how-to block ads
|
Siko
Premium
join:2006-11-27
Mechanicsburg, PA
clubs:
 ·Dish Network
 ·Verizon Online DSL
| reply to Siko
Re: Always get redirected after clicking link in google
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-20 15:41 737,280 ----a-w C:\Windows\iun6002.exe
2008-04-20 10:46 --------- d-----w C:\Users\Murlin Wei\AppData\Roaming\uTorrent
2008-04-19 18:51 --------- d---a-w C:\ProgramData\TEMP
2008-04-19 15:17 --------- d-----w C:\ProgramData\Xfire
2008-04-18 22:22 --------- d-----w C:\Users\Murlin Wei\AppData\Roaming\Xfire
2008-04-18 21:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-18 20:42 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-04-16 22:35 --------- d-----w C:\Program Files\Java
2008-04-15 00:18 --------- d-----w C:\Program Files\SwiftSwitch
2008-04-13 22:33 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-13 18:44 --------- d-----w C:\Program Files\SpywareBlaster
2008-04-08 21:22 --------- d-----w C:\Program Files\Windows Mail
2008-04-08 19:32 --------- d-----w C:\Program Files\Xfire
2008-04-07 22:27 179,034,213 ----a-w C:\Windows\DUMP449a.tmp
2008-04-06 17:17 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-04-05 23:33 --------- d-----w C:\ProgramData\Grisoft
2008-04-05 12:59 319,984 ----a-w C:\Windows\DIFxAPI.dll
2008-04-04 22:16 --------- d-----w C:\ProgramData\eMule
2008-03-30 22:54 --------- d-----w C:\Program Files\IEPro
2008-03-29 20:21 --------- d-----w C:\Program Files\WinPcap
2008-03-29 17:25 --------- d-----w C:\Users\Murlin Wei\AppData\Roaming\Winamp
2008-03-23 19:04 1,392,304 ----a-w C:\Windows\System32\AutoPartNt.exe
2008-03-23 19:01 114,048 ----a-w C:\Windows\system32\drivers\snapman.sys
2008-03-23 19:01 --------- d-----w C:\Program Files\Common Files\Acronis
2008-03-23 19:01 --------- d-----w C:\Program Files\Acronis
2008-03-22 18:20 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-22 16:54 --------- d-----w C:\Program Files\FS Real Time
2008-03-21 20:33 12,632 ----a-w C:\Windows\System32\lsdelete.exe
2008-03-20 01:20 174 --sha-w C:\Program Files\desktop.ini
2008-03-20 01:15 --------- d-----w C:\Program Files\Windows Sidebar
2008-03-20 01:15 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-03-20 01:15 --------- d-----w C:\Program Files\Windows Defender
2008-03-20 01:15 --------- d-----w C:\Program Files\Windows Calendar
2008-03-20 01:05 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-03-20 01:05 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-03-20 00:17 --------- d-----w C:\Program Files\Microsoft Games
2008-03-19 00:26 155,648 ----a-w C:\Windows\System32\libssl32.dll
2008-03-18 22:32 286,720 ----a-w C:\Windows\iun506.exe
2008-03-17 19:34 --------- d-----w C:\Users\Murlin Wei\AppData\Roaming\eMule
2008-03-16 18:03 --------- d-----w C:\ProgramData\Ubisoft
2008-03-16 18:03 --------- d-----w C:\Program Files\Microsoft Speech SDK 5.1
2008-03-16 18:03 --------- d-----w C:\Program Files\IL2 Sturmovik
2008-03-16 18:03 --------- d-----w C:\Program Files\IL-2 Sturmovik Forgotten Battles
2008-03-15 11:21 176,937 ----a-w C:\Windows\Sky Environment Ultra FS9 Uninstaller.exe
2008-03-13 20:36 --------- d-----w C:\Program Files\Bevelstone Production
2008-03-13 19:11 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2008-03-13 19:09 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-03-13 00:41 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-03-12 20:48 --------- d-----w C:\Program Files\DocPad
2008-03-12 20:48 --------- d-----w C:\Program Files\Common Files\System-G
2008-03-09 22:11 --------- d-----w C:\Program Files\Trend Micro
2008-03-06 21:25 --------- d-----w C:\Users\Murlin Wei\AppData\Roaming\NPLUTO Corporation
2008-03-05 21:03 479,752 ----a-w C:\Windows\System32\XAudio2_0.dll
2008-03-05 21:03 238,088 ----a-w C:\Windows\System32\xactengine3_0.dll
2008-03-05 21:00 25,608 ----a-w C:\Windows\System32\X3DAudio1_3.dll
2008-03-05 20:56 3,786,760 ----a-w C:\Windows\System32\D3DX9_37.dll
2008-03-05 20:56 1,420,824 ----a-w C:\Windows\System32\D3DCompiler_37.dll
2008-03-02 19:32 --------- d-----w C:\ProgramData\SwiftSwitch
2008-03-02 16:09 --------- d-----w C:\Users\Murlin Wei\AppData\Roaming\Ventrilo
2008-03-02 12:12 --------- d-----w C:\Program Files\FSFlyingSchool
2008-03-02 02:32 --------- d-----w C:\Users\Murlin Wei\AppData\Roaming\HiFi
2008-03-01 19:37 --------- d-----w C:\Program Files\FOC 2003
2008-02-29 20:20 --------- d-----w C:\Program Files\Runtime Software
2008-02-29 07:14 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-02-29 07:11 988,216 ----a-w C:\Windows\System32\winload.exe
2008-02-29 07:11 927,288 ----a-w C:\Windows\System32\winresume.exe
2008-02-29 06:53 46,592 ----a-w C:\Windows\System32\setbcdlocale.dll
2008-02-29 06:53 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-02-29 06:53 378,368 ----a-w C:\Windows\System32\srcore.dll
2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-29 04:12 318,464 ----a-w C:\Windows\System32\rstrui.exe
2008-02-29 04:12 14,848 ----a-w C:\Windows\System32\srdelayed.exe
2008-02-29 00:23 --------- d-----w C:\Program Files\Recuva
2008-02-28 23:43 1,910 ----a-w C:\Windows\System32\tmp.reg
2008-02-28 21:55 --------- d-----w C:\Users\Murlin Wei\AppData\Roaming\SUPERAntiSpyware.com
2008-02-28 21:55 --------- d-----w C:\ProgramData\SUPERAntiSpyware.com
2008-02-28 15:45 230,152 ----a-w C:\Windows\System32\PDBoot.exe
2008-02-27 00:10 --------- d-----w C:\Program Files\RegSeeker
2008-02-26 23:34 --------- d-----w C:\Program Files\Shockwave 3D Lights Redux for FS9
2008-02-24 12:35 --------- d-----w C:\Program Files\DivX
2008-02-22 05:05 615,992 ----a-w C:\Windows\System32\ci.dll
2008-02-22 04:57 295,936 ----a-w C:\Windows\System32\gdi32.dll
2008-02-21 02:45 --------- d-----w C:\Program Files\SquawkBox3
2008-02-21 02:05 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-02-21 02:05 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-02-19 01:58 316,768 ----a-w C:\Windows\System32\sayax.dll
2008-02-17 18:10 202,149 ----a-w C:\Windows\Water Details FS 2004 Uninstaller.exe
2008-02-11 15:55 147,456 ----a-w C:\Windows\System32\igfxCoIn_v1437.dll
2008-02-11 15:34 29,932 ----a-w C:\Windows\System32\igmedcompkrn.bin
2008-02-11 15:34 2,215,364 ----a-w C:\Windows\System32\igklg400.bin
2008-02-11 15:34 1,971,732 ----a-w C:\Windows\System32\igklg450.bin
2008-02-10 17:11 543 ----a-w C:\Program Files\INSTALL.LOG
2008-02-06 04:07 462,864 ----a-w C:\Windows\System32\d3dx10_37.dll
2008-01-29 16:02 107,368 ----a-w C:\Windows\System32\GEARAspi.dll
1998-09-25 18:16 270,848 ----a-w C:\Program Files\UNWISE.EXE
2008-01-18 00:12 90 --sh--w C:\Windows\cnerolf.dat
.
((((((((((((((((((((((((((((( snapshot@2008-04-06_19.39.55.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-13 19:32:08 98,678 ----a-w C:\Windows\.jagex_cache_32\loginapplet\cache-1965029828.dat
+ 2006-11-02 07:11:38 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
+ 2008-04-18 22:53:25 472,064 ----a-w C:\Windows\BirdsEyeView\uninstall.exe
+ 2008-01-05 11:23:07 2,048 ----a-w C:\Windows\Boot\DVD\PCAT\etfsboot.com
- 2008-04-06 23:37:39 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-04-20 18:42:37 67,584 --s-a-w C:\Windows\bootstat.dat
- 2007-05-08 22:01:12 208,896 ----a-w C:\Windows\CMDLIC.DLL
+ 2007-05-08 21:01:12 208,896 ----a-w C:\Windows\CMDLIC.DLL
- 2008-01-14 20:40:30 925,696 ----a-w C:\Windows\Downloaded Program Files\ijjistarter2.exe
+ 2008-04-16 01:03:16 925,696 ----a-w C:\Windows\Downloaded Program Files\ijjistarter2.exe
- 2008-03-20 01:13:36 665,600 ----a-w C:\Windows\inf\drvindex.dat
+ 2008-04-08 21:22:53 665,600 ----a-w C:\Windows\inf\drvindex.dat
- 2008-04-05 23:54:01 51,200 ----a-w C:\Windows\inf\infpub.dat
+ 2008-04-08 21:22:56 51,200 ----a-w C:\Windows\inf\infpub.dat
- 2008-04-05 23:54:01 86,016 ----a-w C:\Windows\inf\infstor.dat
+ 2008-04-08 21:22:56 86,016 ----a-w C:\Windows\inf\infstor.dat
- 2008-04-05 23:54:01 86,016 ----a-w C:\Windows\inf\infstrng.dat
+ 2008-04-08 21:22:53 86,016 ----a-w C:\Windows\inf\infstrng.dat
+ 2008-04-09 20:09:11 2,816 ----a-r C:\Windows\Installer\{1B588991-22A6-408B-88C2-1DC9769C59A3}\controlPanelIcon.exe
- 2008-03-08 01:41:14 7,406 ----a-r C:\Windows\Installer\{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613}\ARPPRODUCTICON.exe
+ 2008-04-15 00:22:32 7,406 ----a-r C:\Windows\Installer\{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613}\ARPPRODUCTICON.exe
- 2008-03-08 01:41:14 7,406 ----a-r C:\Windows\Installer\{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613}\DesktopStartPD9_2B6EC03E6FA04D7C9CCE1B03819AB613.exe
+ 2008-04-15 00:22:32 7,406 ----a-r C:\Windows\Installer\{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613}\DesktopStartPD9_2B6EC03E6FA04D7C9CCE1B03819AB613.exe
- 2008-03-08 01:41:14 7,406 ----a-r C:\Windows\Installer\{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613}\MenuStartPD9_2B6EC03E6FA04D7C9CCE1B03819AB613.exe
+ 2008-04-15 00:22:32 7,406 ----a-r C:\Windows\Installer\{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613}\MenuStartPD9_2B6EC03E6FA04D7C9CCE1B03819AB613.exe
- 2008-03-20 19:17:17 12,288 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-04-08 21:02:15 12,288 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-03-20 19:17:17 135,168 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-04-08 21:02:15 135,168 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-03-20 19:17:17 11,264 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-04-08 21:02:15 11,264 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-03-20 19:17:17 27,136 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-04-08 21:02:15 27,136 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-03-20 19:17:17 4,096 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-04-08 21:02:15 4,096 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-03-20 19:17:17 794,624 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-04-08 21:02:15 794,624 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-03-20 19:17:17 249,856 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-04-08 21:02:15 249,856 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-03-20 19:17:17 23,040 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-04-08 21:02:16 23,040 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-03-20 19:17:17 286,720 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-04-08 21:02:15 286,720 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-03-20 19:17:17 409,600 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-04-08 21:02:15 409,600 ----a-r C:\Windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-04-09 19:16:08 2,816 ----a-r C:\Windows\Installer\{98297A57-368B-4FC3-A236-5BDEBB0C3702}\controlPanelIcon.exe
+ 2008-03-16 18:03:51 2,238 ----a-r C:\Windows\Installer\{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}\coffee.exe
+ 2008-03-16 18:03:51 2,238 ----a-r C:\Windows\Installer\{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}\dictpad.exe
+ 2008-03-16 18:03:51 2,238 ----a-r C:\Windows\Installer\{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}\simpledict.exe
+ 2008-03-16 18:03:51 2,238 ----a-r C:\Windows\Installer\{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}\simpletelephony.exe
+ 2008-03-16 18:03:51 2,238 ----a-r C:\Windows\Installer\{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}\talkback.exe
- 2008-03-22 18:20:25 295,606 ----a-r C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A81200000003}\SC_Reader.exe
+ 2008-04-13 01:32:56 295,606 ----a-r C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A81200000003}\SC_Reader.exe
+ 2008-04-09 19:14:53 2,816 ----a-r C:\Windows\Installer\{EEDEB067-83FC-42AE-9BD5-62116F63D9F1}\controlPanelIcon.exe
+ 2008-01-19 07:31:57 2,560 ----a-w C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2006-11-02 12:36:02 2,560 ----a-w C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
+ 2006-11-02 08:12:29 2,048 ----a-w C:\Windows\MSAgent\AgtUI.dll
- 2008-03-01 23:55:07 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-04-16 22:35:17 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-03-01 23:55:07 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-04-16 22:35:17 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-04-06 23:17:13 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat
+ 2008-04-20 17:55:29 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat
- 2008-03-01 23:55:07 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-04-16 22:35:17 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-04-06 23:37:49 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-04-20 18:42:55 151,552 ----a-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2008-04-06 23:33:53 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat
+ 2008-04-20 18:38:38 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat
- 2008-04-06 23:37:49 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-04-20 18:42:55 151,552 ----a-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 1999-01-12 14:55:34 71,680 ----a-w C:\Windows\ST5UNST.EXE
+ 2006-11-02 07:10:15 2,000 ----a-w C:\Windows\system\keyboard.drv
+ 2006-11-02 07:10:18 2,032 ----a-w C:\Windows\system\mouse.drv
+ 2006-11-02 07:10:16 1,744 ----a-w C:\Windows\system\sound.drv
+ 2006-11-02 07:10:17 2,176 ----a-w C:\Windows\system\vga.drv
+ 2006-11-02 07:11:39 2,048 ----a-w C:\Windows\System32\acprgwiz.dll
+ 2006-11-02 12:35:57 2,048 ----a-w C:\Windows\System32\asferror.dll
- 2008-01-19 07:44:08 986,680 ----a-w C:\Windows\System32\Boot\winload.exe
+ 2008-02-29 07:11:54 988,216 ----a-w C:\Windows\System32\Boot\winload.exe
- 2008-01-19 07:44:06 926,776 ----a-w C:\Windows\System32\Boot\winresume.exe
+ 2008-02-29 07:11:56 927,288 ----a-w C:\Windows\System32\Boot\winresume.exe
+ 2008-01-19 05:27:25 2,560 ----a-w C:\Windows\System32\bootstr.dll
+ 2006-11-02 07:38:48 2,048 ----a-w C:\Windows\System32\bridgeres.dll
- 2008-04-05 18:57:03 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-04-16 21:58:10 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-04-05 18:57:03 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-04-16 21:58:10 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-04-05 18:57:03 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-04-16 21:58:10 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-04-06 23:34:10 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-04-20 18:39:11 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-01-19 05:49:54 2,048 ----a-w C:\Windows\System32\dmdskres2.dll
- 2008-01-10 03:00:04 68,624 ----a-r C:\Windows\System32\drivers\DefragFS.sys
+ 2008-01-10 02:00:04 68,624 ----a-r C:\Windows\System32\drivers\DefragFS.sys
+ 2006-11-02 08:27:54 2,048 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnca001.inf_92fbd03f\I386\CNBPGR02.DLL
+ 2006-11-02 09:41:10 2,560 ----a-w C:\Windows\System32\DriverStore\FileRepository\prndc001.inf_79bb12be\I386\DICONRES.DLL
+ 2006-09-18 21:40:29 1,960 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE11.DAT
+ 2006-09-18 21:40:29 1,778 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE12.DAT
+ 2006-09-18 21:40:29 1,960 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE16.DAT
+ 2006-09-18 21:40:29 1,992 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE2J.DAT
+ 2006-09-18 21:40:29 1,948 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE2K.DAT
+ 2006-09-18 21:40:29 2,128 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE2M.DAT
+ 2006-09-18 21:40:29 2,398 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3N.DAT
+ 2006-09-18 21:40:29 1,976 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3O.DAT
+ 2006-09-18 21:40:29 1,764 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3P.DAT
+ 2006-09-18 21:40:29 2,398 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3Q.DAT
+ 2006-09-18 21:40:29 2,618 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3T.DAT
+ 2006-09-18 21:40:29 2,188 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE3V.DAT
+ 2006-09-18 21:40:29 2,984 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE4A.DAT
+ 2006-09-18 21:40:29 2,632 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE4D.DAT
+ 2006-09-18 21:40:30 2,496 ----a-w C:\Windows\System32\DriverStore\FileRepository\prnep001.inf_f0a9a372\I386\EPNDDE4S.DAT
- 2008-04-02 01:30:13 1,622,616 ----a-w C:\Windows\System32\FNTCACHE.DAT
+ 2008-04-08 21:24:47 1,622,616 ----a-w C:\Windows\System32\FNTCACHE.DAT
- 2007-11-21 18:47:42 81,920 ----a-w C:\Windows\System32\frapsvid.dll
+ 2008-01-14 12:15:42 81,920 ----a-w C:\Windows\System32\frapsvid.dll
+ 1996-04-03 19:33:26 5,248 ----a-w C:\Windows\System32\giveio.sys
+ 2006-11-02 09:39:39 2,048 ----a-w C:\Windows\System32\iologmsg.dll
- 2008-02-22 05:23:35 135,168 ----a-w C:\Windows\System32\java.exe
+ 2008-03-25 05:28:39 135,168 ----a-w C:\Windows\System32\java.exe
- 2008-02-22 05:23:39 135,168 ----a-w C:\Windows\System32\javaw.exe
+ 2008-03-25 05:28:43 135,168 ----a-w C:\Windows\System32\javaw.exe
- 2008-02-22 06:33:32 139,264 ----a-w C:\Windows\System32\javaws.exe
+ 2008-03-25 06:37:01 139,264 ----a-w C:\Windows\System32\javaws.exe
- 2008-01-19 07:34:35 28,160 ----a-w C:\Windows\System32\jsproxy.dll
+ 2008-02-22 04:58:23 28,160 ----a-w C:\Windows\System32\jsproxy.dll
+ 2006-11-02 07:10:15 2,000 ----a-w C:\Windows\System32\keyboard.drv
+ 2006-11-02 07:38:59 2,048 ----a-w C:\Windows\System32\lltdres.dll
+ 2006-11-02 12:35:51 2,048 ----a-w C:\Windows\System32\mferror.dll
- 2008-01-19 07:36:55 64,512 ----a-w C:\Windows\System32\migration\WininetPlugin.dll
+ 2008-02-22 05:01:41 64,512 ----a-w C:\Windows\System32\migration\WininetPlugin.dll
+ 2006-11-02 07:10:18 2,032 ----a-w C:\Windows\System32\mouse.drv
- 2008-03-05 16:30:54 19,148,408 ----a-w C:\Windows\System32\mrt.exe
+ 2008-04-06 05:56:20 19,836,024 ----a-w C:\Windows\System32\mrt.exe
- 2008-01-19 07:34:59 3,578,368 ----a-w C:\Windows\System32\mshtml.dll
+ 2008-02-22 04:59:30 3,578,368 ----a-w C:\Windows\System32\mshtml.dll
+ 2006-11-02 07:15:56 2,560 ----a-w C:\Windows\System32\msimsg.dll
+ 2006-11-02 07:18:28 2,048 ----a-w C:\Windows\System32\msprivs.dll
- 2008-01-19 07:35:13 671,232 ----a-w C:\Windows\System32\mstime.dll
+ 2008-02-22 04:59:51 671,232 ----a-w C:\Windows\System32\mstime.dll
+ 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\System32\msxml3r.dll
+ 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\System32\msxml6r.dll
+ 2006-11-02 09:41:16 2,048 ----a-w C:\Windows\System32\neth.dll
+ 2006-11-02 09:41:17 2,048 ----a-w C:\Windows\System32\netmsg.dll
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\System32\networklist\icons\StockIcons\bench_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\System32\networklist\icons\StockIcons\house_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\System32\networklist\icons\StockIcons\office_24.bin
+ 2006-11-02 08:33:06 2,560 ----a-w C:\Windows\System32\normaliz.dll
+ 2006-11-02 07:08:53 2,048 ----a-w C:\Windows\System32\oleaccrc.dll
- 2008-04-06 18:06:50 108,178 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-04-19 18:47:06 108,178 ----a-w C:\Windows\System32\perfc009.dat
- 2008-04-06 18:06:50 629,252 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-04-19 18:47:06 629,252 ----a-w C:\Windows\System32\perfh009.dat
+ 2006-11-02 07:10:00 2,842 ----a-w C:\Windows\System32\redir.exe
+ 2006-11-02 09:43:00 2,560 ----a-w C:\Windows\System32\rnr20.dll
+ 2006-11-02 12:34:48 2,048 ----a-w C:\Windows\System32\SampleRes.dll
- 2002-11-21 00:09:00 24,576 ----a-w C:\Windows\System32\SmartSubClass.dll
+ 2002-11-20 22:09:00 24,576 ----a-w C:\Windows\System32\SmartSubClass.dll
- 2008-04-04 19:42:55 6,553,600 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2008-04-17 01:03:47 6,553,600 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2006-11-02 07:10:16 1,744 ----a-w C:\Windows\System32\sound.drv
+ 2005-06-15 14:55:53 4,096 ----a-w C:\Windows\System32\speedfan.sys
+ 2006-11-02 06:58:59 2,048 ----a-w C:\Windows\System32\tzres.dll
- 2008-01-19 07:36:46 1,165,824 ----a-w C:\Windows\System32\urlmon.dll
+ 2008-02-22 05:01:33 1,166,336 ----a-w C:\Windows\System32\urlmon.dll
+ 1999-01-12 14:55:36 29,696 ----a-w C:\Windows\System32\VB5StKit.dll
+ 2006-11-02 07:10:17 2,176 ----a-w C:\Windows\System32\vga.drv
+ 1999-12-07 10:00:00 162,064 ----a-w C:\Windows\System32\vtext.dll
+ 2006-11-02 07:15:27 2,048 ----a-w C:\Windows\System32\wbem\WmiApRes.dll
- 2008-04-06 18:04:09 8,110 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2738104663-2755392700-2221383480-1000_UserData.bin
+ 2008-04-08 19:34:09 8,516 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2738104663-2755392700-2221383480-1000_UserData.bin
- 2008-04-06 18:04:08 59,130 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-04-08 19:34:08 59,504 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-04-06 18:04:06 28,992 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-04-12 23:11:21 31,128 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 07:10:22 2,864 ----a-w C:\Windows\System32\WINSOCK.DLL
+ 2006-11-02 07:10:18 2,112 ----a-w C:\Windows\System32\WINSPOOL.EXE
+ 2006-11-02 12:35:54 2,048 ----a-w C:\Windows\System32\wmerror.dll
+ 2006-11-02 07:10:27 2,864 ----a-w C:\Windows\System32\WOWDEB.EXE
+ 2008-01-19 05:39:36 1,536 ----a-w C:\Windows\System32\WsmCl.dll
+ 1999-12-07 10:00:00 193,808 ----a-w C:\Windows\System32\xlisten.dll
+ 1999-12-07 10:00:00 184,080 ----a-w C:\Windows\System32\xvoice.dll
- 2007-11-26 15:38:46 238,848 ----a-w C:\Windows\UNBOC.EXE
+ 2007-11-26 14:38:46 238,848 ----a-w C:\Windows\UNBOC.EXE
- 2008-04-04 19:24:04 106,963,463 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2008-04-16 21:57:54 118,101,081 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2006-11-02 07:11:38 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16386_none_09eb762df5615af9\AcRes.dll
+ 2008-02-12 23:38:30 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16633_none_0a1e8a9df53b7ab4\AcRes.dll
+ 2008-02-12 23:38:30 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.20762_none_0a86b75b0e7254fa\AcRes.dll
+ 2006-11-02 07:11:38 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6001.18000_none_0c223829f24c6bcd\AcRes.dll
+ 2006-11-02 07:11:39 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6000.16386_none_92936507ab8702dd\acprgwiz.dll
+ 2006-11-02 07:11:39 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6001.18000_none_94ca2703a87213b1\acprgwiz.dll
+ 2008-02-21 04:43:34 124,928 ----a-w C:\Windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16643_none_a9bce801f5c7b8c8\advpack.dll
+ 2008-02-22 04:48:31 124,928 ----a-w C:\Windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20777_none_aa2a16310efa11c1\advpack.dll
+ 2006-11-02 08:12:29 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-agent0409_31bf3856ad364e35_6.0.6000.16386_none_cba6dc9d9ccc4898\AgtUI.dll
+ 2006-11-02 06:56:11 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..environment-strings_31bf3856ad364e35_6.0.6000.16386_none_f64b4db1100349a8\bootstr.dll
+ 2008-01-19 05:27:25 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..environment-strings_31bf3856ad364e35_6.0.6001.18000_none_f8820fad0cee5a7c\bootstr.dll
+ 2008-02-29 06:53:29 46,592 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..environment-windows_31bf3856ad364e35_6.0.6001.18027_none_6929f9588cd4875c\setbcdlocale.dll
+ 2008-02-29 07:11:54 988,216 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..environment-windows_31bf3856ad364e35_6.0.6001.18027_none_6929f9588cd4875c\winload.exe
+ 2008-02-29 07:11:56 927,288 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..environment-windows_31bf3856ad364e35_6.0.6001.18027_none_6929f9588cd4875c\winresume.exe
+ 2008-02-29 06:37:41 46,592 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..environment-windows_31bf3856ad364e35_6.0.6001.22125_none_69b1958fa5f3f478\setbcdlocale.dll
+ 2008-02-29 07:02:42 988,216 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..environment-windows_31bf3856ad364e35_6.0.6001.22125_none_69b1958fa5f3f478\winload.exe
+ 2008-02-29 07:02:41 927,288 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..environment-windows_31bf3856ad364e35_6.0.6001.22125_none_69b1958fa5f3f478\winresume.exe
+ 2008-01-05 11:23:07 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..onment-dvd-etfsboot_31bf3856ad364e35_6.0.6001.18000_none_827be8b16a696de9\etfsboot.com
+ 2008-02-29 06:51:24 19,000 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..uggertransport-1394_31bf3856ad364e35_6.0.6000.16646_none_61bfda98f6d6f5d5\kd1394.dll
+ 2008-02-29 06:54:17 19,000 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..uggertransport-1394_31bf3856ad364e35_6.0.6000.20782_none_621a368c1018a007\kd1394.dll
+ 2008-02-29 07:14:21 19,000 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..uggertransport-1394_31bf3856ad364e35_6.0.6001.18027_none_63bcb960f3ec683b\kd1394.dll
+ 2008-02-29 06:57:07 19,000 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..uggertransport-1394_31bf3856ad364e35_6.0.6001.22125_none_644455980d0bd557\kd1394.dll
+ 2008-02-14 23:19:24 944,184 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725\winload.exe
+ 2008-02-12 23:40:30 905,400 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725\winresume.exe
+ 2008-02-14 23:13:10 944,696 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157\winload.exe
+ 2008-02-12 23:40:30 905,400 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157\winresume.exe
+ 2008-02-29 07:11:54 988,216 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b\winload.exe
+ 2008-02-29 07:11:56 927,288 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b\winresume.exe
+ 2008-02-29 07:02:42 988,216 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7\winload.exe
+ 2008-02-29 07:02:41 927,288 ----a-w C:\Windows\winsxs\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7\winresume.exe
+ 2006-11-02 09:41:17 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-basic-misc-tools_31bf3856ad364e35_6.0.6000.16386_none_1525f574c2807ea3\netmsg.dll
+ 2006-11-02 09:41:17 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-basic-misc-tools_31bf3856ad364e35_6.0.6001.18000_none_175cb770bf6b8f77\netmsg.dll
+ 2008-02-19 05:10:22 620,088 ----a-w C:\Windows\winsxs\x86_microsoft-windows-codeintegrity_31bf3856ad364e35_6.0.6000.16642_none_9e68737c07b7f5c7\ci.dll
+ 2008-02-19 04:54:56 620,088 ----a-w C:\Windows\winsxs\x86_microsoft-windows-codeintegrity_31bf3856ad364e35_6.0.6000.20775_none_9ed4a16120eb3569\ci.dll
+ 2008-02-22 05:05:52 615,992 ----a-w C:\Windows\winsxs\x86_microsoft-windows-codeintegrity_31bf3856ad364e35_6.0.6001.18023_none_a065524404cd682d\ci.dll
+ 2008-02-22 04:57:25 615,992 ----a-w C:\Windows\winsxs\x86_microsoft-windows-codeintegrity_31bf3856ad364e35_6.0.6001.22120_none_a0ebee311dedbbf2\ci.dll
+ 2006-11-02 12:36:25 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-dfsr-core-clientonly_31bf3856ad364e35_6.0.6000.16386_none_b442caae9d1904a7\dfsrres.dll
+ 2006-11-02 12:36:25 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-dfsr-core-clientonly_31bf3856ad364e35_6.0.6001.18000_none_b6798caa9a04157b\dfsrres.dll
+ 2008-01-19 05:49:54 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-diskmanagement_31bf3856ad364e35_6.0.6001.18000_none_0197b5b76fbd3f60\dmdskres2.dll
+ 2008-02-21 04:43:35 296,448 ----a-w C:\Windows\winsxs\x86_microsoft-windows-gdi32_31bf3856ad364e35_6.0.6000.16643_none_57702c844c48b643\gdi32.dll
+ 2008-02-22 04:49:18 296,448 ----a-w C:\Windows\winsxs\x86_microsoft-windows-gdi32_31bf3856ad364e35_6.0.6000.20777_none_57dd5ab3657b0f3c\gdi32.dll
+ 2008-02-22 04:57:23 295,936 ----a-w C:\Windows\winsxs\x86_microsoft-windows-gdi32_31bf3856ad364e35_6.0.6001.18023_none_596c0b02495f0f52\gdi32.dll
+ 2008-02-22 04:48:18 295,936 ----a-w C:\Windows\winsxs\x86_microsoft-windows-gdi32_31bf3856ad364e35_6.0.6001.22120_none_59f2a6ef627f6317\gdi32.dll
+ 2008-02-21 04:43:38 44,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16643_none_ebb7f1b116609ec7\pngfilt.dll
+ 2008-02-22 04:51:42 44,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20777_none_ec251fe02f92f7c0\pngfilt.dll
+ 2008-02-21 04:43:41 1,159,680 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16643_none_b2d49a63d9c1162b\urlmon.dll
+ 2008-02-22 04:52:08 1,162,752 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.20777_none_b341c892f2f36f24\urlmon.dll
+ 2008-02-22 05:01:33 1,166,336 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.18023_none_b4d078e1d6d76f3a\urlmon.dll
+ 2008-02-22 04:52:15 1,166,336 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.22120_none_b55714ceeff7c2ff\urlmon.dll
+ 2008-02-29 06:34:50 7,168 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..humb-shift_keyboard_31bf3856ad364e35_6.0.6000.16646_none_ebb5eec692f230bc\f3ahvoas.dll
+ 2008-02-29 06:30:51 7,168 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..humb-shift_keyboard_31bf3856ad364e35_6.0.6000.20782_none_ec104ab9ac33daee\f3ahvoas.dll
+ 2008-02-21 04:43:37 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.16643_none_deb7292c7f69d59a\mstime.dll
+ 2008-02-22 04:50:37 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.20777_none_df24575b989c2e93\mstime.dll
+ 2008-02-22 04:59:51 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.18023_none_e0b307aa7c802ea9\mstime.dll
+ 2008-02-22 04:50:26 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.22120_none_e139a39795a0826e\mstime.dll
+ 2008-02-29 06:35:17 6,656 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rd-japanese_106_key_31bf3856ad364e35_6.0.6000.16646_none_dafbedd9168fe683\kbd106n.dll
+ 2008-02-29 06:31:23 6,656 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rd-japanese_106_key_31bf3856ad364e35_6.0.6000.20782_none_db5649cc2fd190b5\kbd106n.dll
+ 2006-11-02 06:58:59 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16386_none_1310947a0ca7000f\tzres.dll
+ 2008-01-11 21:27:36 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16589_none_131399240ca44662\tzres.dll
+ 2008-01-11 21:27:36 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.20712_none_13e1e543258f6e5b\tzres.dll
+ 2006-11-02 06:58:59 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18000_none_15475676099210e3\tzres.dll
+ 2008-02-21 04:43:36 27,648 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\jsproxy.dll
+ 2008-02-21 04:43:42 826,368 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
+ 2008-02-21 04:43:42 64,512 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\WininetPlugin.dll
+ 2008-02-22 04:49:41 27,648 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\jsproxy.dll
+ 2008-02-22 04:52:15 827,392 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
+ 2008-02-22 04:52:15 64,512 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\WininetPlugin.dll
+ 2008-02-22 04:58:23 28,160 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\jsproxy.dll
+ 2008-02-22 05:01:41 826,880 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
+ 2008-02-22 05:01:41 64,512 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\WininetPlugin.dll
+ 2008-02-22 04:49:22 28,160 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\jsproxy.dll
+ 2008-02-22 04:52:21 826,880 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
+ 2008-02-22 04:52:21 64,512 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\WininetPlugin.dll
+ 2008-02-12 23:36:10 2,455,488 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16643_none_f98398df6eb5b711\ieapfltr.dat
+ 2008-02-21 04:43:35 383,488 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16643_none_f98398df6eb5b711\ieapfltr.dll
+ 2008-02-12 23:36:10 2,455,488 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20777_none_f9f0c70e87e8100a\ieapfltr.dat
+ 2008-02-22 04:49:22 383,488 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20777_none_f9f0c70e87e8100a\ieapfltr.dll
+ 2008-02-21 04:43:35 347,136 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16643_none_95b7d197849b3d3f\dxtmsft.dll
+ 2008-02-21 04:43:35 214,528 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16643_none_95b7d197849b3d3f\dxtrans.dll
+ 2008-02-22 04:49:00 347,136 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.20777_none_9624ffc69dcd9638\dxtmsft.dll
+ 2008-02-22 04:49:00 214,528 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.20777_none_9624ffc69dcd9638\dxtrans.dll
+ 2008-02-21 04:43:36 478,208 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16643_none_461a6bef465befcc\mshtmled.dll
+ 2008-02-22 04:50:17 478,208 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.20777_none_46879a1e5f8e48c5\mshtmled.dll
+ 2008-02-21 04:43:36 3,591,680 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16643_none_113495242520a5f4\mshtml.dll
+ 2008-02-22 04:50:17 3,593,728 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20777_none_11a1c3533e52feed\mshtml.dll
+ 2008-02-22 04:59:30 3,578,368 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18023_none_133073a22236ff03\mshtml.dll
+ 2008-02-22 04:50:05 3,578,368 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22120_none_13b70f8f3b5752c8\mshtml.dll
+ 2008-02-21 04:43:35 63,488 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.16643_none_588d01ee673531fd\icardie.dll
+ 2008-02-22 04:49:21 63,488 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.20777_none_58fa301d80678af6\icardie.dll
+ 2008-02-21 04:43:03 26,624 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_2d5382911cf5aba1\ieUnatt.exe
+ 2008-02-21 04:43:03 625,664 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_2d5382911cf5aba1\iexplore.exe
+ 2008-02-22 02:43:50 26,624 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_2dc0b0c03628049a\ieUnatt.exe
+ 2008-02-22 02:44:11 625,664 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_2dc0b0c03628049a\iexplore.exe
+ 2008-02-21 04:43:03 70,656 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16643_none_c3c237ac61707446\ie4uinit.exe
+ 2008-02-21 04:43:36 44,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16643_none_c3c237ac61707446\iernonce.dll
+ 2008-02-21 04:43:36 56,320 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16643_none_c3c237ac61707446\iesetup.dll
+ 2008-02-22 02:43:42 70,656 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20777_none_c42f65db7aa2cd3f\ie4uinit.exe
+ 2008-02-22 04:49:24 44,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20777_none_c42f65db7aa2cd3f\iernonce.dll
+ 2008-02-22 04:49:24 56,320 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20777_none_c42f65db7aa2cd3f\iesetup.dll
+ 2008-02-21 04:43:35 52,736 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16643_none_29e74e1c682049a3\iebrshim.dll
+ 2008-02-22 04:49:22 52,736 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20777_none_2a547c4b8152a29c\iebrshim.dll
+ 2008-02-21 04:43:35 6,066,176 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16643_none_6293ef27b1163421\ieframe.dll
+ 2008-02-21 04:43:36 180,736 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16643_none_6293ef27b1163421\ieui.dll
+ 2008-02-22 04:49:24 6,067,712 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20777_none_63011d56ca488d1a\ieframe.dll
+ 2008-02-22 04:49:24 180,736 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20777_none_63011d56ca488d1a\ieui.dll
+ 2008-02-21 04:43:03 263,168 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16643_none_e68d5ba694998859\ieinstal.exe
+ 2008-02-22 02:44:02 263,168 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.20777_none_e6fa89d5adcbe152\ieinstal.exe
+ 2008-02-21 04:43:03 301,568 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16643_none_0b3590c2d714480b\ieuser.exe
+ 2008-02-22 02:44:03 301,568 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.20777_none_0ba2bef1f046a104\ieuser.exe
+ 2006-11-02 12:36:24 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-legacysnapin_31bf3856ad364e35_6.0.6000.16386_none_7eea120bb51aecf6\iismui.dll
+ 2006-11-02 12:36:24 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-legacysnapin_31bf3856ad364e35_6.0.6001.18000_none_8120d407b205fdca\iismui.dll
+ 2006-11-02 07:15:56 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.0.6000.16386_none_0143bc2fb699ae2d\msimsg.dll
+ 2006-11-02 07:15:56 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.0.6001.18000_none_037a7e2bb384bf01\msimsg.dll
+ 2006-11-02 08:33:06 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-international-core_31bf3856ad364e35_6.0.6000.16386_none_e773a28cdcd5ef62\normaliz.dll
+ 2006-11-02 08:33:06 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-international-core_31bf3856ad364e35_6.0.6001.18000_none_e9aa6488d9c10036\normaliz.dll
+ 2006-11-02 09:39:39 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iologgingdll_31bf3856ad364e35_6.0.6000.16386_none_b4a74430ff7bd85d\iologmsg.dll
+ 2006-11-02 07:18:28 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-lsa-msprivs_31bf3856ad364e35_6.0.6000.16386_none_09e22f167e7ac9b3\msprivs.dll
+ 2006-11-02 12:35:51 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16386_none_9a286d400fd699af\mferror.dll
+ 2006-11-02 12:35:51 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18000_none_9c5f2f3c0cc1aa83\mferror.dll
+ 2006-11-02 12:35:57 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmasf_31bf3856ad364e35_6.0.6000.16386_none_a57f2ea4437cfc78\asferror.dll
+ 2008-01-12 00:33:31 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmasf_31bf3856ad364e35_6.0.6000.16585_none_a57e3226437ddd6f\asferror.dll
+ 2008-01-12 00:33:31 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmasf_31bf3856ad364e35_6.0.6000.20708_none_a66151155c57e6dd\asferror.dll
+ 2006-11-02 12:35:57 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmasf_31bf3856ad364e35_6.0.6001.18000_none_a7b5f0a040680d4c\asferror.dll
+ 2006-11-02 12:35:54 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmerror_31bf3856ad364e35_6.0.6000.16386_none_351e30f1ba0b5cbe\wmerror.dll
+ 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16386_none_86377e9e99eb1168\msxml3r.dll
+ 2008-01-12 00:35:37 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16500_none_8688000e99af9424\msxml3r.dll
+ 2008-01-12 00:35:37 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.20613_none_8709cdcbb2d29be4\msxml3r.dll
+ 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.18000_none_886e409a96d6223c\msxml3r.dll
+ 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16386_none_86373a4699eb5e4b\msxml6r.dll
+ 2008-01-12 00:32:03 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16472_none_863e0af099e6da25\msxml6r.dll
+ 2008-01-12 00:32:03 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.20582_none_86bcd7cfb30c95e0\msxml6r.dll
+ 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.18000_none_886dfc4296d66f1f\msxml6r.dll
+ 2006-11-02 09:41:16 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-net-command-line-tool_31bf3856ad364e35_6.0.6000.16386_none_4ffb8f84758bff07\neth.dll
+ 2006-11-02 09:41:16 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-net-command-line-tool_31bf3856ad364e35_6.0.6001.18000_none_5232518072770fdb\neth.dll
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6000.16386_none_d34ca8d7111fb859\bench_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6000.16386_none_d34ca8d7111fb859\house_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6000.16386_none_d34ca8d7111fb859\office_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\bench_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\house_24.bin
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\office_24.bin
+ 2006-11-02 07:38:48 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6000.16386_none_05b32edf092a8853\bridgeres.dll
+ 2006-11-02 07:38:48 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6001.18000_none_07e9f0db06159927\bridgeres.dll
+ 2006-11-02 07:38:59 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networktopology_31bf3856ad364e35_6.0.6000.16386_none_cf1f3538fd925a7b\lltdres.dll
+ 2006-11-02 07:38:59 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networktopology_31bf3856ad364e35_6.0.6001.18000_none_d155f734fa7d6b4f\lltdres.dll
+ 2006-11-02 07:10:15 2,000 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\keyboard.drv
+ 2006-11-02 07:10:18 2,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\mouse.drv
+ 2006-11-02 07:10:16 1,744 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\sound.drv
+ 2006-11-02 07:10:17 2,176 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.0.6000.16386_none_1e1753ed2313c813\vga.drv
+ 2006-11-02 07:10:15 2,000 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\keyboard.drv
+ 2006-11-02 07:10:18 2,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\mouse.drv
+ 2006-11-02 07:10:00 2,842 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\redir.exe
+ 2006-11-02 07:10:16 1,744 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\sound.drv
+ 2006-11-02 07:10:17 2,176 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\vga.drv
+ 2006-11-02 07:10:22 2,864 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\WINSOCK.DLL
+ 2006-11-02 07:10:18 2,112 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\WINSPOOL.EXE
+ 2006-11-02 07:10:27 2,864 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\WOWDEB.EXE
+ 2006-11-02 07:10:15 2,000 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\keyboard.drv
+ 2006-11-02 07:10:18 2,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\mouse.drv
+ 2006-11-02 07:10:00 2,842 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\redir.exe
+ 2006-11-02 07:10:16 1,744 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\sound.drv
+ 2006-11-02 07:10:17 2,176 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\vga.drv
+ 2006-11-02 07:10:22 2,864 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WINSOCK.DLL
+ 2006-11-02 07:10:18 2,112 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WINSPOOL.EXE
+ 2006-11-02 07:10:27 2,864 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WOWDEB.EXE
+ 2008-03-17 22:43:16 2,413,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16660_none_f060fbf66e8469dc\OESpamFilter.dat
+ 2008-03-17 22:16:50 2,413,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.20801_none_f12c7a798770787e\OESpamFilter.dat
+ 2008-03-17 22:18:52 2,413,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18040_none_f25cda746b9ac2eb\OESpamFilter.dat
+ 2008-03-17 22:17:41 2,413,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22144_none_f2ea786784b4c811\OESpamFilter.dat
+ 2006-11-02 07:08:53 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oleaccrc_31bf3856ad364e35_6.0.6000.16386_none_76f32d528a780cf2\oleaccrc.dll
+ 2006-11-02 12:34:48 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-photosamples_31bf3856ad364e35_6.0.6000.16386_none_95425ac284e42b43\SampleRes.dll
+ 2008-02-29 06:38:54 313,856 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6000.16646_none_44d4534db6337506\rstrui.exe
+ 2008-02-29 06:39:13 40,960 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6000.16646_none_44d4534db6337506\srclient.dll
+ 2008-02-29 06:39:13 371,712 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6000.16646_none_44d4534db6337506\srcore.dll
+ 2008-02-29 06:38:59 16,384 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6000.16646_none_44d4534db6337506\srdelayed.exe
+ 2008-02-29 04:05:40 313,856 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6000.20782_none_452eaf40cf751f38\rstrui.exe
+ 2008-02-29 06:33:44 40,960 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6000.20782_none_452eaf40cf751f38\srclient.dll
+ 2008-02-29 06:33:44 371,712 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6000.20782_none_452eaf40cf751f38\srcore.dll
+ 2008-02-29 04:05:32 16,384 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6000.20782_none_452eaf40cf751f38\srdelayed.exe
+ 2008-02-29 04:12:59 318,464 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6001.18027_none_46d13215b348e76c\rstrui.exe
+ 2008-02-29 06:53:38 40,960 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6001.18027_none_46d13215b348e76c\srclient.dll
+ 2008-02-29 06:53:39 378,368 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6001.18027_none_46d13215b348e76c\srcore.dll
+ 2008-02-29 04:12:53 14,848 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6001.18027_none_46d13215b348e76c\srdelayed.exe
+ 2008-02-29 04:06:52 318,464 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6001.22125_none_4758ce4ccc685488\rstrui.exe
+ 2008-02-29 06:37:51 40,960 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6001.22125_none_4758ce4ccc685488\srclient.dll
+ 2008-02-29 06:37:51 378,368 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6001.22125_none_4758ce4ccc685488\srcore.dll
+ 2008-02-29 04:06:46 14,848 ----a-w C:\Windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6001.22125_none_4758ce4ccc685488\srdelayed.exe
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\penchs.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\pencht.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\penjpn.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\penkor.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\penusa.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\pipres.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\skchobj.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6000.16386_none_3fbb09cf8caa385d\skchui.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\penchs.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\pencht.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\penjpn.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\penkor.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\penusa.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\pipres.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\skchobj.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\skchui.dll
+ 2006-11-02 12:35:47 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6000.16386_none_3d7550f9c9692474\IPSEventLogMsg.dll
+ 2006-11-02 12:35:47 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..nputpersonalization_31bf3856ad364e35_6.0.6001.18000_none_3fac12f5c6543548\IPSEventLogMsg.dll
+ 2006-11-02 12:35:47 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-tabletpc-pentraining_31bf3856ad364e35_6.0.6000.16386_none_dfb8647a7b1e856b\PTRes.dll
+ 2006-11-02 12:35:43 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-tabletpc-touchtraining_31bf3856ad364e35_6.0.6000.16386_none_c41ca1245ce8094b\TTRes.dll
+ 2008-01-19 05:39:36 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.0.6001.18000_none_ca65755fad07cc55\WsmCl.dll
+ 2008-02-29 04:16:38 2,027,008 ----a-w C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16646_none_b6e7fd209d7b409d\win32k.sys
+ 2008-02-29 04:14:24 2,028,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.20782_none_b7425913b6bceacf\win32k.sys
+ 2008-02-29 04:21:49 2,032,128 ----a-w C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18027_none_b8e4dbe89a90b303\win32k.sys
+ 2008-02-29 04:15:56 2,032,128 ----a-w C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22125_none_b96c781fb3b0201f\win32k.sys
+ 2006-11-02 09:43:00 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-winsock-legacy_31bf3856ad364e35_6.0.6000.16386_none_e12e74ad149badfc\rnr20.dll
+ 2006-11-02 09:43:00 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-winsock-legacy_31bf3856ad364e35_6.0.6001.18000_none_e36536a91186bed0\rnr20.dll
+ 2006-11-02 07:15:27 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6000.16386_none_b71d411922ad8f1f\WmiApRes.dll
+ 2006-11-02 07:15:27 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\WmiApRes.dll
+ 2006-11-02 12:35:25 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6000.16386_none_a884bc8dc9d4ada2\smierrsm.dll
+ 2006-11-02 12:35:25 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6000.16386_none_a884bc8dc9d4ada2\smierrsy.dll
+ 2006-11-02 12:35:25 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6000.16386_none_a884bc8dc9d4ada2\smimsgif.dll
+ 2008-01-19 05:39:14 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6001.18000_none_aabb7e89c6bfbe76\smierrsm.dll
+ 2008-01-19 05:39:16 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6001.18000_none_aabb7e89c6bfbe76\smierrsy.dll
+ 2008-01-19 05:39:17 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-wmi-snmp-provider_31bf3856ad364e35_6.0.6001.18000_none_aabb7e89c6bfbe76\smimsgif.dll
+ 2006-11-02 12:36:03 2,560 ----a-w C:\Windows\winsxs\x86_wcf-m_sm_evt_dll_vista_31bf3856ad364e35_6.0.6000.16386_none_76336ee89b768fbf\ServiceModelEvents.dll
+ 2008-01-19 07:31:57 2,560 ----a-w C:\Windows\winsxs\x86_wcf-m_sm_evt_dll_vista_31bf3856ad364e35_6.0.6001.18000_none_786a30e49861a093\ServiceModelEvents.dll
+ 2006-11-02 12:36:02 2,560 ----a-w C:\Windows\winsxs\x86_wcf-m_sm_ins_rc_dll_31bf3856ad364e35_6.0.6000.16386_none_c6c5835b4cd99252\ServiceModelInstallRC.dll
.
-- Snapshot reset to current date --
. | |
Siko
Premium
join:2006-11-27
Mechanicsburg, PA
clubs:
·Dish Network
·Verizon Online DSL
1 edit | ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 03:33 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-19 03:38 1008184]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2006-12-13 03:17 98304]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2006-12-13 03:19 106496]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2006-12-13 03:17 81920]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-15 08:47 579584]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-04-04 20:39 185896]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-04-05 19:33 219136]
C:\Users\Murlin Wei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2008-04-02 19:25:58 2987856]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 2008-04-05 19:33 9216 C:\Windows\System32\avgwlntf.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 relog_ap
[HKLM\~\startupfolder\C:^Users^Murlin Wei^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.3.lnk]
path=C:\Users\Murlin Wei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk
backup=C:\Windows\pss\OpenOffice.org 2.3.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^Murlin Wei^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI (RC1).lnk]
path=C:\Users\Murlin Wei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI (RC1).lnk
backup=C:\Windows\pss\Secunia PSI (RC1).lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
--a------ 2007-06-11 05:25 6731312 H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
--a------ 2007-02-16 19:49 149024 C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
--a------ 2007-02-16 19:57 1945960 C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-01-17 12:51 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
--a------ 2006-12-13 03:19 106496 C:\Windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
--a------ 2006-12-13 03:17 98304 C:\Windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-03-30 10:36 267048 H:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Windows\system32\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
--a------ 2006-12-13 03:17 81920 C:\Windows\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2007-08-06 20:05 200704 H:\Program Files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rapget]
E:\Flight Simulator Software\rapget140\rapget.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
--a------ 2006-12-01 00:37 4186112 C:\Windows\RtHDVCpl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-02-22 04:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2008-04-06 13:17 1481968 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-04-04 20:39 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
--a------ 2007-02-16 19:45 1169776 C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
--a------ 2008-01-19 03:36 2153472 C:\Windows\System32\oobefldr.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--a------ 2008-01-19 03:33 202240 C:\Program Files\Windows Media Player\WMPNSCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2738104663-2755392700-2221383480-1000]
"EnableNotificationsRef"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{61455193-5548-4882-BB4F-1FFC86E41172}C:\\ijji\\english\\u_skid.exe"= UDP:C:\ijji\english\u_skid.exe:
"UDP Query User{6099BF92-BFC5-416D-AEC6-DA00AFB25A65}C:\\ijji\\english\\u_skid.exe"= TCP:C:\ijji\english\u_skid.exe:
"TCP Query User{7E27783F-27CC-4E95-8A1E-47091E0453EF}K:\\program files\\driftcity\\driftcity.exe"= UDP:K:\program files\driftcity\driftcity.exe:DriftCity
"UDP Query User{68C2CEBB-F1D1-4589-A707-19610F1F7E77}K:\\program files\\driftcity\\driftcity.exe"= TCP:K:\program files\driftcity\driftcity.exe:DriftCity
"TCP Query User{FE38E010-F2C0-4967-83FD-96B25A3F5B30}C:\\ijji\\english\\u_sf\\soldierfront.exe"= UDP:C:\ijji\english\u_sf\soldierfront.exe:soldierfront
"UDP Query User{19A69707-47F5-4ED8-A3D4-D983B5833183}C:\\ijji\\english\\u_sf\\soldierfront.exe"= TCP:C:\ijji\english\u_sf\soldierfront.exe:soldierfront
"TCP Query User{B66503DB-7D5D-4DE9-9921-A25C9F1EA5AB}H:\\program files\\driftcity\\driftcity.exe"= UDP:H:\program files\driftcity\driftcity.exe:DriftCity
"UDP Query User{14612DD0-8A9C-44A2-9B51-5491B5A88018}H:\\program files\\driftcity\\driftcity.exe"= TCP:H:\program files\driftcity\driftcity.exe:DriftCity
"TCP Query User{A8D6E0B6-86C5-4D81-9FDF-F0378CD75F37}C:\\program files\\xfire\\xfire.exe"= UDP:C:\program files\xfire\xfire.exe:Xfire
"UDP Query User{5DC64609-489B-4CCD-8BDC-DA888571FCC7}C:\\program files\\xfire\\xfire.exe"= TCP:C:\program files\xfire\xfire.exe:Xfire
"{17C23B69-DBF2-487A-A532-7D9ABF255A9E}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{94906B86-E338-4979-ADE4-B4200BD59672}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"TCP Query User{30964450-8A26-40BA-A03B-E0D17BDCC6BB}G:\\program files\\microsoft games\\flight simulator 9\\fs9.exe"= UDP:G:\program files\microsoft games\flight simulator 9\fs9.exe:Microsoft Flight Simulator
"UDP Query User{426ADF18-258D-442E-B866-DE3813E88673}G:\\program files\\microsoft games\\flight simulator 9\\fs9.exe"= TCP:G:\program files\microsoft games\flight simulator 9\fs9.exe:Microsoft Flight Simulator
"{0E586831-FC73-45B0-9F08-096BF0D40C38}"= UDP:80:80
"{34AD0E95-78FA-44A3-A14A-4A598E511536}"= TCP:80:80
"{28CEFC0F-00A3-4EAB-9D8B-9D64D7265705}"= UDP:6112:6112
"{991C1B7E-6DA8-49BB-9C14-B6C74730B50A}"= TCP:6112:6112
"{8A3679AF-CD19-4CE2-A038-9DE3E3E5A34B}"= UDP:54789:54789
"{8C63877E-7C19-4DA5-B287-AA6D0F8CFC28}"= TCP:54789:54789
"TCP Query User{58038DE4-2BB8-41E1-8189-030A5E823718}H:\\nexon\\maplestory\\patcher.exe"= UDP:H:\nexon\maplestory\patcher.exe:Patcher MFC ?? ????
"UDP Query User{41D9A998-FD0B-4C1B-A90E-B0F2BED2BFC4}H:\\nexon\\maplestory\\patcher.exe"= TCP:H:\nexon\maplestory\patcher.exe:Patcher MFC ?? ????
"TCP Query User{57B550CD-25EA-460B-AE48-681C32F87C39}H:\\nexon\\maplestory\\maplestory.exe"= UDP:H:\nexon\maplestory\maplestory.exe:MapleStory
"UDP Query User{609320D2-5ECE-4286-8362-B486263DA9E3}H:\\nexon\\maplestory\\maplestory.exe"= TCP:H:\nexon\maplestory\maplestory.exe:MapleStory
"TCP Query User{83AB73F7-1946-4300-A08C-DB73E9369C8F}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{48ACEBD7-DC97-4FF2-BB6F-704618FB53B2}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"1c9b3cdd-3bce-43a9-881b-5fb372fe469c"=
"TCP Query User{6A3FA9AA-E952-4D4D-8FD7-FC7ED8BD727F}H:\\program files\\america's army\\system\\armyops.exe"= UDP:H:\program files\america's army\system\armyops.exe:ArmyOps
"UDP Query User{BEB13D38-D94C-4F4C-9245-7E48245BFA1D}H:\\program files\\america's army\\system\\armyops.exe"= TCP:H:\program files\america's army\system\armyops.exe:ArmyOps
"TCP Query User{50F33169-380A-49AF-81BE-7C6E8C8C2451}C:\\windows\\system32\\dpnsvr.exe"= UDP:C:\windows\system32\dpnsvr.exe:Microsoft DirectPlay8 Server
"UDP Query User{DF0B00AF-395E-4FA4-B850-2BD9EF20F7ED}C:\\windows\\system32\\dpnsvr.exe"= TCP:C:\windows\system32\dpnsvr.exe:Microsoft DirectPlay8 Server
"TCP Query User{5021BF18-01CD-4258-97B4-0C63DB4C1B7E}C:\\program files\\fsfdt\\control panel\\fsfdtcp.exe"= UDP:C:\program files\fsfdt\control panel\fsfdtcp.exe:FSFDT Control Panel
"UDP Query User{3DB1FC88-0596-4F01-A186-E39F227CE84D}C:\\program files\\fsfdt\\control panel\\fsfdtcp.exe"= TCP:C:\program files\fsfdt\control panel\fsfdtcp.exe:FSFDT Control Panel
"TCP Query User{1AB14382-F73F-48C9-B315-3EE9B8CB2694}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{17CAEFA6-0C1E-42AC-978B-C4A6CBAAC66B}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"eb8b0e56-37ab-4db7-9f9e-1a1d6608d4e0"= %ProgramFiles%\FSFDT\FSInn UI\FSInnUI.exe:FSINN
"UDP Query User{D86A64A0-98DB-45F2-B30E-9C99810EA427}C:\\program files\\fsfdt\\fwinn\\fwinn.exe"= C:\program files\fsfdt\fwinn\fwinn.exe:FSInn Application
"TCP Query User{F3FF54FA-890C-4280-937A-E4B25DFDC64A}C:\\program files\\fsfdt\\fwinn\\fwinn.exe"= C:\program files\fsfdt\fwinn\fwinn.exe:FSInn Application
"5d038ed9-b69c-43ca-9e9d-361f03d7074d"= %ProgramFiles%\FSFDT\Control Panel\FSFDTCP.exe:FSUDCP
"09c2c1b0-5d17-4e76-8c53-65f0895ca6d1"= UDP:3782|LPort=3290|LPort=3783|LPort=6809:SQ
"3a769932-0d65-4226-8f87-9af21c6399fa"= TCP:3782|LPort=3290|LPort=3783|LPort=6809:SQ1
"7bda4004-dec1-4e68-ae03-4b18dca28327"= TCP:32062:FSINN
"TCP Query User{7BA25555-49F6-4C6F-A3BE-B1091A7CD7E6}C:\\program files\\swiftswitch\\swiftswitch.exe"= UDP:C:\program files\swiftswitch\swiftswitch.exe:Utility for RuneScape
"UDP Query User{F3D3B80D-3F35-4E98-BAE6-FFC8C8B398CB}C:\\program files\\swiftswitch\\swiftswitch.exe"= TCP:C:\program files\swiftswitch\swiftswitch.exe:Utility for RuneScape
"TCP Query User{2E3A70D7-0AC2-4254-B11B-0A2EC31E6D05}H:\\program files\\dragonfly\\special force\\specialforce.exe"= UDP:H:\program files\dragonfly\special force\specialforce.exe:SpecialForce
"UDP Query User{6137764F-CAE8-4517-AF49-6CB2607C5DB8}H:\\program files\\dragonfly\\special force\\specialforce.exe"= TCP:H:\program files\dragonfly\special force\specialforce.exe:SpecialForce
"TCP Query User{0D1EF090-833B-4967-9D45-EAF64C49861F}C:\\ijji\\english\\gunz\\gunz.exe"= UDP:C:\ijji\english\gunz\gunz.exe:Gunz
"UDP Query User{560CD26A-B4D8-4DD6-9AF8-BA438C3E071D}C:\\ijji\\english\\gunz\\gunz.exe"= TCP:C:\ijji\english\gunz\gunz.exe:Gunz
"TCP Query User{63EC054C-903B-40D8-A36F-D2F80B55FF3D}C:\\users\\murlin wei\\desktop\\fshost32\\fshost32.exe"= UDP:C:\users\murlin wei\desktop\fshost32\fshost32.exe:fshost32.exe
"UDP Query User{D8E76696-D62C-4EBD-8A08-5450B40122C9}C:\\users\\murlin wei\\desktop\\fshost32\\fshost32.exe"= TCP:C:\users\murlin wei\desktop\fshost32\fshost32.exe:fshost32.exe
"TCP Query User{854A4DB3-1DFB-4B87-A7E0-AEA6B9C0074B}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper
"UDP Query User{A36A3890-68AE-4E2D-BC3B-FDAC339499B3}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper
"TCP Query User{2D0919A8-6553-4CDF-A595-A46EF1D2F4D3}C:\\program files\\dragonfly\\special force\\specialforce.exe"= UDP:C:\program files\dragonfly\special force\specialforce.exe:specialforce
"UDP Query User{BC4A08A4-5B7E-4662-810F-1D9F1662B2AC}C:\\program files\\dragonfly\\special force\\specialforce.exe"= TCP:C:\program files\dragonfly\special force\specialforce.exe:specialforce
"{607558EF-6597-4863-8D25-F007069A2EC9}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{46E5FDB3-D48D-4321-B224-C365CF959155}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{9B21F62D-DF09-44A2-BD05-BC7EEE8742C9}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{68F77BA3-1444-44C8-AC53-D586A7FD787C}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{48866029-02D4-420C-AF33-2058433DC7D9}"= UDP:H:\Program Files\iTunes\iTunes.exe:iTunes
"{AB169B2B-5F22-47D8-B596-C06720D2E476}"= TCP:H:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{37AFDF7F-9FEF-441B-B24D-75F2E325B8C7}H:\\program files\\azureus\\azureus.exe"= UDP:H:\program files\azureus\azureus.exe:Azureus
"UDP Query User{2414528D-9012-4CCF-B04D-4D7AC667B755}H:\\program files\\azureus\\azureus.exe"= TCP:H:\program files\azureus\azureus.exe:Azureus
"TCP Query User{9225565D-E33E-467E-9533-ED9B2675E3C6}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{9F98D73A-65DD-4D0E-B968-DC1D3C6EBAA6}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{BC712732-FEB9-4EDA-8C73-9FC226F9DB1A}H:\\program files\\counter-strike source\\hl2.exe"= UDP:H:\program files\counter-strike source\hl2.exe:hl2
"UDP Query User{57A7C5E6-CBE4-4652-AFEF-DCFD72CBE342}H:\\program files\\counter-strike source\\hl2.exe"= TCP:H:\program files\counter-strike source\hl2.exe:hl2
"TCP Query User{1DB411BF-E55D-4961-A89F-4494677D10B3}H:\\program files\\secondlife\\slvoice.exe"= UDP:H:\program files\secondlife\slvoice.exe:SLVoice
"UDP Query User{27A63D2C-CAAE-42C6-A3F5-87CC36F583D3}H:\\program files\\secondlife\\slvoice.exe"= TCP:H:\program files\secondlife\slvoice.exe:SLVoice
"TCP Query User{71DB6B6F-9435-4ED3-A6DB-D8EBC799C9E1}C:\\program files\\real\\realplayer\\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{AD20223A-2548-4E8F-A6E3-8E0542F0F9A5}C:\\program files\\real\\realplayer\\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer
R2 NPF;NetGroup Packet Filter Driver;C:\Windows\system32\drivers\npf.sys [2007-11-06 16:22]
R2 PD91Agent;PD91Agent;"C:\Program Files\Raxco\PerfectDisk\PD91Agent.exe" [2008-02-28 10:44]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 12:43]
R3 HPFXBULK;HPFXBULK;C:\Windows\system32\drivers\hpfxbulk.sys [2007-06-20 03:21]
R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-12-13 04:32]
R3 RTSTOR;USB Mass Storage Device;C:\Windows\system32\drivers\RTSTOR.SYS [2008-02-15 15:22]
R3 rxpvbus;Reality XP Avionics Bus Driver;C:\Windows\system32\DRIVERS\rxpvbus.sys [2005-11-04 09:35]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service;"C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe" [2007-02-22 19:53]
S3 PD91Engine;PD91Engine;"C:\Program Files\Raxco\PerfectDisk\PD91Engine.exe" [2008-02-29 14:08]
S3 PD91VMDefrag;PD91VMDefrag;"C:\Program Files\Raxco\PerfectDisk\PD91VMDefrag.exe" [2008-02-29 10:44]
S3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys [2008-02-19 04:24]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 03:30]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
rsmsvcs REG_MULTI_SZ ntmssvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\shell\AutoRun\command - F:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
\shell\AutoRun\command - I:\Setup\rsrc\autorun.exe
\shell\dinstall\command - I:\Directx\dxsetup.exe
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, »www.gmer.net
Rootkit scan 2008-04-20 14:43:01
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\audiodg.exe
H:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
C:\Program Files\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Raxco\PerfectDisk\PD91AgentS1.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
.
**************************************************************************
.
Completion time: 2008-04-20 14:45:21 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-20 18:45:13
ComboFix2.txt 2008-04-08 19:33:44
ComboFix3.txt 2008-04-06 23:40:34
Pre-Run: 20,521,390,080 bytes free
Post-Run: 20,575,760,384 bytes free
846 --- E O F --- 2008-04-17 19:16:34 | |
Siko
Premium
join:2006-11-27
Mechanicsburg, PA
clubs:
·Dish Network
·Verizon Online DSL
| Thanks for scanning through that, now here is my ESET log, it didn't find anything.
# version=4
# OnlineScanner.ocx=1.0.0.635
# OnlineScannerDLLA.dll=1, 0, 0, 79
# OnlineScannerDLLW.dll=1, 0, 0, 78
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3041 (20080419)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.064 (20070717)
# EOSSerial=f94ebf675e76f444bc9bef3e67f7aa40
# end=finished
# remove_checked=true
# unwanted_checked=true
# utc_time=2008-04-21 02:01:17
# local_time=2008-04-20 10:01:17 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.0.6001 NT Service Pack 1
# scanned=931132
# found=0
# scan_time=6361 | |
|
