Check af logs
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 13:54:51, on 05-06-2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Ann\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://da.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://da.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Users\Ann\NOKIA-PC\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Users\Ann\NOKIA-PC\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Beskyttelse mod spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8111 bytes
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/30/2008 at 10:18 PM
Application Version : 4.21.1004
Core Rules Database Version : 3615
Trace Rules Database Version: 1601
Scan type : Complete Scan
Total Scan Time : 00:16:35
Memory items scanned : 684
Memory threats detected : 0
Registry items scanned : 7085
Registry threats detected : 0
File items scanned : 0
File threats detected : 0
ComboFix 08-10-30.09 - Ann 2008-10-30 22:44:12.3 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1030.18.1036 [GMT 1:00]
Running from: C:\Users\Ann\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\AntiSpywareApp
C:\Program Files\AntiSpywareApp\AntiSpyware.exe
C:\Program Files\AntiSpywareApp\AntiSpyware.srv.exe
C:\Program Files\AntiSpywareApp\AntiSpyware.url
C:\Program Files\AntiSpywareApp\DataBase.ref
C:\Program Files\AntiSpywareApp\Difxapi.dll
C:\Program Files\AntiSpywareApp\FilterDrv\AntiSpyware.amd64.sys
C:\Program Files\AntiSpywareApp\FilterDrv\AntiSpyware.cat
C:\Program Files\AntiSpywareApp\FilterDrv\AntiSpyware.inf
C:\Program Files\AntiSpywareApp\FilterDrv\AntiSpyware.x86.sys
C:\Program Files\AntiSpywareApp\SpyCleaner.dll
C:\Program Files\AntiSpywareApp\TCL.dll
C:\Program Files\AntiSpywareApp\vistaCPtasks.xml
C:\Program Files\AntiSpywareApp\zlib.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_AntiSpywareSrv
((((((((((((((((((((((((( Files Created from 2008-09-28 to 2008-10-30 )))))))))))))))))))))))))))))))
.
2008-10-30 21:54 . 2008-10-30 21:54 <DIR> d-------- C:\Users\Ann\AppData\Roaming\SUPERAntiSpyware.com
2008-10-30 21:54 . 2008-10-30 21:54 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-10-30 21:53 . 2008-10-30 21:53 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-28 22:03 . 2008-08-12 04:39 443,392 --a------ C:\Windows\System32\win32spl.dll
2008-10-28 22:03 . 2008-09-18 05:56 147,456 --a------ C:\Windows\System32\Faultrep.dll
2008-10-28 22:03 . 2008-09-18 05:56 125,952 --a------ C:\Windows\System32\wersvc.dll
2008-10-15 16:11 . 2008-09-18 06:09 3,601,464 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-10-15 16:11 . 2008-09-18 06:09 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe
2008-10-15 16:11 . 2008-09-18 03:16 2,032,640 --a------ C:\Windows\System32\win32k.sys
2008-10-15 16:11 . 2008-08-27 02:06 288,768 --a------ C:\Windows\System32\drivers\srv.sys
2008-10-15 16:10 . 2008-10-02 02:32 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-10-15 16:10 . 2008-10-02 04:49 827,392 --a------ C:\Windows\System32\wininet.dll
2008-09-28 14:35 . 2008-09-28 14:37 <DIR> d-------- C:\Program Files\HP
2008-09-28 14:35 . 2008-09-28 14:35 <DIR> d-------- C:\Program Files\Common Files\HP
2008-09-28 14:34 . 2008-09-28 14:35 <DIR> d-------- C:\Users\All Users\HP
2008-09-28 14:34 . 2008-09-28 14:35 <DIR> d-------- C:\ProgramData\HP
2008-09-28 14:34 . 2008-09-28 14:38 19,502 --a------ C:\Windows\hpqins13.dat
2008-09-23 16:46 . 2008-09-23 16:46 245,408 --a------ C:\Windows\System32\unicows.dll
2008-09-11 02:11 . 2008-07-31 02:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-09-11 02:11 . 2008-06-26 04:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
2008-09-11 02:11 . 2008-07-31 04:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-09-11 02:10 . 2008-08-02 02:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2008-09-11 02:10 . 2008-06-26 04:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll
2008-09-11 02:10 . 2008-05-08 20:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys
2008-09-11 02:10 . 2008-05-20 03:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-09-11 02:10 . 2008-06-26 04:29 45,056 --a------ C:\Windows\System32\dataclen.dll
2008-09-11 02:10 . 2008-08-02 04:26 36,864 --a------ C:\Windows\System32\cdd.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-30 21:53 --------- d-----w C:\Program Files\Common Files\Akamai
2008-10-16 01:21 --------- d-----w C:\Program Files\Windows Mail
2008-10-09 00:20 --------- d-----w C:\Users\Ann\AppData\Roaming\ErrorSmart
2008-10-09 00:20 --------- d-----w C:\Program Files\ErrorSmart
2008-09-21 11:10 --------- d-----w C:\ProgramData\PC Suite
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-04-27 03:51 174 --sha-w C:\Program Files\desktop.ini
2008-02-13 23:08 32 ----a-w C:\Users\All Users\ezsid.dat
2008-02-13 23:08 32 ----a-w C:\ProgramData\ezsid.dat
.
((((((((((((((((((((((((((((( snapshot@2008-06-22_18.45.50,25 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-03-08 04:19:20 540,672 ----a-w C:\Windows\AppPatch\AcLayers.dll
+ 2008-06-12 05:28:53 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll
- 2005-10-20 18:02:28 163,328 ----a-w C:\Windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w C:\Windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w C:\Windows\erdnt\subs\ERDNT.EXE
- 2008-06-12 08:10:49 51,200 ----a-w C:\Windows\inf\infpub.dat
+ 2008-09-28 13:06:31 51,200 ----a-w C:\Windows\inf\infpub.dat
- 2008-06-12 08:10:49 86,016 ----a-w C:\Windows\inf\infstor.dat
+ 2008-08-14 08:36:23 86,016 ----a-w C:\Windows\inf\infstor.dat
- 2008-06-12 08:10:49 143,360 ----a-w C:\Windows\inf\infstrng.dat
+ 2008-08-14 08:36:22 143,360 ----a-w C:\Windows\inf\infstrng.dat
+ 2007-09-14 20:45:58 16,901,168 ----a-r C:\Windows\Installer\$PatchCache$\Managed\00002109020060400000000000F01FEC\12.0.6215\MSO.DLL
+ 2007-08-28 23:19:24 1,654,648 ----a-r C:\Windows\Installer\$PatchCache$\Managed\00002109020060400000000000F01FEC\12.0.6215\OGL.DLL
+ 2007-08-24 04:00:34 1,767,768 ----a-r C:\Windows\Installer\$PatchCache$\Managed\00002109020060400000000000F01FEC\12.0.6215\PPCNV.DLL
+ 2007-08-24 04:00:48 72,096 ----a-r C:\Windows\Installer\$PatchCache$\Managed\00002109020060400000000000F01FEC\12.0.6215\PXBCOM.EXE
+ 2008-07-28 16:52:54 3,262 ----a-r C:\Windows\Installer\{4F1DCA42-2030-437C-A94E-736692A499C1}\ARPPRODUCTICON.exe
+ 2008-07-24 09:28:53 81,920 ----a-r C:\Windows\Installer\{5669F5AE-2C88-4655-80A0-06877D88BAB5}\Icon.exe
+ 2008-07-07 14:46:00 118,784 ----a-r C:\Windows\Installer\{7FB15F54-1616-4FC6-8BDB-51F1AB185B09}\Icon.exe
- 2008-06-12 08:05:23 593,920 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-07-10 09:15:26 593,920 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-06-12 08:05:23 12,288 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-07-10 09:15:26 12,288 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-06-12 08:05:24 86,016 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-07-10 09:15:26 86,016 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-06-12 08:05:22 135,168 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-07-10 09:15:26 135,168 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-06-12 08:05:24 11,264 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-07-10 09:15:26 11,264 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-06-12 08:05:24 27,136 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-07-10 09:15:27 27,136 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-06-12 08:05:24 4,096 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-07-10 09:15:27 4,096 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-06-12 08:05:24 794,624 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-07-10 09:15:27 794,624 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-06-12 08:05:23 249,856 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-07-10 09:15:26 249,856 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-06-12 08:05:23 61,440 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-07-10 09:15:26 61,440 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-06-12 08:05:24 23,040 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-07-10 09:15:27 23,040 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-06-12 08:05:22 286,720 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-07-10 09:15:26 286,720 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-06-12 08:05:22 409,600 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-07-10 09:15:25 409,600 ----a-r C:\Windows\Installer\{90110406-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-05-15 01:03:02 38,240 ----a-r C:\Windows\Installer\{90120000-0020-0406-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-10-16 01:07:18 38,240 ----a-r C:\Windows\Installer\{90120000-0020-0406-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-07-28 16:57:01 15,086 ----a-r C:\Windows\Installer\{9C05FA75-0337-4523-AA57-9D3511018887}\ARPPRODUCTICON.exe
+ 2008-07-28 16:54:37 10,134 ----a-r C:\Windows\Installer\{AC599724-5755-48C1-ABE7-ABB857652930}\ARPPRODUCTICON.exe
+ 2008-10-30 20:54:52 18,944 ----a-r C:\Windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
+ 2008-10-30 20:54:52 65,024 ----a-r C:\Windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\ARPPRODUCTICON.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut10.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut11.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut12.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut13.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut14.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut15.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut16.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut17.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut18.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut19.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut2_1.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut20.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut21.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut22.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut23.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut24.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut25.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut26.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut27.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut28.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut5.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut6.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut7.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut8.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-09-28 13:36:28 25,214 ----a-r C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\NewShortcut9.BCCDD171_C13C_4D41_ACA3_0E088E5E60A9.exe
+ 2008-07-23 12:16:57 61,440 ----a-r C:\Windows\Installer\{D8320DD6-FE47-41DE-B116-4158B7AE3F37}\ACDSeeDesktopShortcu_D8320DD6FE4741DEB1164158B7AE3F37.exe
+ 2008-07-23 12:16:57 61,440 ----a-r C:\Windows\Installer\{D8320DD6-FE47-41DE-B116-4158B7AE3F37}\ACDSeePMShortcut_D8320DD6FE4741DEB1164158B7AE3F37.exe
+ 2008-07-23 12:16:57 61,440 ----a-r C:\Windows\Installer\{D8320DD6-FE47-41DE-B116-4158B7AE3F37}\ARPPRODUCTICON.exe
+ 2008-07-23 12:16:57 45,056 ----a-r C:\Windows\Installer\{D8320DD6-FE47-41DE-B116-4158B7AE3F37}\DevDetectPMShortcut_D8320DD6FE4741DEB1164158B7AE3F37.exe
+ 2008-07-23 12:16:58 57,344 ----a-r C:\Windows\Installer\{D8320DD6-FE47-41DE-B116-4158B7AE3F37}\FotoSlateDesktopShor_FD88D5011F0A4DA4A13A6437411EE0C3.exe
+ 2008-07-23 12:16:57 57,344 ----a-r C:\Windows\Installer\{D8320DD6-FE47-41DE-B116-4158B7AE3F37}\FotoSlateProgramFile_FD88D5011F0A4DA4A13A6437411EE0C3.exe
+ 2008-07-23 12:16:58 61,440 ----a-r C:\Windows\Installer\{D8320DD6-FE47-41DE-B116-4158B7AE3F37}\ShowtimeDesktopShort_E8C78F087B514D6E8493703D326B45FB.exe
+ 2008-07-23 12:16:57 61,440 ----a-r C:\Windows\Installer\{D8320DD6-FE47-41DE-B116-4158B7AE3F37}\ShowtimeStartMenuSho_E8C78F087B514D6E8493703D326B45FB.exe
- 2000-08-31 06:00:00 28,672 ----a-w C:\Windows\Nircmd.exe
+ 2000-08-31 07:00:00 28,672 ----a-w C:\Windows\Nircmd.exe
- 2008-06-22 16:26:32 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-10-30 21:52:41 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-06-22 16:26:32 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-10-30 21:52:41 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-06-04 21:25:00 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-10-09 17:23:49 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-06-04 21:25:00 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-10-09 17:23:49 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-06-04 21:25:00 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-10-09 17:23:49 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-06-22 16:28:11 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-10-30 21:55:06 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-10-30 21:55:06 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-04-27 03:51:28 2,556,329 -c--a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing\tokens.dat
+ 2008-07-23 13:22:02 2,556,329 -c--a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing\tokens.dat
- 2008-06-22 16:27:30 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-10-30 21:55:48 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2007-07-30 18:19:54 71,352 ------w C:\Windows\SoftwareDistribution\SelfUpdate\Handler\WuSetupV.exe
+ 2008-07-18 20:08:20 72,256 ------w C:\Windows\SoftwareDistribution\SelfUpdate\Handler\WuSetupV.exe
+ 2007-02-10 03:09:12 127,856 ----a-w C:\Windows\SQL9_KB948109_ENU\batchparser90.dll
+ 2007-02-10 03:09:20 1,039,728 ----a-w C:\Windows\SQL9_KB948109_ENU\dbghelp.dll
+ 2007-02-10 03:15:30 1,160,560 ----a-w C:\Windows\SQL9_KB948109_ENU\dumpdatastore.dll
+ 2008-02-26 20:08:46 2,501,648 ----a-w C:\Windows\SQL9_KB948109_ENU\hotfix.exe
+ 2005-10-13 21:26:42 548,864 ----a-w C:\Windows\SQL9_KB948109_ENU\msvcp80.dll
+ 2005-10-13 21:26:42 626,688 ----a-w C:\Windows\SQL9_KB948109_ENU\msvcr80.dll
+ 2007-02-10 03:29:52 143,728 ----a-w C:\Windows\SQL9_KB948109_ENU\sqlcmd.exe
+ 2007-02-10 03:29:52 533,872 ----a-w C:\Windows\SQL9_KB948109_ENU\sqldiscoveryapi.dll
+ 2007-02-10 03:29:54 230,256 ----a-w C:\Windows\SQL9_KB948109_ENU\sqlsetupvista.dll
- 2000-08-31 06:00:00 161,792 ----a-w C:\Windows\swreg.exe
+ 2000-08-31 07:00:00 161,792 ----a-w C:\Windows\swreg.exe
+ 2008-08-20 08:54:00 287,256 ----a-r C:\Windows\System32\AbaleZip.dll
+ 2004-03-04 10:51:46 307,200 ----a-w C:\Windows\System32\ACDSee.scr
+ 2004-03-17 10:08:20 495,616 ----a-w C:\Windows\System32\ACDV.dll
- 2008-01-19 07:34:37 1,671,168 ----a-w C:\Windows\System32\chsbrkr.dll
+ 2008-05-27 05:17:13 1,671,680 ----a-w C:\Windows\System32\chsbrkr.dll
- 2008-01-19 07:34:40 6,103,040 ----a-w C:\Windows\System32\chtbrkr.dll
+ 2008-05-27 05:17:16 6,103,040 ----a-w C:\Windows\System32\chtbrkr.dll
- 2008-06-22 16:26:58 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-10-30 21:53:10 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-06-22 16:26:58 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-10-30 21:53:10 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-06-22 16:26:58 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-10-30 21:53:10 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-06-22 16:40:39 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-10-30 21:43:39 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-10-30 21:43:39 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
- 2008-01-19 07:33:05 139,264 ----a-w C:\Windows\System32\cscript.exe
+ 2008-05-08 21:58:40 135,168 ----a-w C:\Windows\System32\cscript.exe
+ 2005-12-06 17:23:26 454,656 ----a-w C:\Windows\System32\divx_xx07.dll
+ 2005-12-06 17:23:27 454,656 ----a-w C:\Windows\System32\divx_xx0c.dll
+ 2005-12-06 17:23:29 528,384 ----a-w C:\Windows\System32\divx_xx11.dll
+ 2005-12-06 22:23:32 94,208 ----a-w C:\Windows\System32\divxdec_0407.dll
+ 2005-12-06 22:23:34 94,208 ----a-w C:\Windows\System32\divxdec_040c.dll
+ 2005-12-06 22:23:37 94,208 ----a-w C:\Windows\System32\divxdec_0411.dll
- 2008-01-19 05:55:53 72,192 ----a-w C:\Windows\System32\drivers\pacer.sys
+ 2008-04-05 01:21:42 72,192 ----a-w C:\Windows\System32\drivers\pacer.sys
+ 2007-09-17 13:53:26 21,632 ----a-w C:\Windows\System32\drivers\pccsmcfd.sys
+ 2008-07-23 12:16:00 9,856 ----a-w C:\Windows\System32\drivers\pfc.sys
+ 2008-01-19 06:14:10 9,216 ----a-w C:\Windows\System32\drivers\serscan.sys
- 2008-01-19 07:43:39 891,448 ----a-w C:\Windows\System32\drivers\tcpip.sys
+ 2008-04-26 08:26:49 891,448 ----a-w C:\Windows\System32\drivers\tcpip.sys
- 2008-05-02 14:21:52 36,368 ----a-w C:\Windows\System32\drivers\tmpreflt.sys
+ 2008-07-18 17:08:32 36,368 ----a-w C:\Windows\System32\drivers\tmpreflt.sys
- 2008-05-02 14:22:00 205,328 ----a-w C:\Windows\System32\drivers\tmxpflt.sys
+ 2008-07-18 17:08:38 205,328 ----a-w C:\Windows\System32\drivers\tmxpflt.sys
- 2008-05-02 14:17:18 1,169,240 ----a-w C:\Windows\System32\drivers\vsapint.sys
+ 2008-07-18 16:51:32 1,195,448 ----a-w C:\Windows\System32\drivers\vsapint.sys
+ 2006-09-29 02:11:08 118,784 ----a-w C:\Windows\System32\DriverStore\FileRepository\brpnbh3e.inf_84d5e747\bril05a.dll
+ 2007-02-14 00:04:36 1,734,049 ----a-w C:\Windows\System32\DriverStore\FileRepository\brpnbh3e.inf_84d5e747\brio05a.dll
+ 2007-02-14 00:04:36 1,033,662 ----a-w C:\Windows\System32\DriverStore\FileRepository\brpnbh3e.inf_84d5e747\briu05a.dll
+ 2007-02-08 15:00:00 26,364 ----a-w C:\Windows\System32\DriverStore\FileRepository\brpnbh3e.inf_84d5e747\brmfpp1.dll
+ 2006-10-29 18:06:00 109,568 ----a-w C:\Windows\System32\DriverStore\FileRepository\brpnbh3e.inf_84d5e747\brqikmon.exe
+ 2006-09-12 15:00:00 45,056 ----a-w C:\Windows\System32\DriverStore\FileRepository\brpnbh3e.inf_84d5e747\brss01a.exe
+ 2002-04-11 15:00:00 57,344 ----a-w C:\Windows\System32\DriverStore\FileRepository\brpnbh3e.inf_84d5e747\brsvc01a.exe
+ 2001-02-05 02:16:08 258,048 ----a-w C:\Windows\System32\DriverStore\FileRepository\brpnbh3e.inf_84d5e747\bsplmf01.dll
+ 2006-10-30 15:00:00 139,264 ----a-w C:\Windows\System32\DriverStore\FileRepository\brpnbh3e.inf_84d5e747\bsplmf01.exe
+ 2007-11-29 08:39:42 16,896 ----a-w C:\Windows\System32\DriverStore\FileRepository\ccdcmb.inf_e2dc4c9b\ccdcmb.sys
+ 2007-11-29 08:32:38 48,128 ----a-w C:\Windows\System32\DriverStore\FileRepository\ccdcmb.inf_e2dc4c9b\nmwcdcls.dll
+ 2007-11-29 08:39:44 95,744 ----a-w C:\Windows\System32\DriverStore\FileRepository\ccdcmb.inf_e2dc4c9b\nmwcdcocls.dll
+ 2007-11-29 08:33:04 1,419,232 ----a-w C:\Windows\System32\DriverStore\FileRepository\ccdcmb.inf_e2dc4c9b\wdfcoinstaller01005.dll
+ 2007-11-29 08:39:52 8,064 ----a-w C:\Windows\System32\DriverStore\FileRepository\ccdcmbcj.inf_46729562\usbser_lowerfltj.sys
+ 2007-11-29 08:39:42 8,064 ----a-w C:\Windows\System32\DriverStore\FileRepository\ccdcmbm.inf_3be3d500\usbser_lowerflt.sys
+ 2007-11-29 08:39:40 19,328 ----a-w C:\Windows\System32\DriverStore\FileRepository\ccdcmbo.inf_e2175102\ccdcmbo.sys
+ 2008-03-06 09:19:36 534,016 ----a-w C:\Windows\System32\DriverStore\FileRepository\pccswpddriver.inf_83c69a97\PCCSWpdDriver.dll
+ 2008-03-06 09:14:58 831,048 ----a-w C:\Windows\System32\DriverStore\FileRepository\pccswpddriver.inf_83c69a97\WudfUpdate_01005.dll
+ 2007-09-17 13:53:26 21,632 -c--a-w C:\Windows\System32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.sys
- 2008-01-19 07:34:20 262,144 ----a-w C:\Windows\System32\es.dll
+ 2008-04-18 05:48:39 269,312 ----a-w C:\Windows\System32\es.dll
- 2008-04-27 03:44:40 389,144 ----a-w C:\Windows\System32\FNTCACHE.DAT
+ 2008-10-16 01:23:27 389,144 ----a-w C:\Windows\System32\FNTCACHE.DAT
+ 2002-03-20 19:01:58 446,464 ----a-w C:\Windows\System32\HHActiveX.dll
- 2008-01-19 07:34:31 6,068,736 ----a-w C:\Windows\System32\ieframe.dll
+ 2008-10-02 03:49:14 6,068,736 ----a-w C:\Windows\System32\ieframe.dll
- 2008-01-19 07:34:31 270,336 ----a-w C:\Windows\System32\iertutil.dll
+ 2008-10-02 03:49:14 270,336 ----a-w C:\Windows\System32\iertutil.dll
- 2008-01-19 07:34:34 738,304 ----a-w C:\Windows\System32\inetcomm.dll
+ 2008-04-10 05:12:41 738,304 ----a-w C:\Windows\System32\inetcomm.dll
- 2008-01-19 07:34:34 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL
+ 2008-06-19 03:31:48 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL
+ 2002-05-13 14:13:58 19,968 ----a-r C:\Windows\System32\JGA1500.DLL
+ 2002-05-13 14:13:58 16,896 ----a-r C:\Windows\System32\JGAD500.DLL
+ 2002-05-13 14:13:58 9,216 ----a-r C:\Windows\System32\JGAP500.DLL
+ 2002-05-13 14:13:58 11,264 ----a-r C:\Windows\System32\JGAR500.DLL
+ 2002-05-13 14:13:58 31,744 ----a-r C:\Windows\System32\JGAU500.DLL
+ 2002-05-13 14:13:58 6,144 ----a-r C:\Windows\System32\JGDR500.DLL
+ 2002-05-13 14:13:58 144,896 ----a-r C:\Windows\System32\JGDW500.DLL
+ 2002-05-13 14:13:58 15,360 ----a-r C:\Windows\System32\JGEA500.DLL
+ 2002-05-13 14:13:58 39,424 ----a-r C:\Windows\System32\JGED500.DLL
+ 2002-05-13 14:13:58 11,264 ----a-r C:\Windows\System32\JGEM500.DLL
+ 2002-05-13 14:13:58 10,752 ----a-r C:\Windows\System32\JGFI500.DLL
+ 2002-05-13 14:13:58 67,072 ----a-r C:\Windows\System32\JGFR500.DLL
+ 2002-05-13 14:13:58 24,576 ----a-r C:\Windows\System32\JGFS500.DLL
+ 2002-05-13 14:13:58 12,800 ----a-r C:\Windows\System32\JGGI500.DLL
+ 2002-05-13 14:13:58 19,456 ----a-r C:\Windows\System32\JGI1500.DLL
+ 2002-05-13 14:13:58 41,984 ----a-r C:\Windows\System32\JGI3500.DLL
+ 2002-05-13 14:13:58 60,416 ----a-r C:\Windows\System32\JGI5500.DLL
+ 2002-05-13 14:13:58 11,264 ----a-r C:\Windows\System32\JGID500.DLL
+ 2002-05-13 14:13:58 34,304 ----a-r C:\Windows\System32\JGIP500.DLL
+ 2002-05-13 14:13:58 6,656 ----a-r C:\Windows\System32\JGIQ500.DLL
+ 2002-05-13 14:13:58 24,064 ----a-r C:\Windows\System32\JGIT500.DLL
+ 2002-05-13 14:13:58 74,240 ----a-r C:\Windows\System32\JGM1500.DLL
+ 2002-05-13 14:13:58 29,696 ----a-r C:\Windows\System32\JGMC500.DLL
+ 2002-05-13 14:13:58 7,168 ----a-r C:\Windows\System32\JGME500.DLL
+ 2002-05-13 14:13:58 24,576 ----a-r C:\Windows\System32\JGMI500.DLL
+ 2002-05-13 14:13:58 11,264 ----a-r C:\Windows\System32\JGMP500.DLL
+ 2002-05-13 14:13:58 24,064 ----a-r C:\Windows\System32\JGN1500.DLL
+ 2002-05-13 14:13:58 80,384 ----a-r C:\Windows\System32\JGOS500.DLL
+ 2002-05-13 14:13:58 13,824 ----a-r C:\Windows\System32\JGPD500.DLL
+ 2002-05-13 14:13:58 15,872 ----a-r C:\Windows\System32\JGPL500.DLL
+ 2002-05-13 14:13:58 12,288 ----a-r C:\Windows\System32\JGPP500.DLL
+ 2002-05-13 14:13:58 33,280 ----a-r C:\Windows\System32\JGS1500.DLL
+ 2002-05-13 14:13:58 15,360 ----a-r C:\Windows\System32\JGS3500.DLL
+ 2002-05-13 14:13:58 21,504 ----a-r C:\Windows\System32\JGSN500.DLL
+ 2002-05-13 14:13:58 13,312 ----a-r C:\Windows\System32\JGST500.DLL
+ 2002-05-13 14:13:58 10,752 ----a-r C:\Windows\System32\JGAA500.DLL
- 2008-01-19 07:34:35 512,000 ----a-w C:\Windows\System32\jscript.dll
+ 2008-05-08 21:59:28 512,000 ----a-w C:\Windows\System32\jscript.dll
- 2008-04-25 04:35:13 28,160 ----a-w C:\Windows\System32\jsproxy.dll
+ 2008-10-02 03:49:14 28,160 ----a-w C:\Windows\System32\jsproxy.dll
- 2008-01-19 07:34:42 42,496 ----a-w C:\Windows\System32\korwbrkr.dll
+ 2008-05-27 05:17:16 143,872 ----a-w C:\Windows\System32\korwbrkr.dll
+ 2002-01-05 02:48:16 974,848 ----a-w C:\Windows\System32\mfc70.dll
+ 2002-01-05 02:36:38 964,608 ----a-w C:\Windows\System32\mfc70u.dll
- 2008-04-25 04:35:24 64,512 ----a-w C:\Windows\System32\migration\WininetPlugin.dll
+ 2008-02-22 05:01:41 64,512 ----a-w C:\Windows\System32\migration\WininetPlugin.dll
- 2008-01-19 07:34:49 35,328 ----a-w C:\Windows\System32\mimefilt.dll
+ 2008-05-27 05:18:32 40,448 ----a-w C:\Windows\System32\mimefilt.dll
- 2008-05-29 23:35:11 17,486,968 ----a-w C:\Windows\System32\mrt.exe
+ 2008-10-07 19:19:40 16,721,856 ----a-w C:\Windows\System32\mrt.exe
- 2008-04-25 04:35:14 3,578,368 ----a-w C:\Windows\System32\mshtml.dll
+ 2008-10-02 03:49:15 3,578,880 ----a-w C:\Windows\System32\mshtml.dll
- 2008-01-19 07:35:12 23,552 ----a-w C:\Windows\System32\msscb.dll
+ 2008-05-27 05:17:42 34,816 ----a-w C:\Windows\System32\msscb.dll
- 2008-01-19 07:35:12 51,200 ----a-w C:\Windows\System32\msscntrs.dll
+ 2008-05-27 05:17:25 60,416 ----a-w C:\Windows\System32\msscntrs.dll
+ 2008-05-27 05:17:36 11,776 ----a-w C:\Windows\System32\msshooks.dll
- 2008-01-19 07:35:13 248,832 ----a-w C:\Windows\System32\msshsq.dll
+ 2008-05-27 05:18:32 231,936 ----a-w C:\Windows\System32\msshsq.dll
- 2008-01-19 07:35:13 98,304 ----a-w C:\Windows\System32\mssitlb.dll
+ 2008-05-27 05:17:25 87,552 ----a-w C:\Windows\System32\mssitlb.dll
- 2008-01-19 07:35:13 333,824 ----a-w C:\Windows\System32\mssph.dll
+ 2008-05-27 05:18:25 350,208 ----a-w C:\Windows\System32\mssph.dll
- 2008-01-19 07:35:13 167,936 ----a-w C:\Windows\System32\mssphtb.dll
+ 2008-05-27 05:18:55 203,776 ----a-w C:\Windows\System32\mssphtb.dll
- 2008-01-19 07:35:13 32,256 ----a-w C:\Windows\System32\mssprxy.dll
+ 2008-05-27 05:17:26 32,768 ----a-w C:\Windows\System32\mssprxy.dll
- 2008-01-19 07:36:08 1,400,832 ----a-w C:\Windows\System32\mssrch.dll
+ 2008-05-27 05:21:24 1,418,240 ----a-w C:\Windows\System32\mssrch.dll
- 2008-01-19 07:35:13 52,224 ----a-w C:\Windows\System32\msstrc.dll
+ 2008-05-27 05:18:40 44,032 ----a-w C:\Windows\System32\msstrc.dll
- 2008-01-19 07:35:13 1,696,768 ----a-w C:\Windows\System32\mssvp.dll
+ 2008-05-27 05:18:56 670,208 ----a-w C:\Windows\System32\mssvp.dll
- 2008-04-25 04:35:16 671,232 ----a-w C:\Windows\System32\mstime.dll
+ 2008-10-02 03:49:16 671,232 ----a-w C:\Windows\System32\mstime.dll
+ 2002-01-05 01:38:38 54,784 ----a-w C:\Windows\System32\msvci70.dll
+ 2002-01-05 01:40:20 487,424 ----a-w C:\Windows\System32\msvcp70.dll
+ 2002-01-05 01:37:28 344,064 ----a-w C:\Windows\System32\msvcr70.dll
- 2008-01-19 07:35:35 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll
+ 2008-06-26 03:29:06 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll
- 2008-01-19 07:35:35 466,944 ----a-w C:\Windows\System32\netapi32.dll
+ 2008-10-16 04:47:33 466,944 ----a-w C:\Windows\System32\netapi32.dll
+ 2008-10-08 17:23:51 2,456 ----a-w C:\Windows\System32\networklist\icons\{4001EB1F-0028-410C-8587-C530575F7AE1}_24.bin
+ 2008-10-08 17:23:51 4,280 ----a-w C:\Windows\System32\networklist\icons\{4001EB1F-0028-410C-8587-C530575F7AE1}_32.bin
+ 2008-10-08 17:23:51 9,560 ----a-w C:\Windows\System32\networklist\icons\{4001EB1F-0028-410C-8587-C530575F7AE1}_48.bin
+ 2008-08-08 07:19:07 2,456 ----a-w C:\Windows\System32\networklist\icons\{7EB09792-6CB4-40FC-8479-4C80D44F0E65}_24.bin
+ 2008-08-08 07:19:07 4,280 ----a-w C:\Windows\System32\networklist\icons\{7EB09792-6CB4-40FC-8479-4C80D44F0E65}_32.bin
+ 2008-08-08 07:19:07 9,560 ----a-w C:\Windows\System32\networklist\icons\{7EB09792-6CB4-40FC-8479-4C80D44F0E65}_48.bin
+ 2008-07-28 22:17:48 2,456 ----a-w C:\Windows\System32\networklist\icons\{C6CA4B88-C1DB-4EA2-9161-979BFEB14E7D}_24.bin
+ 2008-07-28 22:17:48 4,280 ----a-w C:\Windows\System32\networklist\icons\{C6CA4B88-C1DB-4EA2-9161-979BFEB14E7D}_32.bin
+ 2008-07-28 22:17:48 9,560 ----a-w C:\Windows\System32\networklist\icons\{C6CA4B88-C1DB-4EA2-9161-979BFEB14E7D}_48.bin
- 2008-01-19 07:35:38 122,368 ----a-w C:\Windows\System32\nlhtml.dll
+ 2008-05-27 05:18:30 136,704 ----a-w C:\Windows\System32\nlhtml.dll
- 2006-11-02 08:22:07 12,038,656 ----a-w C:\Windows\System32\NlsLexicons0007.dll
+ 2008-06-26 01:45:43 12,240,896 ----a-w C:\Windows\System32\NlsLexicons0007.dll
- 2006-11-02 08:22:05 2,628,608 ----a-w C:\Windows\System32\NlsLexicons0009.dll
+ 2008-06-26 01:45:55 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll
- 2007-02-22 09:15:12 90,624 ----a-w C:\Windows\System32\nmwcdcls.dll
+ 2007-11-29 08:32:38 48,128 ----a-w C:\Windows\System32\nmwcdcls.dll
- 2008-01-19 07:36:00 194,560 ----a-w C:\Windows\System32\offfilt.dll
+ 2008-05-27 05:17:23 194,560 ----a-w C:\Windows\System32\offfilt.dll
- 2006-11-02 09:46:12 15,360 ----a-w C:\Windows\System32\pacerprf.dll
+ 2008-04-05 03:34:31 15,360 ----a-w C:\Windows\System32\pacerprf.dll
- 2008-06-22 16:31:06 94,724 ----a-w C:\Windows\System32\perfc006.dat
+ 2008-10-30 21:40:33 94,724 ----a-w C:\Windows\System32\perfc006.dat
- 2008-06-22 16:31:06 118,772 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-10-30 21:40:34 118,772 ----a-w C:\Windows\System32\perfc009.dat
- 2008-06-22 16:31:06 509,976 ----a-w C:\Windows\System32\perfh006.dat
+ 2008-10-30 21:40:33 510,052 ----a-w C:\Windows\System32\perfh006.dat
- 2008-06-22 16:31:06 633,886 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-10-30 21:40:34 633,886 ----a-w C:\Windows\System32\perfh009.dat
- 2008-02-01 08:13:32 6,656 ----a-w C:\Windows\System32\pndx5016.dll
+ 2008-08-04 17:49:43 6,656 ----a-w C:\Windows\System32\pndx5016.dll
- 2008-02-01 08:13:32 5,632 ----a-w C:\Windows\System32\pndx5032.dll
+ 2008-08-04 17:49:43 5,632 ----a-w C:\Windows\System32\pndx5032.dll
- 2008-01-19 07:36:11 65,536 ----a-w C:\Windows\System32\propdefs.dll
+ 2008-05-27 05:18:06 71,680 ----a-w C:\Windows\System32\propdefs.dll
- 2008-01-19 07:36:11 750,080 ----a-w C:\Windows\System32\propsys.dll
+ 2008-05-27 05:17:46 754,176 ----a-w C:\Windows\System32\propsys.dll
- 2008-02-01 08:13:39 185,688 ----a-w C:\Windows\System32\rmoc3260.dll
+ 2008-08-04 17:50:34 185,944 ----a-w C:\Windows\System32\rmoc3260.dll
- 2008-01-19 07:36:17 785,408 ----a-w C:\Windows\System32\rpcrt4.dll
+ 2008-04-12 03:32:11 784,896 ----a-w C:\Windows\System32\rpcrt4.dll
- 2008-01-19 07:36:17 26,624 ----a-w C:\Windows\System32\rtffilt.dll
+ 2008-05-27 05:18:30 38,400 ----a-w C:\Windows\System32\rtffilt.dll
- 2008-01-19 07:36:19 180,224 ----a-w C:\Windows\System32\scrobj.dll
+ 2008-05-08 21:59:32 180,224 ----a-w C:\Windows\System32\scrobj.dll
- 2008-01-19 07:36:19 172,032 ----a-w C:\Windows\System32\scrrun.dll
+ 2008-05-08 21:59:32 172,032 ----a-w C:\Windows\System32\scrrun.dll
- 2008-01-19 07:33:28 76,800 ----a-w C:\Windows\System32\SearchFilterHost.exe
+ 2008-05-27 05:17:55 87,552 ----a-w C:\Windows\System32\SearchFilterHost.exe
- 2008-01-19 07:33:28 302,080 ----a-w C:\Windows\System32\SearchIndexer.exe
+ 2008-05-27 05:18:43 439,808 ----a-w C:\Windows\System32\SearchIndexer.exe
- 2008-01-19 07:33:28 179,200 ----a-w C:\Windows\System32\SearchProtocolHost.exe
+ 2008-05-27 05:18:16 184,832 ----a-w C:\Windows\System32\SearchProtocolHost.exe
- 2008-01-19 07:36:10 11,580,416 ----a-w C:\Windows\System32\shell32.dll
+ 2008-04-24 04:58:20 11,580,416 ----a-w C:\Windows\System32\shell32.dll
- 2008-06-12 12:17:27 6,029,312 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2008-10-29 17:09:10 6,029,312 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat
+ 2008-01-19 07:35:25 527,872 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPF900AL.DLL
+ 2008-01-19 07:34:27 1,861,120 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPFIMG50.DLL
+ 2008-01-19 07:34:27 96,768 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPFUD50.DLL
+ 2008-01-19 07:35:25 139,264 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPFUI50.DLL
- 2008-01-19 07:36:35 258,048 ----a-w C:\Windows\System32\srchadmin.dll
+ 2008-05-27 05:17:28 301,568 ----a-w C:\Windows\System32\srchadmin.dll
- 2008-01-19 03:17:42 100,043 ----a-w C:\Windows\System32\StructuredQuerySchema.bin
+ 2008-05-27 04:59:39 106,605 ----a-w C:\Windows\System32\StructuredQuerySchema.bin
- 2006-11-02 06:29:53 18,271 ----a-w C:\Windows\System32\StructuredQuerySchemaTrivial.bin
+ 2008-05-27 04:59:40 18,904 ----a-w C:\Windows\System32\StructuredQuerySchemaTrivial.bin
+ 2006-11-02 09:45:39 31,744 ----a-w C:\Windows\System32\swsc.exe
- 2006-11-02 09:46:13 313,344 ----a-w C:\Windows\System32\thawbrkr.dll
+ 2008-05-27 05:17:16 313,344 ----a-w C:\Windows\System32\thawbrkr.dll
- 2008-01-19 07:36:42 1,505,792 ----a-w C:\Windows\System32\tquery.dll
+ 2008-05-27 05:21:07 1,582,592 ----a-w C:\Windows\System32\tquery.dll
- 2006-11-02 06:58:59 2,048 ----a-w C:\Windows\System32\tzres.dll
+ 2008-07-16 01:32:44 2,048 ----a-w C:\Windows\System32\tzres.dll
- 2008-04-25 04:35:19 1,166,336 ----a-w C:\Windows\System32\urlmon.dll
+ 2008-10-02 03:49:19 1,166,336 ----a-w C:\Windows\System32\urlmon.dll
- 2008-01-19 07:36:47 430,080 ----a-w C:\Windows\System32\vbscript.dll
+ 2008-05-08 21:59:33 430,080 ----a-w C:\Windows\System32\vbscript.dll
- 2008-06-22 16:28:50 9,688 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2630055214-1611927401-1468229949-1003_UserData.bin
+ 2008-10-30 21:56:30 11,314 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2630055214-1611927401-1468229949-1003_UserData.bin
- 2008-06-22 16:28:50 67,396 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-10-30 21:56:29 71,884 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-10-21 23:23:45 2,982 ----a-w C:\Windows\System32\WDI\ERCQueuedResolutions.dat
- 2008-06-22 16:28:47 57,388 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-10-30 21:36:54 65,960 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-06-21 11:53:59 229,392 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2008-10-25 01:00:25 276,264 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2008-01-19 07:33:40 155,648 ----a-w C:\Windows\System32\wscript.exe
+ 2008-05-08 21:59:26 155,648 ----a-w C:\Windows\System32\wscript.exe
- 2008-01-19 07:37:11 27,136 ----a-w C:\Windows\System32\wsepno.dll
+ 2008-05-27 05:18:35 29,184 ----a-w C:\Windows\System32\wsepno.dll
- 2008-01-19 07:37:11 90,112 ----a-w C:\Windows\System32\wshext.dll
+ 2008-05-08 21:59:35 90,112 ----a-w C:\Windows\System32\wshext.dll
- 2008-01-19 07:37:11 534,016 ----a-w C:\Windows\System32\wuapi.dll
+ 2008-07-19 05:09:42 563,912 ----a-w C:\Windows\System32\wuapi.dll
- 2008-01-19 07:33:40 31,232 ----a-w C:\Windows\System32\wuapp.exe
+ 2008-07-18 18:44:32 31,232 ----a-w C:\Windows\System32\wuapp.exe
- 2008-01-19 07:33:40 43,008 ----a-w C:\Windows\System32\wuauclt.exe
+ 2008-07-19 05:10:40 53,448 ----a-w C:\Windows\System32\wuauclt.exe
- 2008-01-19 07:37:11 1,695,232 ----a-w C:\Windows\System32\wuaueng.dll
+ 2008-07-19 05:09:40 1,811,656 ----a-w C:\Windows\System32\wuaueng.dll
- 2008-01-19 07:37:12 1,505,280 ----a-w C:\Windows\System32\wucltux.dll
+ 2008-07-19 03:44:52 1,524,736 ----a-w C:\Windows\System32\wucltux.dll
- 2008-01-19 07:37:12 80,384 ----a-w C:\Windows\System32\wudriver.dll
+ 2008-07-19 03:44:12 83,456 ----a-w C:\Windows\System32\wudriver.dll
- 2008-01-19 07:37:12 23,040 ----a-w C:\Windows\System32\wups.dll
+ 2008-07-19 05:10:18 36,552 ----a-w C:\Windows\System32\wups.dll
- 2008-01-19 07:37:12 32,768 ----a-w C:\Windows\System32\wups2.dll
+ 2008-07-19 05:10:39 45,768 ----a-w C:\Windows\System32\wups2.dll
- 2008-01-19 07:37:12 153,088 ----a-w C:\Windows\System32\wuwebv.dll
+ 2008-07-18 20:08:18 163,904 ----a-w C:\Windows\System32\wuwebv.dll
- 2008-01-19 07:37:12 110,592 ----a-w C:\Windows\System32\xmlfilter.dll
+ 2008-05-27 05:18:32 56,320 ----a-w C:\Windows\System32\xmlfilter.dll
+ 2006-11-02 09:46:16 83,456 ----a-w C:\Windows\System32\xrwc4ppb.dll
+ 2006-11-02 09:46:16 22,016 ----a-w C:\Windows\System32\xrwcppb.dll
+ 2006-11-02 09:46:11 47,104 ----a-w C:\Windows\System32\xrwcscci.dll
+ 2006-11-02 09:46:11 96,768 ----a-w C:\Windows\System32\xrwcscd.dll
+ 2006-11-02 09:46:11 93,184 ----a-w C:\Windows\System32\xrwcscu.dll
+ 2006-11-02 09:46:11 13,312 ----a-w C:\Windows\System32\xrwcstr.dll
+ 2006-11-02 09:46:11 143,360 ----a-w C:\Windows\System32\xrwctmgt.dll
- 2008-06-12 07:59:51 118,991,024 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2008-10-28 21:02:29 140,218,192 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2008-05-27 05:17:28 301,568 ----a-w C:\Windows\winsxs\x86_desktop_shell-search-srchadmin_31bf3856ad364e35_7.0.6001.16503_none_13fcab3737a334c2\srchadmin.dll
+ 2008-07-31 03:34:58 28,160 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6000.16721_none_8006fd7863ac1387\Apphlpdm.dll
+ 2008-07-30 03:11:12 28,160 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6000.20885_none_8053bbe37cf6c053\Apphlpdm.dll
+ 2008-07-31 03:32:38 28,160 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6001.18112_none_81f90c5460c9a1de\Apphlpdm.dll
+ 2008-07-31 03:23:27 28,160 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_6.0.6001.22233_none_826e099179f692e1\Apphlpdm.dll
+ 2008-07-30 23:32:41 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16721_none_0a275bdbf535293c\AcRes.dll
+ 2008-07-29 23:16:45 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.20885_none_0a741a470e7fd608\AcRes.dll
+ 2008-03-08 01:58:43 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6001.18112_none_0c196ab7f252b793\AcRes.dll
+ 2008-07-31 01:03:24 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6001.22233_none_0c8e67f50b7fa896\AcRes.dll
+ 2008-07-31 03:34:58 2,144,256 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6000.16721_none_0a295c6ff5335bea\AcGenral.dll
+ 2008-07-30 03:11:10 2,144,768 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6000.20885_none_0a761adb0e7e08b6\AcGenral.dll
+ 2008-07-31 03:32:38 2,154,496 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6001.18112_none_0c1b6b4bf250ea41\AcGenral.dll
+ 2008-07-31 03:23:20 2,153,984 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6001.22233_none_0c9068890b7ddb44\AcGenral.dll
+ 2008-07-31 03:34:58 449,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6000.16721_none_0a2a5cb9f5327541\AcSpecfc.dll
+ 2008-07-30 03:11:10 450,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6000.20885_none_0a771b250e7d220d\AcSpecfc.dll
+ 2008-07-31 03:32:38 460,288 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6001.18112_none_0c1c6b95f2500398\AcSpecfc.dll
+ 2008-07-31 03:23:21 459,776 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6001.22233_none_0c9168d30b7cf49b\AcSpecfc.dll
+ 2008-07-31 03:34:58 537,600 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.16721_none_0a2b5d03f5318e98\AcLayers.dll
+ 2008-07-31 03:34:58 173,056 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.16721_none_0a2b5d03f5318e98\AcXtrnal.dll
+ 2008-07-30 03:11:10 537,600 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.20885_none_0a781b6f0e7c3b64\AcLayers.dll
+ 2008-07-30 03:11:10 173,056 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.20885_none_0a781b6f0e7c3b64\AcXtrnal.dll
+ 2008-06-12 05:28:53 541,696 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.18112_none_0c1d6bdff24f1cef\AcLayers.dll
+ 2008-07-31 03:32:38 173,056 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.18112_none_0c1d6bdff24f1cef\AcXtrnal.dll
+ 2008-07-31 03:23:21 541,696 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.22233_none_0c92691d0b7c0df2\AcLayers.dll
+ 2008-07-31 03:23:22 173,056 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6001.22233_none_0c92691d0b7c0df2\AcXtrnal.dll
+ 2008-07-16 04:09:38 124,928 ----a-w C:\Windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16717_none_a9e15ad3f5abc778\advpack.dll
+ 2008-10-02 03:49:01 124,928 ----a-w C:\Windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16757_none_a9b61b23f5cc373c\advpack.dll
+ 2008-07-18 03:13:52 124,928 ----a-w C:\Windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20879_none_aa2c18ab0ef84196\advpack.dll
+ 2008-10-02 03:25:49 124,928 ----a-w C:\Windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20927_none_aa6029990ed1805a\advpack.dll
+ 2008-04-19 08:13:07 268,800 ----a-w C:\Windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_0ac2b30954c98430\es.dll
+ 2008-04-19 08:27:37 268,800 ----a-w C:\Windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_0b8e318c6db592d2\es.dll
+ 2008-04-18 05:48:39 269,312 ----a-w C:\Windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_0cbe918751dfdd3f\es.dll
+ 2008-04-18 05:30:29 269,312 ----a-w C:\Windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_0d385cf46b0a1a47\es.dll
+ 2008-05-27 05:18:30 136,704 ----a-w C:\Windows\winsxs\x86_microsoft-windows-content-filter-html_31bf3856ad364e35_7.0.6001.16503_none_13ff1de93d266b97\nlhtml.dll
+ 2008-05-27 05:18:32 56,320 ----a-w C:\Windows\winsxs\x86_microsoft-windows-content-filter-html_31bf3856ad364e35_7.0.6001.16503_none_13ff1de93d266b97\xmlfilter.dll
+ 2008-05-27 05:18:32 40,448 ----a-w C:\Windows\winsxs\x86_microsoft-windows-content-filter-mime_31bf3856ad364e35_7.0.6001.16503_none_10a358dd3f57c0de\mimefilt.dll
+ 2008-05-27 05:17:23 194,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-content-filter-office_31bf3856ad364e35_7.0.6001.16503_none_fab3f42bbfadf408\offfilt.dll
+ 2008-05-27 05:18:30 38,400 ----a-w C:\Windows\winsxs\x86_microsoft-windows-content-filter-rtf_31bf3856ad364e35_7.0.6001.16503_none_485964bf76e0570a\rtffilt.dll
+ 2008-06-26 03:29:02 45,056 ----a-w C:\Windows\winsxs\x86_microsoft-windows-dataclen_31bf3856ad364e35_6.0.6001.18098_none_f64ce87593b7801f\dataclen.dll
+ 2008-06-26 03:15:06 45,056 ----a-w C:\Windows\winsxs\x86_microsoft-windows-dataclen_31bf3856ad364e35_6.0.6001.22211_none_f7260480ac9a8c27\dataclen.dll
+ 2008-05-10 03:35:15 564,736 ----a-w C:\Windows\winsxs\x86_microsoft-windows-e..emorydevicesservice_31bf3856ad364e35_6.0.6001.18069_none_9e540f60f6e2ecf1\emdmgmt.dll
+ 2008-06-26 03:29:02 565,248 ----a-w C:\Windows\winsxs\x86_microsoft-windows-e..emorydevicesservice_31bf3856ad364e35_6.0.6001.18098_none_9e329f52f6fc276d\emdmgmt.dll
+ 2008-05-10 03:17:36 564,736 ----a-w C:\Windows\winsxs\x86_microsoft-windows-e..emorydevicesservice_31bf3856ad364e35_6.0.6001.22176_none_9ecfdb62100b5ca7\emdmgmt.dll
+ 2008-06-26 03:15:30 565,248 ----a-w C:\Windows\winsxs\x86_microsoft-windows-e..emorydevicesservice_31bf3856ad364e35_6.0.6001.22211_none_9f0bbb5e0fdf3375\emdmgmt.dll
+ 2008-09-18 04:56:02 147,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.18145_none_6fe0e04a3ce53cd7\Faultrep.dll
+ 2008-01-19 07:33:35 217,088 ----a-w C:\Windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.18145_none_6fe0e04a3ce53cd7\WerFault.exe
+ 2008-01-19 07:33:35 860,160 ----a-w C:\Windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.18145_none_6fe0e04a3ce53cd7\WerFaultSecure.exe
+ 2008-09-20 04:00:23 147,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.22271_none_70460c29561ecb18\Faultrep.dll
+ 2008-09-20 04:00:16 217,088 ----a-w C:\Windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.22271_none_70460c29561ecb18\WerFault.exe
+ 2008-09-20 04:00:16 860,160 ----a-w C:\Windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.22271_none_70460c29561ecb18\WerFaultSecure.exe
+ 2008-09-18 04:56:07 125,952 ----a-w C:\Windows\winsxs\x86_microsoft-windows-feedback-service_31bf3856ad364e35_6.0.6001.18145_none_79a5b70991018b47\wersvc.dll
+ 2008-09-20 04:00:26 125,952 ----a-w C:\Windows\winsxs\x86_microsoft-windows-feedback-service_31bf3856ad364e35_6.0.6001.22271_none_7a0ae2e8aa3b1988\wersvc.dll
+ 2008-07-31 03:34:59 1,686,528 ----a-w C:\Windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16721_none_400572c0c425beea\gameux.dll
+ 2008-07-30 23:47:04 4,247,552 ----a-w C:\Windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16721_none_400572c0c425beea\GameUXLegacyGDFs.dll
+ 2008-07-30 03:11:51 1,686,528 ----a-w C:\Windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20885_none_4052312bdd706bb6\gameux.dll
+ 2008-07-29 23:31:23 4,247,552 ----a-w C:\Windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20885_none_4052312bdd706bb6\GameUXLegacyGDFs.dll
+ 2008-03-08 04:21:55 1,695,744 ----a-w C:\Windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18112_none_41f7819cc1434d41\gameux.dll
+ 2008-07-31 01:13:15 4,240,384 ----a-w C:\Windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18112_none_41f7819cc1434d41\GameUXLegacyGDFs.dll
+ 2008-07-31 03:25:45 1,695,744 ----a-w C:\Windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22233_none_426c7ed9da703e44\gameux.dll
+ 2008-07-31 01:15:32 4,240,384 ----a-w C:\Windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22233_none_426c7ed9da703e44\GameUXLegacyGDFs.dll
+ 2008-06-27 03:54:48 44,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16711_none_ebd662c7164a156d\pngfilt.dll
+ 2008-10-02 03:49:05 44,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16757_none_ebb124d316651d3b\pngfilt.dll
+ 2008-06-27 03:49:09 44,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20868_none_ec30f1fc2f89f24d\pngfilt.dll
+ 2008-10-02 03:30:07 44,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20927_none_ec5b33482f6a6659\pngfilt.dll
+ 2008-06-27 03:54:49 1,159,680 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16711_none_b2f30b79d9aa8cd1\urlmon.dll
+ 2008-10-02 03:49:06 1,159,680 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16757_none_b2cdcd85d9c5949f\urlmon.dll
+ 2008-06-27 03:49:41 1,162,752 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.20868_none_b34d9aaef2ea69b1\urlmon.dll
+ 2008-10-02 03:30:37 1,162,752 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.20927_none_b377dbfaf2caddbd\urlmon.dll
+ 2008-06-27 04:15:28 1,166,336 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.18099_none_b48acb29d70acadb\urlmon.dll
+ 2008-10-02 03:49:19 1,166,336 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.18148_none_b4bfdc61d6e322f6\urlmon.dll
+ 2008-06-27 03:50:29 1,166,848 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.22212_none_b563e734efedd6e3\urlmon.dll
+ 2008-10-02 03:34:49 1,166,848 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.22278_none_b5290968f0191693\urlmon.dll
+ 2008-06-27 03:54:47 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.16711_none_ded59a427f534c40\mstime.dll
+ 2008-10-02 03:49:04 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.16757_none_deb05c4e7f6e540e\mstime.dll
+ 2008-06-27 03:47:51 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.20868_none_df30297798932920\mstime.dll
+ 2008-10-02 03:28:20 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.20927_none_df5a6ac398739d2c\mstime.dll
+ 2008-06-27 04:15:25 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.18099_none_e06d59f27cb38a4a\mstime.dll
+ 2008-10-02 03:49:16 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.18148_none_e0a26b2a7c8be265\mstime.dll
+ 2008-06-27 03:48:43 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.22212_none_e14675fd95969652\mstime.dll
+ 2008-10-02 03:34:46 671,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.22278_none_e10b983195c1d602\mstime.dll
+ 2008-07-15 23:48:18 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16717_none_135d4bd00c6d4a6b\tzres.dll
+ 2008-07-16 04:09:30 18,944 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.16717_none_135d4bd00c6d4a6b\tzupd.exe
+ 2008-07-15 23:43:45 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.20878_none_13a7095d25baab32\tzres.dll
+ 2008-07-16 01:28:34 18,944 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6000.20878_none_13a7095d25baab32\tzupd.exe
+ 2008-07-16 01:32:44 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18108_none_154f5aac098ad8c2\tzres.dll
+ 2008-01-19 07:33:33 18,944 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18108_none_154f5aac098ad8c2\tzupd.exe
+ 2008-07-16 01:27:35 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22223_none_15be562d22bd31bb\tzres.dll
+ 2008-07-16 01:27:35 18,944 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.22223_none_15be562d22bd31bb\tzupd.exe
+ 2008-06-27 03:54:45 27,648 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\jsproxy.dll
+ 2008-06-27 03:54:49 826,368 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll
+ 2008-06-27 03:54:49 64,512 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\WininetPlugin.dll
+ 2008-10-02 03:49:02 27,648 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\jsproxy.dll
+ 2008-10-02 03:49:06 826,368 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll
+ 2008-10-02 03:49:06 64,512 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\WininetPlugin.dll
+ 2008-06-27 03:47:03 27,648 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\jsproxy.dll
+ 2008-06-27 03:49:46 827,904 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll
+ 2008-06-27 03:49:46 64,512 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\WininetPlugin.dll
+ 2008-10-02 03:27:01 27,648 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\jsproxy.dll
+ 2008-10-02 03:30:45 827,904 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll
+ 2008-10-02 03:30:45 64,512 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\
