system32\olepro32(4).dll
+ 2008-02-11 14:39:26   253,952   ----a-w   c:\windows\system32\OnlineScannerDLLA.dll
+ 2008-02-11 14:39:18   237,568   ----a-w   c:\windows\system32\OnlineScannerDLLW.dll
+ 2008-02-08 18:53:46   110,592   ----a-w   c:\windows\system32\OnlineScannerLang.dll
+ 2008-02-05 13:48:04   77,824   ----a-w   c:\windows\system32\OnlineScannerUninstaller.exe
- 2008-11-02 09:49:07   53,724   ----a-w   c:\windows\system32\perfc009.dat
+ 2009-04-04 09:17:33   53,724   ----a-w   c:\windows\system32\perfc009.dat
- 2008-11-02 09:49:07   383,562   ----a-w   c:\windows\system32\perfh009.dat
+ 2009-04-04 09:17:33   383,562   ----a-w   c:\windows\system32\perfh009.dat
+ 2004-08-04 07:56:44   25,088   ----a-w   c:\windows\system32\perfos(2).dll
+ 2004-08-04 07:56:44   25,088   ----a-w   c:\windows\system32\perfos(3).dll
+ 2004-08-04 07:56:44   25,088   ----a-w   c:\windows\system32\perfos(4).dll
+ 2004-08-04 07:56:44   15,360   ----a-w   c:\windows\system32\pjlmon(2).dll
+ 2004-08-04 07:56:44   15,360   ----a-w   c:\windows\system32\pjlmon(3).dll
+ 2004-08-04 07:56:44   15,360   ----a-w   
Logged

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 11540
  • "Stronger than the past, united in our goal."
    • Security Garden
Re: I think I might have another virus?!
« Reply #9 on: April 10, 2009, 08:58:53 PM »
Hi, cbfr.

Apologies for not getting back to you sooner.  It appears that lines are being repeated in your log for some reason.  However, there are other sections I would like to see.  Please locate the section that begins with the following and copy paste from there to the end as a reply.  If it takes more than one reply to get it all in, that is fine.


(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
Logged
,  

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline cbfr

  • Newbie
  • *
  • Posts: 26
Re: I think I might have another virus?!
« Reply #10 on: April 14, 2009, 11:10:29 PM »
Hi Corrine

That's ok!

Here is ComboFix.  Thanks.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-04 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-01-05 29744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-04 1601304]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\oaui.exe" [2008-10-07 6223048]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-11-17 185872]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-09-12 36352]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-01-05 29744]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 c:\windows\BCMSMMSG.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-04 09:40 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
 [BU]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [2008-10-07 3321032]
R3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-05 29744]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2008-10-22 38496]
R3 Radialpoint Security Services;Radialpoint Security Services;c:\windows\system32\dllhost.exe [2004-08-04 5120]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-02-04 325128]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-02-04 107272]
S1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2008-10-07 178376]
S1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2008-10-07 30920]
S1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [2008-10-07 28872]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-02-04 903960]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-04 298264]
S2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\oacat.exe [2008-10-07 1402568]


--- Other Services/Drivers In Memory ---

*Deregistered* - AFD
*Deregistered* - ALG
*Deregistered* - Apple Mobile Device
*Deregistered* - AudioSrv
*Deregistered* - audstub
*Deregistered* - avg8emc
*Deregistered* - avg8wd
*Deregistered* - AvgLdx86
*Deregistered* - AvgMfx86
*Deregistered* - AvgTdiX
*Deregistered* - Beep
*Deregistered* - BITS
*Deregistered* - Bonjour Service
*Deregistered* - Browser
*Deregistered* - Cdfs
*Deregistered* - CryptSvc
*Deregistered* - CSS DVP
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - Dnscache
*Deregistered* - dvpapi
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - Fastfat
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - Ftdisk
*Deregistered* - Gpc
*Deregistered* - helpsvc
*Deregistered* - HTTP
*Deregistered* - HTTPFilter
*Deregistered* - ImapiService
*Deregistered* - IpNat
*Deregistered* - iPod Service
*Deregistered* - IPSec
*Deregistered* - KSecDD
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - mnmdd
*Deregistered* - Mouclass
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - OAcat
*Deregistered* - OADevice
*Deregistered* - OAmon
*Deregistered* - OAnet
*Deregistered* - OMCI
*Deregistered* - PartMgr
*Deregistered* - ParVdm
*Deregistered* - Pml Driver HPZ12
*Deregistered* - PolicyAgent
*Deregistered* - PptpMiniport
*Deregistered* - ProtectedStorage
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasMan
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - Spooler
*Deregistered* - sr
*Deregistered* - srservice
*Deregistered* - Srv
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - SvcOnlineArmor
*Deregistered* - swenum
*Deregistered* - TapiSrv
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - Update
*Deregistered* - VgaSave
*Deregistered* - VolSnap
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WZCSVC
.
Contents of the 'Scheduled Tasks' folder

2009-04-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-04-07 c:\windows\Tasks\Spybot - Search & Destroy -  Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SpybotSD.exe []

2006-04-10 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2003-08-13 18:38]
.
.
------- Supplementary Scan -------
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: {B12213CD-4189-415D-A054-7999528459F7} - hxxp://aolsvc.aol.com/onlinegames/tryrumblecube/pixelstormlauncher.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://aolsvc.aol.com/onlinegames/tryaces/zylomgamesplayer.cab
FF - ProfilePath - c:\documents and settings\Christina\Application Data\Mozilla\Firefox\Profiles\w2d6bx4i.default\
FF - prefs.js: browser.startup.homepage - www.foodtv.com
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-07 20:55:22
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\cfexefile\DefaultIcon]
@DACL=(02 0000)
@SACL=
@="%1"

[HKEY_LOCAL_MACHINE\software\Classes\cfexefile\shell]
@DACL=(02 0000)
@SACL=


Logged

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 11540
  • "Stronger than the past, united in our goal."
    • Security Garden
Re: I think I might have another virus?!
« Reply #11 on: April 15, 2009, 12:44:54 AM »
Hi, cbfr.

I'm not sure why your log was repeating items.  I haven't seen that before.  Let's take a different approach to see where things stand.

Please download JavaRa and unzip it to your desktop.

  • Double-click on JavaRa.exe to start the program.  (Windows Vista users Right-click JavaRa.exe > Select Run as Administrator)
  • Click on Remove Older Versions to remove older versions of Java.
  • A logfile will pop up. Please save it to a convenient location.

Then download and install Java SE Runtime Environment (JRE) 6 Update 13.   

Note:  UNCHECK any pre-checked toolbar and/or software options presented with the update.  They are not part of the software update and are completely optional.   

Please download ATF Cleaner by Atribune from http://www.atribune.org/index.php?option=c...5&Itemid=25 . Save it to your Desktop.

Run ATF Cleaner
  • Double-click ATF-Cleaner.exe to run the program.
  • Click Select All found at the bottom of the list.
  • Click the Empty Selected button.
  • Click Exit on the Main menu to close the program.
  • Shutdown/restart the computer.

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Please post contents of that file in your next reply and a fresh HijackThis log.

Double-click the HijackThis icon on your desktop (or launch from the TrendMicro Folder)
  • Select "Do a system scan and save the Logfile"
  • When the scan is completed, Notepad will launch with the log. Please UNcheck Word Wrap in Notepad (Click Format > UNcheck Word Wrap)
Please go to Eset website to perform an online scan. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Uncheck (untick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, you will find a log in C:\Program Files\esetonlinescanner\log.txt. Please post this log in your next reply.
Include the MBAM, ESET and HijackThis logs in your reply.
Logged
,  

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline cbfr

  • Newbie
  • *
  • Posts: 26
Re: I think I might have another virus?!
« Reply #12 on: April 23, 2009, 11:21:43 PM »
Hi Corrine

Sorry it's taken me a while to get back to you.  We have a few issues.  Anytime a website requires me to login, the page becomes unavailable.  It also wouldn't allow me to install Java on both Firefox and Explorer.  Also, when I tried to go to the ESET website, after I clicked Start, it goes to the next page but nothing comes up (I was using Explorer).  Here are my logs for Java Ra, Malawares and Hijack This.  Thanks.

JavaRa 1.11 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Nov 11 19:41:40 2008

Found and removed: C:\Program Files\Java\jre1.5.0_06

Found and removed: C:\Program Files\Java\jre1.5.0_09

Found and removed: C:\Program Files\Java\jre1.5.0_10

Found and removed: C:\Program Files\Java\jre1.5.0_11

Found and removed: C:\Program Files\Java\jre1.6.0_01

Found and removed: C:\Program Files\Java\jre1.6.0_02

Found and removed: C:\Program Files\Java\jre1.6.0_03

Found and removed: C:\Program Files\Java\jre1.6.0_05

Found and removed: C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64

Found and removed: Software\JavaSoft\Java2D\1.5.0_06

Found and removed: Software\JavaSoft\Java2D\1.5.0_09

Found and removed: Software\JavaSoft\Java2D\1.5.0_10

Found and removed: Software\JavaSoft\Java2D\1.5.0_11

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510009

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511000

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510009

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511000

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510009

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511000

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\JavaPlugin.150_06

Found and removed: SOFTWARE\Classes\JavaPlugin.150_09

Found and removed: SOFTWARE\Classes\JavaPlugin.150_10

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_06

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_09

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_10

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_11

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_06

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_09

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_10

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_11

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510006

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510009

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511000

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510009

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511000

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150090}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150100}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150110}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_06

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_09

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_10

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_11

Found and removed: Software\Classes\JavaPlugin.160_01

Found and removed: Software\Classes\JavaPlugin.160_02

Found and removed: Software\Classes\JavaPlugin.160_03

Found and removed: Software\Classes\JavaPlugin.160_05

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_06\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_09\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_10\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_11\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_01.b06\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_03.b05\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core1.zip

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core2.zip

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core3.zip

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05

Found and removed: Software\JavaSoft\Java2D\1.6.0_01

Found and removed: Software\JavaSoft\Java2D\1.6.0_02

Found and removed: Software\JavaSoft\Java2D\1.6.0_03

Found and removed: Software\JavaSoft\Java2D\1.6.0_05

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_02

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

JavaRa 1.11 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Nov 11 19:42:07 2008

------------------------------------

Finished reporting.



JavaRa 1.13 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Wed Apr 22 19:46:22 2009

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\

------------------------------------

Finished reporting.



JavaRa 1.13 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Wed Apr 22 19:47:48 2009

------------------------------------

Finished reporting.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:44:56 AM, on 23/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\Tall Emu\Online Armor\oacat.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\BCMSMMSG.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) -  - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (file missing)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Mystery Stories - Island of Hope\Images\stg_drm.ocx
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1144285784203
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B12213CD-4189-415D-A054-7999528459F7} (pixelStormLauncher Class) - http://aolsvc.aol.com/onlinegames/tryrumblecube/pixelstormlauncher.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://aolsvc.aol.com/onlinegames/tryaces/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} (AstoundLauncher Control) - http://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Rainbow Web 2\Images\armhelper.ocx
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} (SCEWebLauncherCtl Object) - http://sympatico.zone.msn.com/bingame/hsol/default/SCEWebLauncher.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oacat.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Radialpoint Unicorn Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Bell\Scan and Clean utility\rpsupdaterR.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe

--
End of file - 10775 bytes


Malwarebytes' Anti-Malware 1.30
Database version: 1381
Windows 5.1.2600 Service Pack 2

23/04/2009 6:36:42 AM
mbam-log-2009-04-23 (06-36-42).txt

Scan type: Full Scan (A:\|C:\|D:\|)
Objects scanned: 190967
Time elapsed: 2 hour(s), 5 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\QooBox\Quarantine\C\WINDOWS\system32\tdsslog.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\tdssmain.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\tdssserf.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\tdssserf1.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\TDSSserv.sys.vir (Trojan.TDSS) -> Quarantined and deleted successfully.


Logged

Offline Paddy

  • LandzDown Team
  • Hero Member
  • *****
  • Posts: 1376
Re: I think I might have another virus?!
« Reply #13 on: April 24, 2009, 12:32:47 AM »
Your malwarebytes is way of of date please update it, do a new scn and post the logfile Please..

Quote
Malwarebytes' Anti-Malware 1.30
Database version: 1381
Logged
This is one race of people for whom psychoanalysis is of no use whatsoever - Sigmund Freud (about the Irish)

Never argue with a fool, they will lower you to their level and then beat you with experience.

Offline cbfr

  • Newbie
  • *
  • Posts: 26
Re: I think I might have another virus?!
« Reply #14 on: April 28, 2009, 11:51:57 PM »
Hi Paddy

Here is an updated log.  I was also able to download Java, but still cannot run ESET.  Thanks.

Malwarebytes' Anti-Malware 1.36
Database version: 2051
Windows 5.1.2600 Service Pack 2

28/04/2009 5:24:46 AM
mbam-log-2009-04-28 (05-24-45).txt

Scan type: Full Scan (A:\|C:\|D:\|)
Objects scanned: 257406
Time elapsed: 2 hour(s), 20 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Logged
Pages: [1] 2   Go Up
« previous next »