Go Back   Cyber Tech Help Support Forums > Software > Malware Removal
Reload this Page slow internet nd popup city
Register FAQ Calendar Search Today's Active Topics Mark Forums Read

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
Page 3 of 3 12 3
 
Topic Tools
  #31  
Old March 27th, 2008, 04:45 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
  
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
- 2005-12-16 02:14:04 1,863,680 -c--a-w C:\WINDOWS\system32\dllcache\ehcm.dll
+ 2006-10-09 21:16:00 1,863,680 ----a-w C:\WINDOWS\system32\dllcache\ehcm.dll
- 2005-12-16 02:06:16 864,256 -c--a-w C:\WINDOWS\system32\dllcache\ehepg.dll
+ 2006-10-09 21:07:44 868,352 ----a-w C:\WINDOWS\system32\dllcache\ehepg.dll
- 2005-12-16 02:14:50 332,288 -c--a-w C:\WINDOWS\system32\dllcache\ehglid.dll
+ 2006-10-09 21:17:04 328,704 ----a-w C:\WINDOWS\system32\dllcache\ehglid.dll
- 2005-12-16 02:18:12 3,219,456 ------w C:\WINDOWS\system32\dllcache\ehshell.exe
+ 2006-10-09 21:19:14 3,223,552 ------w C:\WINDOWS\system32\dllcache\ehshell.exe
- 2005-12-16 02:14:28 558,080 -c----w C:\WINDOWS\system32\dllcache\ehui.dll
+ 2006-10-09 21:16:30 558,592 ------w C:\WINDOWS\system32\dllcache\ehui.dll
- 2005-08-06 04:01:54 356,352 -c----w C:\WINDOWS\system32\dllcache\encdec.dll
+ 2006-10-09 21:12:44 456,192 ------w C:\WINDOWS\system32\dllcache\encdec.dll
- 2007-06-27 14:34:51 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-12-07 02:21:45 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2006-10-14 21:43:18 27,648 ------w C:\WINDOWS\system32\dllcache\FilterPipelinePrintPr oc.dll
- 2004-08-10 04:00:00 123,904 -c--a-w C:\WINDOWS\system32\dllcache\guitrn.dll
+ 2005-04-28 19:16:29 133,120 ----a-w C:\WINDOWS\system32\dllcache\guitrn.dll
+ 2007-12-07 02:21:45 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
- 2007-06-27 08:27:04 63,488 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-12-06 11:00:57 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-06-27 14:34:51 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-12-07 02:21:45 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-06-27 14:34:51 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2007-12-07 02:21:45 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-06-27 07:00:33 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-12-06 04:59:51 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-06-27 14:34:51 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2007-12-07 02:21:45 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2007-06-27 14:34:51 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-12-07 02:21:45 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-06-27 14:34:55 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2007-12-07 02:21:46 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-06-27 14:34:55 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-12-07 02:21:46 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-06-27 14:34:55 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2007-12-07 02:21:46 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2007-06-27 08:27:05 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2007-12-06 11:00:58 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2007-06-27 08:27:30 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-12-06 11:01:25 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2007-08-21 06:15:44 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2007-06-27 14:34:56 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-12-07 02:21:47 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2005-08-04 08:29:52 6,656 -c--a-w C:\WINDOWS\system32\dllcache\laprxy.dll
+ 2006-10-19 03:47:14 11,264 ----a-w C:\WINDOWS\system32\dllcache\LAPRXY.dll
- 2004-08-10 04:00:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\log.dll
+ 2005-04-28 19:16:29 19,968 ----a-w C:\WINDOWS\system32\dllcache\log.dll
- 2005-08-04 08:29:52 96,768 ----a-w C:\WINDOWS\system32\dllcache\logagent.exe
+ 2006-10-19 02:03:58 100,864 ----a-w C:\WINDOWS\system32\dllcache\logagent.exe
- 2006-08-17 12:28:27 721,920 -c----w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2007-11-07 09:26:56 721,920 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll
- 2004-08-10 04:00:00 72,704 ------w C:\WINDOWS\system32\dllcache\magnify.exe
+ 2006-10-04 08:48:36 72,704 ------w C:\WINDOWS\system32\dllcache\magnify.exe
+ 2004-08-10 04:00:00 73,376 -c--a-w C:\WINDOWS\system32\dllcache\mciavi.drv
+ 2004-08-10 04:00:00 25,264 -c--a-w C:\WINDOWS\system32\dllcache\mciseq.drv
+ 2004-08-10 04:00:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\mciwave.drv
- 2004-08-10 04:00:00 201,216 -c--a-w C:\WINDOWS\system32\dllcache\migism.dll
+ 2005-04-28 19:16:29 274,432 ----a-w C:\WINDOWS\system32\dllcache\migism.dll
- 2004-08-10 04:00:00 103,424 ------w C:\WINDOWS\system32\dllcache\migload.exe
+ 2005-04-28 00:12:58 103,424 ----a-w C:\WINDOWS\system32\dllcache\migload.exe
- 2004-08-10 04:00:00 240,128 ------w C:\WINDOWS\system32\dllcache\migwiz.exe
+ 2005-04-28 00:12:57 245,248 ----a-w C:\WINDOWS\system32\dllcache\migwiz.exe
- 2004-08-10 04:00:00 310,272 -c----w C:\WINDOWS\system32\dllcache\mp43dmod.dll
+ 2006-10-19 03:47:14 4,096 ------w C:\WINDOWS\system32\dllcache\MP43DMOD.dll
- 2004-08-10 04:00:00 384,512 -c----w C:\WINDOWS\system32\dllcache\mp4sdmod.dll
+ 2006-10-19 03:47:14 4,096 ------w C:\WINDOWS\system32\dllcache\MP4SDMOD.dll
- 2004-08-10 04:00:00 240,640 -c----w C:\WINDOWS\system32\dllcache\mpg4dmod.dll
+ 2006-10-19 03:47:14 4,096 ------w C:\WINDOWS\system32\dllcache\MPG4DMOD.dll
- 2004-08-10 04:00:00 356,352 -c----w C:\WINDOWS\system32\dllcache\mpvis.dll
+ 2006-10-19 03:47:14 243,712 ------w C:\WINDOWS\system32\dllcache\mpvis.dll
- 2004-08-10 04:00:00 72,960 ----a-w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2007-07-06 10:05:47 72,960 ----a-w C:\WINDOWS\system32\dllcache\mqac.sys
- 2004-08-10 04:00:00 138,240 -c--a-w C:\WINDOWS\system32\dllcache\mqad.dll
+ 2007-07-06 12:46:59 138,240 ----a-w C:\WINDOWS\system32\dllcache\mqad.dll
- 2004-08-10 04:00:00 47,104 -c--a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
+ 2007-07-06 12:46:59 47,104 ----a-w C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2004-08-10 04:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\mqise.dll
+ 2007-07-06 12:46:59 16,896 ----a-w C:\WINDOWS\system32\dllcache\mqise.dll
- 2004-08-10 04:00:00 660,992 -c--a-w C:\WINDOWS\system32\dllcache\mqqm.dll
+ 2007-07-06 12:46:59 660,992 ----a-w C:\WINDOWS\system32\dllcache\mqqm.dll
- 2004-08-10 04:00:00 177,152 -c--a-w C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2007-07-06 12:46:59 177,152 ----a-w C:\WINDOWS\system32\dllcache\mqrt.dll
- 2004-08-10 04:00:00 95,744 -c----w C:\WINDOWS\system32\dllcache\mqsec.dll
+ 2007-07-06 12:46:59 95,744 ------w C:\WINDOWS\system32\dllcache\mqsec.dll
- 2004-08-10 04:00:00 48,640 -c--a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2007-07-06 12:46:59 48,640 ----a-w C:\WINDOWS\system32\dllcache\mqupgrd.dll
- 2004-08-10 04:00:00 471,552 -c----w C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2007-07-06 12:46:59 471,552 ------w C:\WINDOWS\system32\dllcache\mqutil.dll
- 2004-08-10 04:00:00 181,248 -c----w C:\WINDOWS\system32\dllcache\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 ------w C:\WINDOWS\system32\dllcache\mrxdav.sys
- 2007-06-27 14:34:56 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2007-12-07 02:21:47 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-06-27 14:34:56 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2007-12-07 02:21:47 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2007-07-19 06:59:59 3,583,488 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-12-08 05:21:48 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-06-27 14:34:57 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-12-07 02:21:47 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2005-08-04 08:29:52 115,200 -c--a-w C:\WINDOWS\system32\dllcache\msnetobj.dll
+ 2006-10-19 03:47:16 179,712 ----a-w C:\WINDOWS\system32\dllcache\msnetobj.dll
- 2005-08-04 08:29:52 25,088 -c--a-w C:\WINDOWS\system32\dllcache\mspmsnsv.dll
+ 2006-10-19 03:47:16 27,136 ----a-w C:\WINDOWS\system32\dllcache\mspmsnsv.dll
- 2005-08-04 08:29:52 173,568 -c--a-w C:\WINDOWS\system32\dllcache\mspmsp.dll
+ 2006-10-19 03:47:16 175,616 ----a-w C:\WINDOWS\system32\dllcache\mspmsp.dll
- 2007-06-27 14:34:58 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-12-07 02:21:48 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2005-08-04 08:29:52 353,520 -c--a-w C:\WINDOWS\system32\dllcache\msscp.dll
+ 2006-12-04 21:21:50 414,720 ----a-w C:\WINDOWS\system32\dllcache\msscp.dll
- 2007-06-27 14:34:58 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-12-07 02:21:48 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2005-12-16 02:13:54 1,669,632 -c----w C:\WINDOWS\system32\dllcache\msvidctl.dll
+ 2006-10-09 21:15:52 1,669,632 ------w C:\WINDOWS\system32\dllcache\msvidctl.dll
- 2005-08-04 08:29:52 315,904 -c--a-w C:\WINDOWS\system32\dllcache\mswmdm.dll
+ 2006-10-19 03:47:16 321,536 ----a-w C:\WINDOWS\system32\dllcache\mswmdm.dll
- 2004-08-10 04:00:00 53,760 ------w C:\WINDOWS\system32\dllcache\narrator.exe
+ 2006-10-04 08:48:36 53,760 ------w C:\WINDOWS\system32\dllcache\narrator.exe
+ 2005-04-19 23:54:04 14,592 ------w C:\WINDOWS\system32\dllcache\ndisuio.sys
- 2007-06-27 14:34:58 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2007-12-07 02:21:48 102,912 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2007-05-17 11:28:05 549,376 ------w C:\WINDOWS\system32\dllcache\oleaut32.dll
+ 2007-12-04 18:38:13 550,912 ------w C:\WINDOWS\system32\dllcache\oleaut32.dll
- 2004-08-10 04:00:00 215,552 ------w C:\WINDOWS\system32\dllcache\osk.exe
+ 2006-10-04 08:48:37 215,552 ------w C:\WINDOWS\system32\dllcache\osk.exe
- 2004-08-10 04:00:00 116,224 -c--a-w C:\WINDOWS\system32\dllcache\p2p.dll
+ 2006-10-11 16:24:45 153,088 ----a-w C:\WINDOWS\system32\dllcache\p2p.dll
- 2004-08-10 04:00:00 86,016 -c--a-w C:\WINDOWS\system32\dllcache\p2pgasvc.dll
+ 2006-10-11 16:24:45 104,960 ----a-w C:\WINDOWS\system32\dllcache\p2pgasvc.dll
- 2004-08-10 04:00:00 312,320 -c--a-w C:\WINDOWS\system32\dllcache\p2pgraph.dll
+ 2006-10-11 16:24:45 313,344 ----a-w C:\WINDOWS\system32\dllcache\p2pgraph.dll
- 2004-08-10 04:00:00 88,064 -c--a-w C:\WINDOWS\system32\dllcache\p2pnetsh.dll
+ 2006-10-11 16:24:45 116,224 ----a-w C:\WINDOWS\system32\dllcache\p2pnetsh.dll
- 2004-08-10 04:00:00 526,848 -c--a-w C:\WINDOWS\system32\dllcache\p2psvc.dll
+ 2006-10-11 16:24:45 553,984 ----a-w C:\WINDOWS\system32\dllcache\p2psvc.dll
- 2004-08-10 04:00:00 48,640 -c--a-w C:\WINDOWS\system32\dllcache\pnrpnsp.dll
+ 2006-10-11 16:24:45 58,880 ----a-w C:\WINDOWS\system32\dllcache\pnrpnsp.dll
+ 2006-10-14 21:44:44 671,744 ------w C:\WINDOWS\system32\dllcache\PrintFilterPipelineSv c.exe
- 2005-08-06 04:01:54 239,104 ----a-w C:\WINDOWS\system32\dllcache\psisdecd.dll
+ 2006-10-09 21:12:14 235,008 ----a-w C:\WINDOWS\system32\dllcache\psisdecd.dll
- 2005-08-04 08:29:52 221,184 -c--a-w C:\WINDOWS\system32\dllcache\qasf.dll
+ 2006-10-19 03:47:18 211,456 ----a-w C:\WINDOWS\system32\dllcache\qasf.dll
- 2005-08-30 11:13:42 1,287,680 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2007-10-29 22:35:13 1,287,680 ------w C:\WINDOWS\system32\dllcache\quartz.dll
- 2004-08-10 04:00:00 581,120 -c----w C:\WINDOWS\system32\dllcache\rpcrt4.dll
+ 2007-07-09 13:16:16 582,656 ----a-w C:\WINDOWS\system32\dllcache\rpcrt4.dll
- 2005-08-06 04:01:54 282,112 -c----w C:\WINDOWS\system32\dllcache\sbe.dll
+ 2006-10-09 21:12:40 291,840 ------w C:\WINDOWS\system32\dllcache\sbe.dll
- 2004-08-10 04:00:00 202,752 -c--a-w C:\WINDOWS\system32\dllcache\script.dll
+ 2005-04-28 19:16:29 215,552 ----a-w C:\WINDOWS\system32\dllcache\script.dll
- 2006-10-02 19:30:10 819,200 ------w C:\WINDOWS\system32\dllcache\setup_wm.exe
+ 2006-11-02 00:31:38 1,669,120 ------w C:\WINDOWS\system32\dllcache\setup_wm.exe
- 2006-12-19 21:52:18 8,453,632 -c----w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2007-10-26 03:34:01 8,460,288 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
- 2004-08-10 04:00:00 168,960 -c--a-w C:\WINDOWS\system32\dllcache\sysmod.dll
+ 2005-04-28 19:16:29 193,024 ----a-w C:\WINDOWS\system32\dllcache\sysmod.dll
+ 2004-08-10 04:00:00 3,360 -c--a-w C:\WINDOWS\system32\dllcache\system.drv
- 2006-04-20 11:51:50 359,808 -c----w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2007-10-30 17:20:55 360,064 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2004-08-10 04:00:00 4,048 -c--a-w C:\WINDOWS\system32\dllcache\timer.drv
- 2004-08-10 04:00:00 35,840 -c--a-w C:\WINDOWS\system32\dllcache\umandlg.dll
+ 2006-10-04 13:33:38 35,840 ----a-w C:\WINDOWS\system32\dllcache\umandlg.dll
- 2004-08-10 04:00:00 192,512 ------w C:\WINDOWS\system32\dllcache\unregmp2.exe
+ 2007-06-27 03:10:26 317,440 ------w C:\WINDOWS\system32\dllcache\unregmp2.exe
- 2007-06-27 14:34:58 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2007-12-07 02:21:48 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
- 2007-06-27 14:34:58 1,152,000 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-12-07 02:21:48 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2004-08-10 04:00:00 50,176 ------w C:\WINDOWS\system32\dllcache\utilman.exe
Reply With Quote
  #32  
Old March 27th, 2008, 04:46 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
  
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
+ 2006-10-04 08:48:37 50,176 ------w C:\WINDOWS\system32\dllcache\utilman.exe
+ 2004-08-04 14:56:58 23,552 -c--a-w C:\WINDOWS\system32\dllcache\wdmaud.drv
- 2007-06-27 14:34:59 232,960 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-12-07 02:21:48 233,472 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2004-08-10 04:00:00 13,600 -c--a-w C:\WINDOWS\system32\dllcache\wfwnet.drv
- 2007-06-27 14:34:59 823,808 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-12-07 02:21:48 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2004-08-10 04:00:00 146,432 -c--a-w C:\WINDOWS\system32\dllcache\winspool.drv
- 2005-08-04 08:29:52 359,936 -c--a-w C:\WINDOWS\system32\dllcache\wmadmod.dll
+ 2006-10-19 03:47:18 757,248 ----a-w C:\WINDOWS\system32\dllcache\WMADMOD.dll
- 2005-08-04 08:29:52 716,288 -c--a-w C:\WINDOWS\system32\dllcache\wmadmoe.dll
+ 2006-10-19 03:47:18 1,117,696 ----a-w C:\WINDOWS\system32\dllcache\WMADMOE.dll
- 2005-08-04 08:29:52 227,840 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2007-10-27 22:40:30 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
- 2005-08-04 08:29:52 29,184 -c--a-w C:\WINDOWS\system32\dllcache\wmdmlog.dll
+ 2006-10-19 03:47:18 33,792 ----a-w C:\WINDOWS\system32\dllcache\wmdmlog.dll
- 2005-08-04 08:29:52 37,376 -c--a-w C:\WINDOWS\system32\dllcache\wmdmps.dll
+ 2006-10-19 03:47:18 37,376 ----a-w C:\WINDOWS\system32\dllcache\wmdmps.dll
- 2004-08-10 04:00:00 189,440 -c----w C:\WINDOWS\system32\dllcache\wmerror.dll
+ 2006-10-19 03:47:20 227,328 ------w C:\WINDOWS\system32\dllcache\wmerror.dll
- 2005-08-04 08:29:52 150,016 -c--a-w C:\WINDOWS\system32\dllcache\wmidx.dll
+ 2006-10-19 03:47:20 157,184 ----a-w C:\WINDOWS\system32\dllcache\wmidx.dll
- 2005-08-04 08:29:52 988,672 -c--a-w C:\WINDOWS\system32\dllcache\wmnetmgr.dll
+ 2006-10-19 03:47:20 937,984 ----a-w C:\WINDOWS\system32\dllcache\WMNetMgr.dll
- 2007-04-30 13:20:24 5,537,792 ------w C:\WINDOWS\system32\dllcache\wmp.dll
+ 2007-06-12 04:51:12 10,834,944 ------w C:\WINDOWS\system32\dllcache\wmp.dll
- 2004-08-10 04:00:00 131,072 -c----w C:\WINDOWS\system32\dllcache\wmpasf.dll
+ 2006-10-19 03:47:20 242,688 ------w C:\WINDOWS\system32\dllcache\wmpasf.dll
- 2004-08-10 04:00:00 77,824 -c----w C:\WINDOWS\system32\dllcache\wmpband.dll
+ 2006-10-19 03:47:20 96,256 ------w C:\WINDOWS\system32\dllcache\wmpband.dll
- 2004-08-10 04:00:00 278,528 -c----w C:\WINDOWS\system32\dllcache\wmpdxm.dll
+ 2006-10-19 03:47:20 314,880 ------w C:\WINDOWS\system32\dllcache\wmpdxm.dll
- 2005-06-24 01:09:49 73,728 ------w C:\WINDOWS\system32\dllcache\wmplayer.exe
+ 2006-10-19 03:46:20 64,000 ------w C:\WINDOWS\system32\dllcache\wmplayer.exe
- 2005-06-24 01:15:30 3,371,008 -c----w C:\WINDOWS\system32\dllcache\wmploc.dll
+ 2006-10-19 03:47:20 8,231,936 ------w C:\WINDOWS\system32\dllcache\wmploc.dll
- 2004-08-10 04:00:00 81,920 -c----w C:\WINDOWS\system32\dllcache\wmpshell.dll
+ 2006-10-19 03:47:20 99,840 ------w C:\WINDOWS\system32\dllcache\wmpshell.dll
- 2005-08-04 08:29:52 771,584 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll
+ 2006-10-19 03:47:22 4,096 ----a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll
- 2005-08-04 08:29:52 1,119,744 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll
+ 2006-10-19 03:47:22 4,096 ----a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll
- 2005-08-04 08:29:54 407,552 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmod.dll
+ 2006-10-19 03:47:22 603,648 ----a-w C:\WINDOWS\system32\dllcache\WMSPDMOD.dll
- 2005-08-04 08:29:54 940,544 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmoe.dll
+ 2006-10-19 03:47:22 1,329,152 ----a-w C:\WINDOWS\system32\dllcache\WMSPDMOE.dll
- 2006-12-07 04:14:51 2,330,624 -c--a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
+ 2006-10-19 03:47:22 2,450,944 ----a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
- 2005-08-04 08:29:54 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll
+ 2006-10-19 03:47:22 4,096 ----a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll
- 2005-08-04 08:29:54 1,003,008 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll
+ 2006-10-19 03:47:22 4,096 ----a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll
+ 2005-04-20 19:21:33 52,736 ------w C:\WINDOWS\system32\dllcache\wzcsapi.dll
+ 2005-04-20 19:21:33 474,624 ------w C:\WINDOWS\system32\dllcache\wzcsvc.dll
+ 2006-10-15 01:21:58 580,352 ------w C:\WINDOWS\system32\dllcache\XPSSHHDR.dll
+ 2006-10-15 01:22:00 1,698,048 ------w C:\WINDOWS\system32\dllcache\XpsSvcs.dll
+ 2007-09-29 07:19:32 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
+ 2007-09-29 08:06:00 2,456,064 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
- 2007-07-28 19:02:53 820,928 ----a-w C:\WINDOWS\system32\drivers\avg7core.sys
+ 2008-03-10 10:21:39 821,856 ----a-w C:\WINDOWS\system32\drivers\avg7core.sys
- 2007-07-28 19:02:55 3,968 ----a-w C:\WINDOWS\system32\drivers\avgclean.sys
+ 2008-03-10 10:21:44 10,760 ----a-w C:\WINDOWS\system32\drivers\avgclean.sys
- 2007-07-28 19:02:55 19,904 ----a-w C:\WINDOWS\system32\drivers\avgmfx86.sys
+ 2008-03-10 10:21:39 26,952 ----a-w C:\WINDOWS\system32\drivers\avgmfx86.sys
- 2006-05-16 18:37:50 229,376 ----a-w C:\WINDOWS\system32\drivers\e1e5132.sys
+ 2007-12-12 02:34:40 242,320 ----a-w C:\WINDOWS\system32\drivers\e1e5132.sys
+ 2007-10-11 17:55:40 27,672 ----a-r C:\WINDOWS\system32\drivers\Entech.sys
- 2007-01-13 16:33:18 5,672,032 ----a-w C:\WINDOWS\system32\drivers\igxpmp32.sys
+ 2006-10-06 20:24:00 1,181,824 ----a-w C:\WINDOWS\system32\drivers\igxpmp32.sys
+ 2007-07-19 20:10:28 127,768 ----a-w C:\WINDOWS\system32\drivers\klif.sys
- 2004-08-10 04:00:00 72,960 -c----w C:\WINDOWS\system32\drivers\mqac.sys
+ 2007-07-06 10:05:47 72,960 ------w C:\WINDOWS\system32\drivers\mqac.sys
- 2004-08-10 04:00:00 181,248 ------w C:\WINDOWS\system32\drivers\mrxdav.sys
+ 2007-12-18 09:51:35 179,584 ------w C:\WINDOWS\system32\drivers\mrxdav.sys
- 2007-03-27 00:21:06 4,395,008 ----a-r C:\WINDOWS\system32\drivers\RtkHDAud.sys
+ 2007-10-25 11:29:00 4,623,872 ----a-w C:\WINDOWS\system32\drivers\RtkHDAud.sys
- 2004-08-10 04:00:00 27,440 ------w C:\WINDOWS\system32\drivers\secdrv.sys
+ 2007-11-13 10:25:53 20,480 ------w C:\WINDOWS\system32\drivers\secdrv.sys
+ 2001-10-16 14:19:18 58,032 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
- 2006-04-20 11:51:50 359,808 ------w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2007-10-30 17:20:55 360,064 ------w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2006-10-19 03:47:22 671,232 ------w C:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll
- 2006-03-03 12:33:01 18,944 -c--a-w C:\WINDOWS\system32\drivers\wpdusb.sys
+ 2006-10-19 02:00:00 38,528 ----a-w C:\WINDOWS\system32\drivers\wpdusb.sys
+ 2006-09-29 00:55:50 77,568 ------w C:\WINDOWS\system32\drivers\WudfPf.sys
+ 2006-09-29 01:00:34 82,944 ------w C:\WINDOWS\system32\drivers\WudfRd.sys
- 2005-08-04 08:29:52 178,936 ----a-w C:\WINDOWS\system32\drmupgds.exe
+ 2006-10-19 02:00:46 249,856 ----a-w C:\WINDOWS\system32\drmupgds.exe
- 2006-03-03 12:26:57 581,632 ----a-w C:\WINDOWS\system32\drmv2clt.dll
+ 2006-10-19 03:47:10 991,744 ----a-w C:\WINDOWS\system32\drmv2clt.dll
+ 2006-08-10 20:05:26 312,320 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\difx32.dll
+ 2006-10-06 18:09:08 81,920 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\hccutils.dll
+ 2006-10-06 18:13:28 114,688 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\hkcmd.exe
+ 2006-10-06 18:38:10 1,323,008 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\ig4dev32.dll
+ 2006-10-06 18:34:26 2,383,872 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\ig4icd32.dll
+ 2006-10-06 18:13:10 450,560 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igfxcfg.exe
+ 2006-10-06 18:09:04 155,648 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igfxdev.dll
+ 2006-10-06 18:10:00 98,304 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igfxdo.dll
+ 2006-10-06 18:13:38 23,552 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igfxexps.dll
+ 2006-10-06 18:13:36 122,880 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igfxext.exe
+ 2006-10-06 18:10:06 94,208 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igfxpers.exe
+ 2006-10-06 18:09:52 163,840 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igfxpph.dll
+ 2006-10-06 18:10:14 3,276,800 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igfxress.dll
+ 2006-10-06 18:09:34 44,032 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igfxsrvc.dll
+ 2006-10-06 18:09:32 192,512 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igfxsrvc.exe
+ 2006-10-06 18:11:10 98,304 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igfxtray.exe
+ 2006-10-06 18:10:56 106,496 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igfxzoom.exe
+ 2006-10-06 18:53:52 454,656 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igldev32.dll
+ 2006-10-06 18:51:22 2,363,392 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\iglicd32.dll
+ 2006-10-06 20:24:02 447,120 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igmedkrn.dll
+ 2006-10-06 21:19:12 200,704 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igxpco32.dll
+ 2006-10-06 20:22:54 1,442,848 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igxpdv32.dll
+ 2006-10-06 20:24:42 2,262,528 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igxpdx32.dll
+ 2006-10-06 20:23:22 146,432 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igxpgd32.dll
+ 2006-10-06 20:24:00 1,181,824 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igxpmp32.sys
+ 2006-10-06 20:23:32 53,248 -c--a-w C:\WINDOWS\system32\DRVSTORE\igxp32_D83ECED70A0AD3 146D15FE5C1BEA6B19F7B6FC8F\igxprd32.dll
- 2006-10-17 17:58:06 346,624 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2007-12-19 23:01:06 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2006-10-17 17:57:50 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2007-12-07 02:21:45 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2006-10-21 02:29:46 69,408 ----a-w C:\WINDOWS\system32\dxva2.dll
- 2006-05-04 17:59:54 253,952 -c--a-w C:\WINDOWS\system32\e1000msg.dll
+ 2007-12-15 01:06:06 121,440 ----a-w C:\WINDOWS\system32\e1000msg.dll
- 2005-08-06 04:01:54 356,352 ------w C:\WINDOWS\system32\encdec.dll
+ 2006-10-09 21:12:44 456,192 ------w C:\WINDOWS\system32\encdec.dll
+ 2007-12-13 12:05:48 531,248 ----a-w C:\WINDOWS\system32\es.scr
+ 2006-10-21 02:30:00 478,496 ----a-w C:\WINDOWS\system32\evr.dll
- 2007-06-27 14:34:51 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2007-12-07 02:21:45 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2000-08-31 13:00:00 73,728 ----a-w C:\WINDOWS\system32\fdsv.exe
Reply With Quote
  #33  
Old March 27th, 2008, 04:49 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
  
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
- 2007-09-01 01:29:05 216,856 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-03-11 06:40:59 1,544,808 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2007-10-11 17:55:40 65,536 ----a-r C:\WINDOWS\system32\Futuremark\MSC\Direcpll.dll
+ 2000-08-31 13:00:00 80,412 ----a-w C:\WINDOWS\system32\grep.exe
+ 2006-05-31 19:21:22 24,064 --s---w C:\WINDOWS\system32\GuiStateShare.DLL
- 2007-01-13 15:46:08 102,400 ----a-w C:\WINDOWS\system32\hccutils.dll
+ 2006-10-06 18:09:08 81,920 ----a-w C:\WINDOWS\system32\hccutils.dll
- 2007-01-13 15:47:04 163,840 ----a-w C:\WINDOWS\system32\hkcmd.exe
+ 2006-10-06 18:13:28 114,688 ----a-w C:\WINDOWS\system32\hkcmd.exe
+ 2006-10-30 08:33:58 556,296 ----a-w C:\WINDOWS\system32\icardagt.exe
- 2006-10-17 17:58:20 61,952 -c----w C:\WINDOWS\system32\icardie.dll
+ 2007-12-07 02:21:45 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2006-10-30 08:33:58 9,480 ----a-w C:\WINDOWS\system32\icardres.dll
- 2007-06-27 08:27:04 63,488 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2007-12-06 11:00:57 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2007-06-27 14:34:51 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2007-12-07 02:21:45 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2007-06-27 14:34:51 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2007-12-07 02:21:45 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2007-06-27 07:00:33 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2007-12-06 04:59:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2007-06-27 14:34:51 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2007-12-07 02:21:45 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2007-06-27 14:34:51 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2007-12-07 02:21:45 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2007-06-27 14:34:55 6,058,496 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2007-12-07 02:21:46 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-06-27 14:34:55 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2007-12-07 02:21:46 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2007-06-27 14:34:55 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2007-12-07 02:21:46 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-06-27 08:27:05 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-12-06 11:00:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2005-10-29 04:49:40 151,552 ------w C:\WINDOWS\system32\ifxcardm.dll
- 2007-01-13 15:58:24 1,437,696 -c--a-w C:\WINDOWS\system32\ig4dev32.dll
+ 2006-10-06 18:38:10 1,323,008 ----a-w C:\WINDOWS\system32\ig4dev32.dll
- 2007-01-13 15:56:00 2,383,872 -c--a-w C:\WINDOWS\system32\ig4icd32.dll
+ 2006-10-06 18:34:26 2,383,872 ----a-w C:\WINDOWS\system32\ig4icd32.dll
- 2007-01-13 15:48:16 528,384 ----a-w C:\WINDOWS\system32\igfxcfg.exe
+ 2006-10-06 18:13:10 450,560 ----a-w C:\WINDOWS\system32\igfxcfg.exe
- 2007-01-13 15:46:04 204,800 ----a-w C:\WINDOWS\system32\igfxdev.dll
+ 2006-10-06 18:09:04 155,648 ----a-w C:\WINDOWS\system32\igfxdev.dll
- 2007-01-13 15:46:34 135,168 -c--a-w C:\WINDOWS\system32\igfxdo.dll
+ 2006-10-06 18:10:00 98,304 ----a-w C:\WINDOWS\system32\igfxdo.dll
- 2007-01-13 15:46:36 24,576 ----a-w C:\WINDOWS\system32\igfxexps.dll
+ 2006-10-06 18:13:38 23,552 ----a-w C:\WINDOWS\system32\igfxexps.dll
- 2007-01-13 15:46:34 163,840 ----a-w C:\WINDOWS\system32\igfxext.exe
+ 2006-10-06 18:13:36 122,880 ----a-w C:\WINDOWS\system32\igfxext.exe
- 2007-01-13 15:46:36 135,168 ----a-w C:\WINDOWS\system32\igfxpers.exe
+ 2006-10-06 18:10:06 94,208 ----a-w C:\WINDOWS\system32\igfxpers.exe
- 2007-01-13 15:46:42 200,704 ----a-w C:\WINDOWS\system32\igfxpph.dll
+ 2006-10-06 18:09:52 163,840 ----a-w C:\WINDOWS\system32\igfxpph.dll
- 2007-01-13 15:45:54 172,032 ----a-w C:\WINDOWS\system32\igfxres.dll
+ 2006-10-06 18:09:14 155,648 ----a-w C:\WINDOWS\system32\igfxres.dll
- 2007-01-13 15:45:54 3,293,184 ----a-w C:\WINDOWS\system32\igfxress.dll
+ 2006-10-06 18:10:14 3,276,800 ----a-w C:\WINDOWS\system32\igfxress.dll
- 2007-01-13 15:46:26 46,080 ----a-w C:\WINDOWS\system32\igfxsrvc.dll
+ 2006-10-06 18:09:34 44,032 ----a-w C:\WINDOWS\system32\igfxsrvc.dll
- 2007-01-13 15:46:24 241,664 ----a-w C:\WINDOWS\system32\igfxsrvc.exe
+ 2006-10-06 18:09:32 192,512 ----a-w C:\WINDOWS\system32\igfxsrvc.exe
- 2007-01-13 15:47:04 131,072 ----a-w C:\WINDOWS\system32\igfxtray.exe
+ 2006-10-06 18:11:10 98,304 ----a-w C:\WINDOWS\system32\igfxtray.exe
- 2007-01-13 15:46:18 163,840 ----a-w C:\WINDOWS\system32\igfxzoom.exe
+ 2006-10-06 18:10:56 106,496 ----a-w C:\WINDOWS\system32\igfxzoom.exe
- 2007-01-13 16:33:20 650,608 ----a-w C:\WINDOWS\system32\igmedkrn.dll
+ 2006-10-06 20:24:02 447,120 ----a-w C:\WINDOWS\system32\igmedkrn.dll
- 2007-01-13 16:32:40 1,563,776 ----a-w C:\WINDOWS\system32\igxpdv32.dll
+ 2006-10-06 20:22:54 1,442,848 ----a-w C:\WINDOWS\system32\igxpdv32.dll
- 2007-01-13 16:33:46 2,482,688 ----a-w C:\WINDOWS\system32\igxpdx32.dll
+ 2006-10-06 20:24:42 2,262,528 ----a-w C:\WINDOWS\system32\igxpdx32.dll
- 2007-01-13 16:32:54 149,504 ----a-w C:\WINDOWS\system32\igxpgd32.dll
+ 2006-10-06 20:23:22 146,432 ----a-w C:\WINDOWS\system32\igxpgd32.dll
- 2007-01-13 16:33:00 57,344 ----a-w C:\WINDOWS\system32\igxprd32.dll
+ 2006-10-06 20:23:32 53,248 ----a-w C:\WINDOWS\system32\igxprd32.dll
- 2007-01-19 16:14:24 389,120 ----a-w C:\WINDOWS\system32\igxpun.exe
+ 2006-10-13 21:23:06 364,544 ----a-w C:\WINDOWS\system32\igxpun.exe
- 2007-05-16 15:12:02 683,520 ------w C:\WINDOWS\system32\inetcomm.dll
+ 2007-08-21 06:15:44 683,520 ------w C:\WINDOWS\system32\inetcomm.dll
+ 2006-10-30 08:33:58 83,968 ----a-w C:\WINDOWS\system32\infocardapi.dll
- 2005-11-11 01:27:06 49,248 ----a-w C:\WINDOWS\system32\java.exe
+ 2007-09-25 04:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2005-11-11 01:27:16 49,250 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2007-09-25 04:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2005-11-11 03:03:54 127,078 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2007-09-25 05:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
- 2007-06-27 14:34:56 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-12-07 02:21:47 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2007-01-19 16:14:36 50,688 -c--a-w C:\WINDOWS\system32\Lang\HDMI\ENU\HDMIENU.dll
+ 2006-10-13 21:23:14 61,440 ----a-w C:\WINDOWS\system32\Lang\HDMI\ENU\HDMIENU.dll
+ 2004-08-10 04:00:00 221,600 -c----w C:\WINDOWS\system32\lanman.drv
- 2005-08-04 08:29:52 6,656 -c--a-w C:\WINDOWS\system32\laprxy.dll
+ 2006-10-19 03:47:14 11,264 ----a-w C:\WINDOWS\system32\LAPRXY.dll
- 2007-03-15 23:19:28 1,476,992 ------w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2007-10-11 20:12:48 1,468,968 ------w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2007-11-14 21:04:46 796,048 ----a-w C:\WINDOWS\system32\libeay32_0.9.6l.dll
- 2005-08-04 08:29:52 96,768 ----a-w C:\WINDOWS\system32\logagent.exe
+ 2006-10-19 02:03:58 100,864 ----a-w C:\WINDOWS\system32\logagent.exe
- 2006-08-17 12:28:27 721,920 ------w C:\WINDOWS\system32\lsasrv.dll
+ 2007-11-07 09:26:56 721,920 ------w C:\WINDOWS\system32\lsasrv.dll
- 2007-05-02 17:32:04 182,512 ----a-w C:\WINDOWS\system32\Macromed\Director\swdir.dll
+ 2008-01-07 17:26:46 181,672 ----a-w C:\WINDOWS\system32\Macromed\Director\swdir.dll
+ 2007-11-20 22:52:00 2,884,992 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2007-11-20 22:52:00 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUt il.exe
- 2007-04-30 22:11:28 585,728 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
+ 2008-01-04 00:19:34 581,632 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
- 2007-04-30 21:08:40 1,490,944 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\dirapi.dll
+ 2008-01-04 00:01:46 1,490,944 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\dirapi.dll
- 2007-04-30 21:30:38 24,576 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2008-01-04 00:20:14 24,576 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll
- 2007-04-30 21:47:02 1,089,024 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gi.dll
+ 2008-01-04 00:39:06 1,113,600 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gi.dll
- 2007-04-30 20:47:42 52,288 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gtapi.dll
+ 2008-01-03 23:46:46 52,288 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gtapi.dll
- 2007-04-30 21:05:32 606,208 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\iml32.dll
+ 2008-01-03 23:59:14 606,208 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\iml32.dll
- 2007-04-30 22:11:22 339,968 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll
+ 2008-01-04 00:18:56 339,968 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll
- 2007-04-30 22:11:24 483,328 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll
+ 2008-01-04 00:19:06 475,136 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll
- 2007-04-30 22:11:30 180,224 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll
+ 2008-01-04 00:11:48 180,224 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll
+ 2007-08-07 23:20:28 391,144 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwHelper_1020023.exe
+ 2008-01-07 17:26:28 390,568 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwHelper_1030024.exe
- 2007-04-30 21:33:00 77,824 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe
+ 2008-01-04 00:22:06 77,824 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe
- 2007-04-30 21:29:00 86,016 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwMenu.dll
+ 2008-01-04 00:18:50 86,016 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwMenu.dll
- 2007-04-30 21:33:00 98,304 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2008-01-04 00:22:08 98,304 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2008-01-03 23:46:44 50,808 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SYMCCHECKER.DLL
- 1999-06-25 15:55:30 149,504 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE
+ 1999-06-25 16:55:30 149,504 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE
Reply With Quote
  #34  
Old March 27th, 2008, 04:49 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
  
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
- 2004-08-10 04:00:00 72,704 ------w C:\WINDOWS\system32\magnify.exe
+ 2006-10-04 08:48:36 72,704 ------w C:\WINDOWS\system32\magnify.exe
+ 2004-08-10 04:00:00 73,376 -c----w C:\WINDOWS\system32\mciavi.drv
+ 2004-08-10 04:00:00 25,264 -c----w C:\WINDOWS\system32\mciseq.drv
+ 2004-08-10 04:00:00 28,160 -c----w C:\WINDOWS\system32\mciwave.drv
- 2005-08-04 08:29:52 106,496 ----a-w C:\WINDOWS\system32\mfplat.dll
+ 2006-10-19 03:47:14 212,992 ----a-w C:\WINDOWS\system32\MFPLAT.dll
+ 2006-10-21 02:30:06 1,980,704 ----a-w C:\WINDOWS\system32\milcore.dll
+ 2006-10-19 03:47:14 259,072 ------w C:\WINDOWS\system32\MP43DECD.dll
- 2004-08-10 04:00:00 310,272 ------w C:\WINDOWS\system32\mp43dmod.dll
+ 2006-10-19 03:47:14 4,096 ------w C:\WINDOWS\system32\MP43DMOD.dll
+ 2006-10-19 03:47:14 317,440 ------w C:\WINDOWS\system32\MP4SDECD.dll
- 2004-08-10 04:00:00 384,512 ------w C:\WINDOWS\system32\mp4sdmod.dll
+ 2006-10-19 03:47:14 4,096 ------w C:\WINDOWS\system32\MP4SDMOD.dll
+ 2006-10-19 03:47:14 259,072 ------w C:\WINDOWS\system32\MPG4DECD.dll
- 2004-08-10 04:00:00 240,640 ------w C:\WINDOWS\system32\mpg4dmod.dll
+ 2006-10-19 03:47:14 4,096 ------w C:\WINDOWS\system32\MPG4DMOD.dll
- 2004-08-10 04:00:00 138,240 -c----w C:\WINDOWS\system32\mqad.dll
+ 2007-07-06 12:46:59 138,240 ------w C:\WINDOWS\system32\mqad.dll
- 2004-08-10 04:00:00 47,104 -c----w C:\WINDOWS\system32\mqdscli.dll
+ 2007-07-06 12:46:59 47,104 ------w C:\WINDOWS\system32\mqdscli.dll
- 2004-08-10 04:00:00 16,896 -c----w C:\WINDOWS\system32\mqise.dll
+ 2007-07-06 12:46:59 16,896 ------w C:\WINDOWS\system32\mqise.dll
- 2004-08-10 04:00:00 660,992 -c----w C:\WINDOWS\system32\mqqm.dll
+ 2007-07-06 12:46:59 660,992 ------w C:\WINDOWS\system32\mqqm.dll
- 2004-08-10 04:00:00 177,152 -c----w C:\WINDOWS\system32\mqrt.dll
+ 2007-07-06 12:46:59 177,152 ------w C:\WINDOWS\system32\mqrt.dll
- 2004-08-10 04:00:00 95,744 ------w C:\WINDOWS\system32\mqsec.dll
+ 2007-07-06 12:46:59 95,744 ------w C:\WINDOWS\system32\mqsec.dll
- 2004-08-10 04:00:00 48,640 -c----w C:\WINDOWS\system32\mqupgrd.dll
+ 2007-07-06 12:46:59 48,640 ------w C:\WINDOWS\system32\mqupgrd.dll
- 2004-08-10 04:00:00 471,552 ------w C:\WINDOWS\system32\mqutil.dll
+ 2007-07-06 12:46:59 471,552 ------w C:\WINDOWS\system32\mqutil.dll
- 2007-09-06 00:50:44 17,474,680 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-03-05 16:30:54 19,148,408 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2004-08-10 04:00:00 20,480 ------w C:\WINDOWS\system32\msacm32.drv
- 2006-12-22 17:28:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2007-10-24 06:47:38 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll
- 2004-07-15 13:34:06 16,896 -c--a-w C:\WINDOWS\system32\mscorier.dll
+ 2007-10-24 06:47:38 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll
- 2003-02-21 09:09:14 106,496 ----a-w C:\WINDOWS\system32\mscories.dll
+ 2007-10-24 06:47:38 84,480 ----a-w C:\WINDOWS\system32\mscories.dll
+ 2006-10-02 21:28:42 312,128 ------w C:\WINDOWS\system32\msdelta.dll
- 2007-06-27 14:34:56 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2007-12-07 02:21:47 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2007-06-27 14:34:56 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-12-07 02:21:47 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2004-08-10 04:00:00 188,416 ------w C:\WINDOWS\system32\msh261.drv
+ 2004-08-04 06:56:58 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
- 2007-07-19 06:59:59 3,583,488 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-12-08 05:21:48 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-06-27 14:34:57 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2007-12-07 02:21:47 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2000-02-24 23:07:14 1,046,288 ----a-w C:\WINDOWS\system32\MSJET35.DLL
+ 2000-02-24 23:07:14 123,664 ----a-w C:\WINDOWS\system32\MSJINT35.DLL
+ 2000-02-24 23:07:14 24,848 ----a-w C:\WINDOWS\system32\MSJTER35.DLL
- 2005-08-04 08:29:52 115,200 -c--a-w C:\WINDOWS\system32\msnetobj.dll
+ 2006-10-19 03:47:16 179,712 ----a-w C:\WINDOWS\system32\msnetobj.dll
- 2005-08-04 08:29:52 25,088 -c--a-w C:\WINDOWS\system32\MsPMSNSv.dll
+ 2006-10-19 03:47:16 27,136 ----a-w C:\WINDOWS\system32\mspmsnsv.dll
- 2005-08-04 08:29:52 173,568 ----a-w C:\WINDOWS\system32\MsPMSP.dll
+ 2006-10-19 03:47:16 175,616 ----a-w C:\WINDOWS\system32\mspmsp.dll
- 2007-06-27 14:34:58 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2007-12-07 02:21:48 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2000-02-24 23:07:14 252,176 ----a-w C:\WINDOWS\system32\MSRD2X35.DLL
- 2005-08-04 08:29:52 353,520 -c--a-w C:\WINDOWS\system32\MSSCP.dll
+ 2006-12-04 21:21:50 414,720 ----a-w C:\WINDOWS\system32\msscp.dll
- 2007-06-27 14:34:58 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2007-12-07 02:21:48 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2004-08-10 04:00:00 407,552 ------w C:\WINDOWS\system32\mstsc.exe
+ 2006-11-07 08:06:47 600,576 ------w C:\WINDOWS\system32\mstsc.exe
- 2004-08-10 04:00:00 655,360 -c----w C:\WINDOWS\system32\mstscax.dll
+ 2006-11-13 06:02:58 1,866,240 ------w C:\WINDOWS\system32\mstscax.dll
- 2005-12-16 02:13:54 1,669,632 ----a-w C:\WINDOWS\system32\msvidctl.dll
+ 2006-10-09 21:15:52 1,669,632 ----a-w C:\WINDOWS\system32\msvidctl.dll
- 2005-08-04 08:29:52 315,904 ----a-w C:\WINDOWS\system32\MSWMDM.dll
+ 2006-10-19 03:47:16 321,536 ----a-w C:\WINDOWS\system32\mswmdm.dll
- 2006-05-11 00:34:12 44,544 -c--a-w C:\WINDOWS\system32\msxml4a.dll
+ 2003-04-18 07:29:26 44,544 -c--a-w C:\WINDOWS\system32\msxml4a.dll
- 2002-02-04 16:43:00 82,432 ----a-w C:\WINDOWS\system32\msxml4r.dll
+ 2003-04-18 07:29:26 82,432 ----a-w C:\WINDOWS\system32\msxml4r.dll
+ 2007-05-15 20:43:10 1,320,800 ----a-w C:\WINDOWS\system32\msxml6.dll
+ 2006-10-05 09:31:10 79,872 ----a-w C:\WINDOWS\system32\msxml6r.dll
- 2006-12-22 18:02:36 6,144 ----a-w C:\WINDOWS\system32\mui\0409\mscorees.dll
+ 2007-10-24 06:47:44 15,360 ----a-w C:\WINDOWS\system32\mui\0409\mscorees.dll
- 2004-08-10 04:00:00 53,760 ------w C:\WINDOWS\system32\narrator.exe
+ 2006-10-04 08:48:36 53,760 ------w C:\WINDOWS\system32\narrator.exe
+ 2007-08-07 12:28:34 28,272 ----a-w C:\WINDOWS\system32\NicCo2.dll
- 2006-03-01 00:01:50 20,480 -c--a-w C:\WINDOWS\system32\NicInstE.dll
+ 2007-12-15 01:12:12 56,440 ----a-w C:\WINDOWS\system32\NicInstE.dll
- 2007-06-27 14:34:58 102,400 ----a-w C:\WINDOWS\system32\occache.dll
+ 2007-12-07 02:21:48 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2007-09-29 07:58:24 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
- 2007-05-17 11:28:05 549,376 ------w C:\WINDOWS\system32\oleaut32.dll
+ 2007-12-04 18:38:13 550,912 ------w C:\WINDOWS\system32\oleaut32.dll
- 2004-08-10 04:00:00 215,552 ------w C:\WINDOWS\system32\osk.exe
+ 2006-10-04 08:48:37 215,552 ------w C:\WINDOWS\system32\osk.exe
- 2004-08-10 04:00:00 116,224 -c----w C:\WINDOWS\system32\p2p.dll
+ 2006-10-11 16:24:45 153,088 ----a-w C:\WINDOWS\system32\p2p.dll
- 2004-08-10 04:00:00 86,016 -c----w C:\WINDOWS\system32\p2pgasvc.dll
+ 2006-10-11 16:24:45 104,960 ----a-w C:\WINDOWS\system32\p2pgasvc.dll
- 2004-08-10 04:00:00 312,320 -c----w C:\WINDOWS\system32\p2pgraph.dll
+ 2006-10-11 16:24:45 313,344 ----a-w C:\WINDOWS\system32\p2pgraph.dll
- 2004-08-10 04:00:00 88,064 -c----w C:\WINDOWS\system32\p2pnetsh.dll
+ 2006-10-11 16:24:45 116,224 ----a-w C:\WINDOWS\system32\p2pnetsh.dll
- 2004-08-10 04:00:00 526,848 -c----w C:\WINDOWS\system32\p2psvc.dll
+ 2006-10-11 16:24:45 553,984 ----a-w C:\WINDOWS\system32\p2psvc.dll
- 2002-03-14 17:00:26 38,567 ----a-w C:\WINDOWS\system32\pcpbios.exe
+ 2007-03-27 15:45:22 38,567 ----a-w C:\WINDOWS\system32\pcpbios.exe
- 2007-03-11 19:51:19 53,640 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-03-11 04:07:06 72,184 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-03-11 19:51:19 382,022 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-03-11 04:07:06 443,296 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2006-10-24 17:30:20 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll
+ 2005-10-29 04:49:42 84,480 ------w C:\WINDOWS\system32\pintool.exe
- 2006-10-17 17:58:08 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-01-11 05:53:32 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2004-08-10 04:00:00 48,640 -c----w C:\WINDOWS\system32\pnrpnsp.dll
+ 2006-10-11 16:24:45 58,880 ----a-w C:\WINDOWS\system32\pnrpnsp.dll
+ 2006-10-19 03:47:18 284,160 ------w C:\WINDOWS\system32\PortableDeviceApi.dll
+ 2006-10-19 03:47:18 101,888 ------w C:\WINDOWS\system32\PortableDeviceClassExtension.d ll
+ 2006-10-19 03:47:18 166,912 ------w C:\WINDOWS\system32\PortableDeviceTypes.dll
+ 2006-10-19 03:47:18 132,096 ------w C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
+ 2006-10-19 03:47:18 199,168 ------w C:\WINDOWS\system32\PortableDeviceWMDRM.dll
+ 2006-10-21 02:29:52 104,224 ----a-w C:\WINDOWS\system32\PresentationCFFRasterizerNativ e_v0300.dll
+ 2006-10-21 02:29:58 344,352 ----a-w C:\WINDOWS\system32\PresentationHost.exe
+ 2006-10-21 02:29:46 20,768 ----a-w C:\WINDOWS\system32\PresentationHostProxy.dll
+ 2006-10-21 02:30:02 769,312 ----a-w C:\WINDOWS\system32\PresentationNative_v0300.dll
+ 2006-10-14 21:43:38 124,416 ------w C:\WINDOWS\system32\prntvpt.dll
- 2006-01-05 04:01:52 126,976 ----a-w C:\WINDOWS\system32\Prounstl.exe
+ 2007-12-20 14:43:48 248,448 ----a-w C:\WINDOWS\system32\Prounstl.exe
- 2005-08-06 04:01:54 239,104 -c----w C:\WINDOWS\system32\psisdecd.dll
+ 2006-10-09 21:12:14 235,008 ------w C:\WINDOWS\system32\psisdecd.dll
- 2007-03-07 23:51:00 547,576 ------w C:\WINDOWS\system32\Px.dll
+ 2008-02-21 02:05:38 551,672 ------w C:\WINDOWS\system32\Px.dll
Reply With Quote
  #35  
Old March 27th, 2008, 04:50 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
  
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
- 2007-03-07 23:51:00 64,760 ------w C:\WINDOWS\system32\pxcpya64.exe
+ 2008-02-21 02:05:38 66,296 ------w C:\WINDOWS\system32\pxcpya64.exe
- 2007-03-07 23:51:00 510,712 ------w C:\WINDOWS\system32\pxdrv.dll
+ 2008-02-21 02:05:38 518,904 ------w C:\WINDOWS\system32\pxdrv.dll
- 2007-03-07 23:51:00 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
+ 2008-02-21 02:05:40 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
- 2007-03-07 23:51:00 64,760 ------w C:\WINDOWS\system32\pxinsa64.exe
+ 2008-02-21 02:05:38 64,760 ------w C:\WINDOWS\system32\pxinsa64.exe
- 2007-03-07 23:51:00 187,128 ------w C:\WINDOWS\system32\PxMas.dll
+ 2008-02-21 02:05:40 187,128 ------w C:\WINDOWS\system32\PxMas.dll
- 2007-03-07 23:51:00 1,628,920 ------w C:\WINDOWS\system32\PxSFS.DLL
+ 2008-02-21 02:05:38 1,628,920 ------w C:\WINDOWS\system32\PxSFS.DLL
- 2007-03-07 23:51:00 379,640 ------w C:\WINDOWS\system32\PxWave.dll
+ 2008-02-21 02:05:38 379,640 ------w C:\WINDOWS\system32\PxWave.dll
- 2005-08-04 08:29:52 221,184 ----a-w C:\WINDOWS\system32\qasf.dll
+ 2006-10-19 03:47:18 211,456 ----a-w C:\WINDOWS\system32\qasf.dll
- 2005-08-30 11:13:42 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2007-10-29 22:35:13 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2007-08-22 01:11:38 450,560 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ati2cqag.dll
+ 2007-08-22 02:07:59 268,800 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ati2dvag.dll
+ 2007-08-22 01:58:56 43,520 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ati2edxx.dll
+ 2007-08-22 01:13:01 49,152 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ati2erec.dll
+ 2007-08-22 01:58:42 122,880 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ati2evxx.dll
+ 2007-08-22 01:57:14 487,424 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ati2evxx.exe
+ 2007-08-22 01:59:04 26,112 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\Ati2mdxx.exe
+ 2007-08-22 02:07:39 2,417,664 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ati2mtag.sys
+ 2007-08-22 01:47:23 3,091,392 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ati3duag.dll
+ 2007-08-22 01:56:19 53,248 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ATIDDC.DLL
+ 2007-08-22 02:09:12 352,256 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ATIDEMGX.dll
+ 2007-08-14 21:11:53 156,671 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\atiicdxx.dat
+ 2007-08-22 02:07:22 307,200 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\atiiiexx.dll
+ 2007-08-22 01:19:38 266,240 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\atikvmag.dll
+ 2007-08-22 01:48:15 8,306,688 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\atioglx2.dll
+ 2007-08-22 01:21:01 5,435,392 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\atioglxx.dll
+ 2007-08-22 01:15:37 172,032 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\atiok3x2.dll
+ 2007-08-22 01:59:26 143,360 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\atipdlxx.dll
+ 2007-08-22 01:17:54 17,408 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\atitvo32.dll
+ 2001-11-09 15:01:04 24,064 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ativcoxx.dll
+ 2007-08-22 01:35:20 3,107,788 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ativva5x.dat
+ 2007-08-22 01:35:20 972,072 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ativva6x.dat
+ 2007-08-22 01:35:20 3,107,788 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ativvaxx.dat
+ 2007-08-22 01:35:39 1,586,816 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\ativvaxx.dll
+ 2007-03-23 20:23:23 77,824 ----a-w C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\B_52365\Oemdspif.dll
- 2006-11-10 14:25:46 319,456 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\difx32.dll
+ 2006-08-10 20:05:26 312,320 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\difx32.dll
- 2006-12-31 04:56:09 81,920 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\hccutils.dll
+ 2006-06-23 19:39:54 81,920 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\hccutils.dll
- 2006-12-31 04:56:09 114,688 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\hkcmd.exe
+ 2006-06-23 19:44:02 86,016 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\hkcmd.exe
- 2006-12-31 04:56:09 1,323,008 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\ig4dev32.dll
+ 2006-06-23 20:05:32 1,200,128 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\ig4dev32.dll
- 2006-12-31 04:56:09 2,383,872 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\ig4icd32.dll
+ 2006-06-23 20:02:16 2,416,640 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\ig4icd32.dll
- 2006-12-31 04:56:09 450,560 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxcfg.exe
+ 2006-06-23 19:43:52 450,560 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxcfg.exe
- 2006-12-31 04:56:09 155,648 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxdev.dll
+ 2006-06-23 19:39:48 147,456 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxdev.dll
- 2006-12-31 04:56:09 98,304 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxdo.dll
+ 2006-06-23 19:40:46 98,304 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxdo.dll
- 2006-12-31 04:56:09 23,552 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxexps.dll
+ 2006-06-23 19:44:12 23,552 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxexps.dll
- 2006-12-31 04:56:09 122,880 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxext.exe
+ 2006-06-23 19:44:10 118,784 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxext.exe
- 2006-12-31 04:56:10 94,208 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxpers.exe
+ 2006-06-23 19:40:52 81,920 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxpers.exe
- 2006-12-31 04:56:10 163,840 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxpph.dll
+ 2006-06-23 19:40:38 155,648 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxpph.dll
- 2006-12-31 04:56:11 3,276,800 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxress.dll
+ 2006-06-23 19:41:00 3,276,800 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxress.dll
- 2006-12-31 04:56:11 44,032 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxsrvc.dll
+ 2006-06-23 19:40:20 41,984 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxsrvc.dll
- 2006-12-31 04:56:11 192,512 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxsrvc.exe
+ 2006-06-23 19:40:18 188,416 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxsrvc.exe
- 2006-12-31 04:56:11 98,304 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxtray.exe
+ 2006-06-23 19:41:54 98,304 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxtray.exe
- 2006-12-31 04:56:11 106,496 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxzoom.exe
+ 2006-06-23 19:41:40 106,496 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igfxzoom.exe
- 2006-12-31 04:56:12 447,120 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igmedkrn.dll
+ 2006-06-23 21:02:02 348,880 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igmedkrn.dll
- 2006-12-31 04:56:12 1,442,848 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igxpdv32.dll
+ 2006-06-23 21:00:54 1,294,464 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igxpdv32.dll
- 2006-12-31 04:56:12 2,262,528 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igxpdx32.dll
+ 2006-06-23 21:02:42 2,052,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igxpdx32.dll
- 2006-12-31 04:56:12 146,432 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igxpgd32.dll
+ 2006-06-23 21:01:22 140,288 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igxpgd32.dll
- 2006-12-31 04:56:12 1,181,824 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igxpmp32.sys
+ 2006-06-23 21:02:02 1,095,680 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igxpmp32.sys
- 2006-12-31 04:56:12 53,248 -c--a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igxprd32.dll
+ 2006-06-23 21:01:32 48,128 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\igxprd32.dll
+ 2005-05-03 23:43:28 69,632 ----a-r C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\ALCMTR.EXE
+ 2006-05-04 21:26:36 2,808,832 ----a-r C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\ALCWZRD.EXE
+ 2004-08-04 04:08:00 60,288 ----a-w C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\drmk.sys
+ 2004-08-04 04:15:22 140,928 ----a-w C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\ks.sys
+ 2004-08-04 06:56:44 4,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\ksuser.dll
+ 2004-03-17 00:58:20 136,960 ----a-w C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\portcls.sys
+ 2004-08-04 04:08:04 48,640 ----a-w C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\stream.sys
+ 2004-08-04 14:56:58 23,552 ----a-w C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\i386\wdmaud.drv
+ 2006-10-11 22:42:58 2,157,568 ----a-r C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\MicCal.exe
+ 2007-03-15 19:39:04 262,144 ----a-r C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\RTCOMDLL.dll
+ 2007-03-21 19:49:20 16,126,464 ----a-r C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\RTHDCPL.EXE
+ 2007-03-27 00:21:06 4,395,008 ----a-r C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\RtkHDAud.sys
+ 2007-03-07 19:59:30 131,072 ----a-r C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\RTLCPAPI.dll
+ 2007-03-24 00:19:10 9,715,200 ----a-r C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\RTLCPL.EXE
+ 2007-01-16 15:39:36 1,191,936 ----a-r C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\RtlUpd.exe
+ 2006-07-21 21:14:36 86,016 ----a-r C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\SOUNDMAN.EXE
+ 2006-05-04 17:59:54 253,952 ----a-w C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\e1000msg.dll
+ 2006-05-16 18:37:50 229,376 ----a-w C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\e1e5132.sys
+ 2006-01-25 23:59:46 21,504 ----a-w C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\NicCo.dll
+ 2006-05-04 18:09:08 56,832 ----a-w C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\NicEtCoE.dll
+ 2006-03-01 00:01:50 20,480 ----a-w C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\NicInstE.dll
+ 2006-01-05 04:01:52 126,976 ----a-w C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\Prounstl.exe
- 2007-07-21 10:31:48 211,184 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2007-11-05 04:52:27 469,136 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2006-08-24 21:15:06 150,808 ----a-w C:\WINDOWS\system32\rgb9rast_2.dll
- 2004-08-10 04:00:00 581,120 ------w C:\WINDOWS\system32\rpcrt4.dll
+ 2007-07-09 13:16:16 582,656 ----a-w C:\WINDOWS\system32\rpcrt4.dll
- 2007-03-15 19:39:04 262,144 ----a-r C:\WINDOWS\system32\RTCOM\RTCOMDLL.dll
+ 2007-10-03 14:20:42 262,144 ----a-w C:\WINDOWS\system32\RTCOM\RTCOMDLL.dll
- 2007-03-07 19:59:30 131,072 ----a-r C:\WINDOWS\system32\RTCOM\RtlCPAPI.dll
+ 2007-03-07 11:59:30 131,072 ----a-w C:\WINDOWS\system32\RTCOM\RTLCPAPI.dll
+ 2001-10-16 14:19:18 36,864 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
+ 2002-02-05 12:03:00 31,744 ----a-w C:\WINDOWS\system32\S32STAT.DLL
+ 2005-03-21 16:00:24 4,096 ----a-w C:\WINDOWS\system32\sabprocenum.sys
- 2005-08-06 04:01:54 282,112 ----a-w C:\WINDOWS\system32\sbe.dll
+ 2006-10-09 21:12:40 291,840 ----a-w C:\WINDOWS\system32\sbe.dll
+ 2000-08-31 13:00:00 98,816 ----a-w C:\WINDOWS\system32\sed.exe
- 2006-12-19 21:52:18 8,453,632 ----a-w C:\WINDOWS\system32\shell32.dll
+ 2007-10-26 03:34:01 8,460,288 ----a-w C:\WINDOWS\system32\shell32.dll
- 2006-12-10 19:10:02 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2006-10-16 21:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2006-10-14 21:43:18 751,104 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdrv .dll
+ 2006-10-14 21:42:40 131,584 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdui .dll
- 2004-08-04 17:26:48 264,704 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRV. DLL
+ 2006-10-14 21:42:18 376,320 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrv. dll
- 2004-08-04 17:26:48 197,120 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRVU I.DLL
+ 2006-10-14 21:42:28 510,464 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrvu i.dll
- 2004-08-04 17:26:36 619,520 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIRES. DLL
+ 2006-10-14 21:40:36 619,008 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\unires. dll
+ 2006-10-15 01:22:00 1,698,048 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\XpsSvcs .dll
+ 2006-10-14 21:43:18 27,648 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpi pelineprintproc.dll
+ 2006-10-14 21:44:44 671,744 ------w C:\WINDOWS\system32\spool\prtprocs\w32x86\PrintFil terPipelineSvc.exe
+ 2006-10-14 22:13:02 34,304 ----a-w C:\WINDOWS\system32\spool\prtprocs\x64\filterpipel ineprintproc.dll
+ 2006-10-14 22:12:14 737,792 ----a-w C:\WINDOWS\system32\spool\XPSEP\amd64\amd64\mxdwdr v.dll
+ 2006-10-15 01:09:04 2,946,304 ----a-w C:\WINDOWS\system32\spool\XPSEP\amd64\amd64\xpssvc s.dll
+ 2006-10-14 22:12:14 737,792 ----a-w C:\WINDOWS\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2006-10-15 01:09:04 2,946,304 ----a-w C:\WINDOWS\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2006-10-14 21:43:18 751,104 ----a-w C:\WINDOWS\system32\spool\XPSEP\i386\i386\mxdwdrv. dll
+ 2006-10-15 01:22:00 1,698,048 ----a-w C:\WINDOWS\system32\spool\XPSEP\i386\i386\xpssvcs. dll
+ 2006-10-14 21:43:18 751,104 ----a-w C:\WINDOWS\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2006-10-15 01:22:00 1,698,048 ----a-w C:\WINDOWS\system32\spool\XPSEP\i386\xpssvcs.dll
Reply With Quote
  #36  
Old March 27th, 2008, 04:52 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
  
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
+ 2004-04-27 09:40:52 11,264 ----a-w C:\WINDOWS\system32\SpOrder.dll
- 2005-06-28 15:21:34 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2006-10-16 21:10:58 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe
- 2007-07-22 23:39:27 279,552 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2000-08-31 13:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2001-10-16 14:19:18 4,032 ----a-w C:\WINDOWS\system32\SYMEVNT1.DLL
+ 2004-08-10 04:00:00 3,360 -c----w C:\WINDOWS\system32\system.drv
+ 2004-08-10 04:00:00 4,048 -c----w C:\WINDOWS\system32\timer.drv
+ 2007-03-22 01:54:16 77,312 ----a-w C:\WINDOWS\system32\TWAIN_32.DLL
+ 2007-03-22 01:54:16 48,560 ----a-w C:\WINDOWS\system32\TWUNK_16.EXE
+ 2007-03-22 01:54:16 69,632 ----a-w C:\WINDOWS\system32\TWUNK_32.EXE
- 2007-07-18 12:42:22 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2006-10-21 02:29:54 159,008 ----a-w C:\WINDOWS\system32\UIAutomationCore.dll
- 2004-08-10 04:00:00 35,840 -c----w C:\WINDOWS\system32\umandlg.dll
+ 2006-10-04 13:33:38 35,840 ------w C:\WINDOWS\system32\umandlg.dll
- 2007-06-27 14:34:58 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2007-12-07 02:21:48 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-06-27 14:34:58 1,152,000 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-12-07 02:21:48 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2005-04-27 23:15:36 17,920 ------w C:\WINDOWS\system32\usmt\cobramsg.dll
- 2004-08-10 04:00:00 123,904 -c----w C:\WINDOWS\system32\usmt\guitrn.dll
+ 2005-04-28 19:16:29 133,120 ----a-w C:\WINDOWS\system32\usmt\guitrn.dll
+ 2005-04-28 19:16:29 115,200 ------w C:\WINDOWS\system32\usmt\guitrna.dll
- 2004-08-10 04:00:00 19,968 -c----w C:\WINDOWS\system32\usmt\log.dll
+ 2005-04-28 19:16:29 19,968 ----a-w C:\WINDOWS\system32\usmt\log.dll
- 2004-08-10 04:00:00 201,216 -c----w C:\WINDOWS\system32\usmt\migism.dll
+ 2005-04-28 19:16:29 274,432 ----a-w C:\WINDOWS\system32\usmt\migism.dll
+ 2005-04-28 17:16:30 261,120 ------w C:\WINDOWS\system32\usmt\migisma.dll
- 2004-08-10 04:00:00 103,424 ------w C:\WINDOWS\system32\usmt\migload.exe
+ 2005-04-28 00:12:58 103,424 ----a-w C:\WINDOWS\system32\usmt\migload.exe
- 2004-08-10 04:00:00 240,128 ------w C:\WINDOWS\system32\usmt\migwiz.exe
+ 2005-04-28 00:12:57 245,248 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe
+ 2005-04-28 00:12:57 241,152 ------w C:\WINDOWS\system32\usmt\migwiza.exe
- 2004-08-10 04:00:00 202,752 -c----w C:\WINDOWS\system32\usmt\script.dll
+ 2005-04-28 19:16:29 215,552 ----a-w C:\WINDOWS\system32\usmt\script.dll
+ 2005-04-28 19:16:29 199,680 ------w C:\WINDOWS\system32\usmt\scripta.dll
- 2004-08-10 04:00:00 168,960 -c----w C:\WINDOWS\system32\usmt\sysmod.dll
+ 2005-04-28 19:16:29 193,024 ----a-w C:\WINDOWS\system32\usmt\sysmod.dll
+ 2005-04-28 19:16:29 173,568 ------w C:\WINDOWS\system32\usmt\sysmoda.dll
- 2004-08-10 04:00:00 50,176 ------w C:\WINDOWS\system32\utilman.exe
+ 2006-10-04 08:48:37 50,176 ------w C:\WINDOWS\system32\utilman.exe
- 2005-08-04 08:29:52 47,104 ----a-w C:\WINDOWS\system32\uwdf.exe
+ 2006-10-19 03:58:00 8,704 ----a-w C:\WINDOWS\system32\uwdf.exe
+ 2000-02-24 23:07:14 368,912 ----a-w C:\WINDOWS\system32\VBAR332.DLL
+ 2007-11-14 21:04:52 83,432 ----a-w C:\WINDOWS\system32\vsdata.dll
+ 2007-11-14 21:05:16 394,952 ----a-w C:\WINDOWS\system32\vsdatant.sys
+ 2007-11-14 21:04:52 157,160 ----a-w C:\WINDOWS\system32\vsinit.dll
+ 2007-11-14 21:04:52 103,912 ----a-w C:\WINDOWS\system32\vsmonapi.dll
+ 2007-11-14 21:04:52 275,944 ----a-w C:\WINDOWS\system32\vspubapi.dll
+ 2007-11-14 21:04:52 71,144 ----a-w C:\WINDOWS\system32\vsregexp.dll
+ 2007-11-14 21:04:54 472,552 ----a-w C:\WINDOWS\system32\vsutil.dll
+ 2007-11-14 21:04:54 46,568 ----a-w C:\WINDOWS\system32\vswmi.dll
+ 2007-11-14 21:04:54 99,816 ----a-w C:\WINDOWS\system32\vsxml.dll
- 2007-03-07 23:51:00 39,672 ------w C:\WINDOWS\system32\VXBLOCK.dll
+ 2008-02-21 02:05:38 88,824 ------w C:\WINDOWS\system32\VXBLOCK.dll
+ 2007-07-11 20:06:58 42,672 ------w C:\WINDOWS\system32\wbsys.dll
- 2005-08-04 08:29:52 15,872 -c--a-w C:\WINDOWS\system32\wdfapi.dll
+ 2006-10-19 03:47:18 4,096 ----a-w C:\WINDOWS\system32\wdfapi.dll
- 2005-08-04 08:29:52 38,912 ----a-w C:\WINDOWS\system32\wdfmgr.exe
+ 2006-10-19 03:58:00 8,704 ----a-w C:\WINDOWS\system32\wdfmgr.exe
+ 2004-08-04 14:56:58 23,552 ----a-w C:\WINDOWS\system32\wdmaud.drv
- 2007-06-27 14:34:59 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-12-07 02:21:48 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2004-08-10 04:00:00 13,600 -c--a-w C:\WINDOWS\system32\wfwnet.drv
+ 2006-10-24 17:30:06 716,288 ------w C:\WINDOWS\system32\WindowsCodecs.dll
+ 2006-10-24 17:29:50 352,256 ------w C:\WINDOWS\system32\WindowsCodecsExt.dll
- 2007-06-27 14:34:59 823,808 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-12-07 02:21:48 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2004-08-10 04:00:00 146,432 ----a-w C:\WINDOWS\system32\winspool.drv
+ 2006-11-01 07:14:24 69,120 ------w C:\WINDOWS\system32\wlanapi.dll
- 2005-08-04 08:29:52 359,936 ----a-w C:\WINDOWS\system32\wmadmod.dll
+ 2006-10-19 03:47:18 757,248 ----a-w C:\WINDOWS\system32\WMADMOD.dll
- 2005-08-04 08:29:52 716,288 -c--a-w C:\WINDOWS\system32\wmadmoe.dll
+ 2006-10-19 03:47:18 1,117,696 ----a-w C:\WINDOWS\system32\WMADMOE.dll
- 2005-08-04 08:29:52 227,840 ----a-w C:\WINDOWS\system32\wmasf.dll
+ 2007-10-27 22:40:30 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
- 2005-08-04 08:29:52 29,184 ----a-w C:\WINDOWS\system32\WMDMLOG.dll
+ 2006-10-19 03:47:18 33,792 ----a-w C:\WINDOWS\system32\wmdmlog.dll
- 2005-08-04 08:29:52 37,376 ----a-w C:\WINDOWS\system32\WMDMPS.dll
+ 2006-10-19 03:47:18 37,376 ----a-w C:\WINDOWS\system32\wmdmps.dll
- 2005-08-04 08:29:52 344,064 -c--a-w C:\WINDOWS\system32\WMDRMdev.dll
+ 2006-10-19 03:47:18 429,056 ----a-w C:\WINDOWS\system32\wmdrmdev.dll
- 2005-08-04 08:29:52 290,816 -c--a-w C:\WINDOWS\system32\WMDRMNet.dll
+ 2006-10-19 03:47:20 348,672 ----a-w C:\WINDOWS\system32\wmdrmnet.dll
- 2005-08-04 08:29:52 180,224 ----a-w C:\WINDOWS\system32\wmdrmsdk.dll
+ 2006-10-19 03:47:20 535,040 ----a-w C:\WINDOWS\system32\wmdrmsdk.dll
- 2004-08-10 04:00:00 189,440 ----a-w C:\WINDOWS\system32\wmerror.dll
+ 2006-10-19 03:47:20 227,328 ----a-w C:\WINDOWS\system32\wmerror.dll
- 2005-08-04 08:29:52 150,016 -c--a-w C:\WINDOWS\system32\wmidx.dll
+ 2006-10-19 03:47:20 157,184 ----a-w C:\WINDOWS\system32\wmidx.dll
- 2005-08-04 08:29:52 988,672 ----a-w C:\WINDOWS\system32\wmnetmgr.dll
+ 2006-10-19 03:47:20 937,984 ----a-w C:\WINDOWS\system32\wmnetmgr.dll
- 2007-04-30 13:20:24 5,537,792 ----a-w C:\WINDOWS\system32\wmp.dll
+ 2007-06-12 04:51:12 10,834,944 ----a-w C:\WINDOWS\system32\wmp.dll
- 2004-08-10 04:00:00 131,072 ----a-w C:\WINDOWS\system32\wmpasf.dll
+ 2006-10-19 03:47:20 242,688 ----a-w C:\WINDOWS\system32\wmpasf.dll
- 2004-08-10 04:00:00 278,528 ----a-w C:\WINDOWS\system32\wmpdxm.dll
+ 2006-10-19 03:47:20 314,880 ----a-w C:\WINDOWS\system32\wmpdxm.dll
+ 2006-10-19 03:47:20 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
- 2004-08-10 04:00:00 1,582,080 -c--a-w C:\WINDOWS\system32\wmpencen.dll
+ 2006-10-19 03:47:20 1,661,440 ----a-w C:\WINDOWS\system32\wmpencen.dll
+ 2006-10-24 17:30:00 276,992 ------w C:\WINDOWS\system32\WMPhoto.dll
- 2005-06-24 01:15:30 3,371,008 ----a-w C:\WINDOWS\system32\wmploc.dll
+ 2006-10-19 03:47:20 8,231,936 ----a-w C:\WINDOWS\system32\wmploc.dll
+ 2006-10-19 03:47:20 613,376 ------w C:\WINDOWS\system32\wmpmde.dll
+ 2006-10-19 03:47:20 130,048 ------w C:\WINDOWS\system32\wmpps.dll
- 2004-08-10 04:00:00 81,920 ----a-w C:\WINDOWS\system32\wmpshell.dll
+ 2006-10-19 03:47:20 99,840 ----a-w C:\WINDOWS\system32\wmpshell.dll
- 2004-08-10 04:00:00 174,080 -c--a-w C:\WINDOWS\system32\wmpsrcwp.dll
+ 2006-10-19 03:47:20 204,288 ----a-w C:\WINDOWS\system32\wmpsrcwp.dll
- 2005-08-04 08:29:52 771,584 ----a-w C:\WINDOWS\system32\wmsdmod.dll
+ 2006-10-19 03:47:22 4,096 ----a-w C:\WINDOWS\system32\wmsdmod.dll
- 2005-08-04 08:29:52 1,119,744 -c--a-w C:\WINDOWS\system32\wmsdmoe2.dll
+ 2006-10-19 03:47:22 4,096 ----a-w C:\WINDOWS\system32\wmsdmoe2.dll
- 2005-08-04 08:29:54 407,552 ----a-w C:\WINDOWS\system32\wmspdmod.dll
+ 2006-10-19 03:47:22 603,648 ----a-w C:\WINDOWS\system32\WMSPDMOD.dll
- 2005-08-04 08:29:54 940,544 -c--a-w C:\WINDOWS\system32\wmspdmoe.dll
+ 2006-10-19 03:47:22 1,329,152 ----a-w C:\WINDOWS\system32\WMSPDMOE.dll
- 2005-08-04 08:29:54 1,216,000 ----a-w C:\WINDOWS\system32\wmvadvd.dll
+ 2006-10-19 03:47:22 4,096 ----a-w C:\WINDOWS\system32\WMVADVD.dll
- 2005-08-04 08:29:54 1,512,448 -c--a-w C:\WINDOWS\system32\WMVADVE.DLL
+ 2006-10-19 03:47:22 4,096 ----a-w C:\WINDOWS\system32\WMVADVE.DLL
- 2006-12-07 04:14:51 2,330,624 ----a-w C:\WINDOWS\system32\wmvcore.dll
+ 2006-10-19 03:47:22 2,450,944 ----a-w C:\WINDOWS\system32\wmvcore.dll
+ 2006-10-19 03:47:22 1,543,680 ------w C:\WINDOWS\system32\WMVDECOD.dll
- 2005-08-04 08:29:54 826,368 ----a-w C:\WINDOWS\system32\wmvdmod.dll
+ 2006-10-19 03:47:22 4,096 ----a-w C:\WINDOWS\system32\wmvdmod.dll
- 2005-08-04 08:29:54 1,003,008 -c--a-w C:\WINDOWS\system32\wmvdmoe2.dll
+ 2006-10-19 03:47:22 4,096 ----a-w C:\WINDOWS\system32\wmvdmoe2.dll
+ 2006-10-19 03:47:22 1,574,912 ------w C:\WINDOWS\system32\WMVENCOD.dll
+ 2006-10-19 03:47:22 1,382,912 ------w C:\WINDOWS\system32\WMVSDECD.dll
+ 2006-10-19 03:47:22 767,488 ------w C:\WINDOWS\system32\WMVSENCD.dll
+ 2006-10-19 03:47:22 656,896 ------w C:\WINDOWS\system32\WMVXENCD.dll
- 2006-03-03 12:33:09 38,912 -c--a-w C:\WINDOWS\system32\wpd_ci.dll
+ 2006-10-19 03:47:22 629,760 ----a-w C:\WINDOWS\system32\wpd_ci.dll
- 2006-03-03 12:32:57 61,952 -c--a-w C:\WINDOWS\system32\wpdconns.dll
+ 2006-10-19 03:47:22 35,840 ----a-w C:\WINDOWS\system32\wpdconns.dll
- 2006-03-03 12:33:00 114,176 -c--a-w C:\WINDOWS\system32\wpdmtp.dll
+ 2006-10-19 03:47:22 154,624 ----a-w C:\WINDOWS\system32\wpdmtp.dll
- 2006-03-03 12:33:00 66,560 -c--a-w C:\WINDOWS\system32\wpdmtpus.dll
+ 2006-10-19 03:47:22 63,488 ----a-w C:\WINDOWS\system32\wpdmtpus.dll
+ 2006-10-19 03:47:22 2,603,008 ------w C:\WINDOWS\system32\WpdShext.dll
+ 2006-10-19 02:00:14 17,408 ------w C:\WINDOWS\system32\wpdshextautoplay.exe
+ 2006-10-19 03:47:22 38,400 ------w C:\WINDOWS\system32\wpdshextres.dll
+ 2006-10-19 03:47:22 133,632 ------w C:\WINDOWS\system32\WPDShServiceObj.dll
Reply With Quote
  #37  
Old March 27th, 2008, 04:52 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
  
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
- 2006-03-03 12:33:10 329,728 -c--a-w C:\WINDOWS\system32\wpdsp.dll
+ 2006-10-19 03:47:22 356,352 ----a-w C:\WINDOWS\system32\wpdsp.dll
+ 2006-09-29 02:13:26 95,344 ------w C:\WINDOWS\system32\WUDFCoinstaller.dll
+ 2006-09-29 00:56:38 146,432 ------w C:\WINDOWS\system32\WudfHost.exe
+ 2006-09-29 00:56:16 165,376 ------w C:\WINDOWS\system32\WudfPlatform.dll
+ 2006-09-29 00:56:14 55,808 ------w C:\WINDOWS\system32\WudfSvc.dll
+ 2006-09-29 00:56:38 316,416 ------w C:\WINDOWS\system32\WUDFx.dll
- 2007-03-09 11:28:00 248,320 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-10-29 10:04:03 350,720 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2006-10-15 01:21:58 580,352 ------w C:\WINDOWS\system32\XPSSHHDR.dll
+ 2006-10-15 01:22:00 1,698,048 ------w C:\WINDOWS\system32\XpsSvcs.dll
+ 2006-10-21 02:29:54 304,928 ----a-w C:\WINDOWS\system32\XPSViewer\XPSViewer.exe
+ 2000-08-31 13:00:00 68,096 ----a-w C:\WINDOWS\system32\zip.exe
+ 2007-11-14 21:04:56 83,432 ----a-w C:\WINDOWS\system32\zlcomm.dll
+ 2007-11-14 21:04:56 71,144 ----a-w C:\WINDOWS\system32\zlcommdb.dll
+ 2008-03-11 06:38:14 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat
+ 2007-11-14 21:04:44 370,208 ----a-w C:\WINDOWS\system32\ZoneLabs\av.dll
+ 2007-05-31 05:03:30 65,248 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\aphish.da t
+ 2006-06-30 19:47:36 21,568 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\avcmhk4.d ll
+ 2007-05-31 05:03:16 77,824 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHComm.dll
+ 2007-05-31 05:03:16 110,592 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHrule.dll
+ 2007-05-31 05:03:16 331,776 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHUM.dll
+ 2007-05-31 05:03:16 38,400 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\FSSync.dll
+ 2007-07-19 20:10:32 110,360 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\w2k xp32\kl1.sys
+ 2007-07-19 20:10:32 186,128 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\w2k xp32\klif.sys
+ 2007-05-31 05:03:48 110,360 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\x32 \kl1.sys
+ 2007-07-19 20:10:28 127,768 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\x32 \klif.sys
+ 2007-05-31 05:03:50 45,056 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\instdrivers\x32 \regcat.exe
+ 2006-09-20 04:12:14 208,960 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\inv.dll
+ 2007-09-12 02:09:16 274,432 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\kave.dll
+ 2006-12-19 23:13:52 1,093,632 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\libeay32.dll
+ 2007-05-31 05:03:20 548,864 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\msvcp80.dll
+ 2007-05-31 05:03:20 626,688 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\msvcr80.dll
+ 2007-05-31 05:03:18 184,320 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\prloader.dll
+ 2007-05-31 05:03:22 90,112 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\prremote.dll
+ 2007-09-12 02:09:16 135,168 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess .exe
+ 2006-12-19 23:13:52 200,704 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\ssleay32.dll
+ 2007-11-14 21:04:44 99,816 ----a-w C:\WINDOWS\system32\ZoneLabs\camupd.dll
+ 2004-01-30 17:35:08 813,568 ----a-w C:\WINDOWS\system32\ZoneLabs\dbghelp.dll
+ 2007-11-14 21:04:46 128,480 ----a-w C:\WINDOWS\system32\ZoneLabs\fbl.dll
+ 2007-11-14 21:04:46 38,376 ----a-w C:\WINDOWS\system32\ZoneLabs\featuremap.dll
+ 2007-11-14 21:04:46 321,016 ----a-w C:\WINDOWS\system32\ZoneLabs\imsecure.dll
+ 2007-11-14 21:05:18 288,144 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard.zip. dll
+ 2007-11-14 21:05:18 152,976 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\licenseui.zip.dll
+ 2007-11-14 21:05:18 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll
+ 2007-11-14 21:05:18 1,361,296 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll
+ 2007-11-14 21:05:20 71,056 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll
+ 2007-11-14 21:06:34 30,184 ----a-w C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rp c_server.dll
+ 2007-11-14 21:06:36 30,216 ----a-w C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\ vsmon_plugin.dll
+ 2007-10-19 01:18:38 714,208 ----a-w C:\WINDOWS\system32\ZoneLabs\qrbase.dll
+ 2007-10-19 01:18:38 787,936 ----a-w C:\WINDOWS\system32\ZoneLabs\qrsrecl.dll
+ 2007-11-14 21:04:48 173,544 ----a-w C:\WINDOWS\system32\ZoneLabs\scheduler.dll
+ 2007-01-11 16:12:08 2,432,259 ----a-w C:\WINDOWS\system32\ZoneLabs\spyware.dat
+ 2007-10-19 01:18:40 1,500,640 ----a-w C:\WINDOWS\system32\ZoneLabs\srescan.dll
+ 2007-10-19 01:18:44 51,176 ----a-w C:\WINDOWS\system32\ZoneLabs\srescan.sys
+ 2007-11-14 21:04:50 456,168 ----a-w C:\WINDOWS\system32\ZoneLabs\ssleay32.dll
+ 2007-11-14 21:06:36 214,528 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker \httpblocker.dll
+ 2007-11-14 21:06:36 3,266,040 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imsl sp.dll
+ 2006-09-05 01:59:14 503,875 ----a-w C:\WINDOWS\system32\ZoneLabs\upd_core.dll
+ 2007-10-11 21:50:32 832,984 ----a-w C:\WINDOWS\system32\ZoneLabs\updating.dll
+ 2007-11-14 21:05:06 144,936 ----a-w C:\WINDOWS\system32\ZoneLabs\updclient.exe
+ 2007-01-11 22:31:06 286,787 ----a-w C:\WINDOWS\system32\ZoneLabs\updtrsdk.dll
+ 2007-11-14 21:04:52 108,008 ----a-w C:\WINDOWS\system32\ZoneLabs\vsavpro.dll
+ 2007-11-14 21:04:52 83,432 ----a-w C:\WINDOWS\system32\ZoneLabs\vsdb.dll
+ 2007-11-14 21:05:06 75,304 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmon.exe
+ 2007-11-14 21:04:52 2,029,032 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmondll.dll
+ 2007-11-14 21:04:54 1,361,384 ----a-w C:\WINDOWS\system32\ZoneLabs\vsruledb.dll
+ 2007-11-14 21:04:54 239,080 ----a-w C:\WINDOWS\system32\ZoneLabs\vsvault.dll
+ 2007-01-11 16:12:08 2,432,259 ----a-w C:\WINDOWS\system32\ZoneLabs\zlasdbup.dat
+ 2007-11-14 21:04:56 177,640 ----a-w C:\WINDOWS\system32\ZoneLabs\zlparser.dll
+ 2007-11-14 21:04:56 79,344 ----a-w C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll
+ 2007-11-14 21:04:58 382,440 ----a-w C:\WINDOWS\system32\ZoneLabs\zlsre.dll
+ 2007-11-14 21:04:58 120,296 ----a-w C:\WINDOWS\system32\ZoneLabs\zlupdate.dll
+ 2007-11-14 21:05:00 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
+ 2000-06-08 16:36:00 15,664 -c--a-w C:\WINDOWS\vfwwdm.drv
- 1999-04-24 20:22:00 4,608 -c--a-w C:\WINDOWS\W95INF32.DLL
+ 2000-02-14 18:24:02 4,608 -c--a-r C:\WINDOWS\W95INF32.DLL
+ 2008-03-10 21:11:07 8,192 ----a-w C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a 3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2006-08-20 04:33:40 82,432 -c--a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf3 45378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
+ 2007-04-18 15:36:40 82,432 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf3 45378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
+ 2006-12-02 04:56:00 96,256 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2007-10-24 06:47:56 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcm80.dll
+ 2007-10-24 06:47:56 558,080 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll
+ 2007-10-24 06:47:56 635,904 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll
+ 2005-09-23 13:29:16 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
+ 2005-09-23 13:29:16 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2005-09-23 13:29:16 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
+ 2006-12-02 04:54:32 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2006-12-02 04:54:34 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-02 04:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2005-09-23 07:16:02 1,093,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2005-09-23 07:16:06 1,079,808 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2005-09-23 07:16:08 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2005-09-23 07:16:10 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2006-12-02 05:25:52 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2006-12-02 05:25:56 1,093,120 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-02 05:25:58 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-02 05:26:00 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-02 05:08:00 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-02 05:08:00 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-02 05:08:00 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-02 05:08:00 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-02 05:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-02 05:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-02 05:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-02 05:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-02 05:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3 b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-02 05:46:44 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3 b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2008-03-10 21:11:13 258,048 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-03-10 21:11:13 113,664 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b0 3f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2007-11-14 21:05:06 75,248 ----a-w C:\WINDOWS\zllsputility.exe
.
-- Snapshot reset to current date --
.
Reply With Quote
  #38  
Old March 27th, 2008, 04:53 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
  
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-10-04 15:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
2008-03-11 01:37 262144 --a------ C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2007-10-04 15:06 1135968]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= "C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL" [2008-03-11 01:37 262144]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-10-04 15:06 1135968]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-03-11 01:37 262144]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2006-11-30 22:49 4662776]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2008-01-03 11:15 50528]
"Steam"="C:\Program Files\Steam\Steam.exe" [2008-03-16 16:37 1266936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 13:35 90112]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-23 00:14 237568]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 13:39 151552]
"ftutil2"="rundll32.exe" [2004-08-09 23:00 33280 C:\WINDOWS\system32\rundll32.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-03-10 05:21 579072]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-25 03:57 16855552 C:\WINDOWS\RTHDCPL.EXE]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05 919016]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-08-19 23:36 180269]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-03-10 05:21 219136]

C:\Documents and Settings\Gameing\Start Menu\Programs\Startup\
PinMcLnk.lnk - C:\hp\bin\cloaker.exe [2006-08-19 23:04:51 27136]

C:\Documents and Settings\LogMeInRemoteUser\Start Menu\Programs\Startup\
Pin.lnk - C:\hp\bin\CLOAKER.EXE [2006-08-19 23:04:51 27136]
PinMcLnk.lnk - C:\hp\bin\cloaker.exe [2006-08-19 23:04:51 27136]

C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\
Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2008-03-13 18:05:34 2979664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Icatch(VI) SnapDetect.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Icatch(VI) SnapDetect.lnk
backup=C:\WINDOWS\pss\Icatch(VI) SnapDetect.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates From HP.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates From HP.lnk
backup=C:\WINDOWS\pss\Updates From HP.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
--a------ 2008-01-03 11:15 50528 C:\Program Files\AIM6\aim6.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
--a------ 2008-03-10 05:21 579072 C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserWatch]
C:\Program Files\Migo Software\Digital File Shredder Pro\BrowserWatchControl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMAScheduler]
--a------ 2006-04-13 11:05 90112 c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
--a------ 2005-09-29 23:01 67584 C:\WINDOWS\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hid_start]
--------- 2004-08-09 23:00 33280 C:\WINDOWS\System32\Rundll32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
--a------ 2006-10-06 13:13 114688 C:\WINDOWS\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-02-19 02:41 49152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp]
--a------ 2006-02-16 00:34 249856 C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
--a------ 2006-10-06 13:11 98304 C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
--a------ 2007-03-05 16:57 1103480 C:\Program Files\Download Manager\DLM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2004-07-28 01:50 221184 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2005-06-14 11:05 6856704 C:\Program Files\MSN Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pccguide.exe]
C:\Program Files\Trend Micro\Antivirus\pccguide.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCClient.exe]
C:\Program Files\Trend Micro\Antivirus\PCClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCDrProfiler]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
--a------ 2006-10-06 13:10 94208 C:\WINDOWS\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-06-29 06:24 286720 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2006-08-19 23:36 180269 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TM Outbreak Agent]
C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weather]
C:\Program Files\AWS\WeatherBug\Weather.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2006-11-30 22:49 4662776 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Viewpoint Manager Service"=2 (0x2)
"Pml Driver HPZ12"=2 (0x2)
"NMSAccessU"=2 (0x2)
"LightScribeService"=2 (0x2)
"IDriverT"=3 (0x3)
"IAANTMON"=2 (0x2)
"gusvc"=3 (0x3)
"GameConsoleService"=3 (0x3)
"FLEXnet Licensing Service"=3 (0x3)
"ELService"=2 (0x2)
"Bonjour Service"=2 (0x2)
"AVGEMS"=2 (0x2)
"Avg7UpdSvc"=2 (0x2)
"Avg7Alrt"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\DISC\\DiscStreamHub.exe"=
"C:\\Program Files\\Sony\\Station\\Launchpad\\LaunchPad.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\HP Games\\JEOPARDY\\JEOPARDY!.exe"=
"C:\\Program Files\\Xfire\\xfire.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\ShotOnline International\\ShotOnline.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\SHOUTcast\\sc_serv.exe"=
"C:\\Program Files\\City of Heroes\\CohUpdater.exe"=
"C:\\Program Files\\HP Games\\Wheel of Fortune\\Wheel of Fortune.exe"=
"C:\\Program Files\\City of Heroes\\CityOfHeroes.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\AIM6\\aim6.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"C:\\Program Files\\Kaneva\\World of Kaneva V2.0\\KanevaLauncher.exe"=

S4 GameConsoleService;GameConsoleService;"C:\Program Files\WildTangent\Apps\My HP Game Console\GameConsoleService.exe" [2007-09-18 17:49]
S4 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2007-10-12 09:34]
S4 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 16:38]

.
Contents of the 'Scheduled Tasks' folder
"2008-03-22 22:35:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-26 23:36:21 C:\WINDOWS\Tasks\User_Feed_Synchronization-{9A2FDC6F-1BD4-45AF-9928-51A90B2C128D}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-26 22:15:13
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 2008-03-26 22:15:46
ComboFix-quarantined-files.txt 2008-03-27 03:15:43
ComboFix2.txt 2007-09-20 21:07:48
.
2008-03-12 21:24:47 --- E O F ---
Reply With Quote
  #39  
Old March 27th, 2008, 04:54 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
  
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
man that was a long one now finaly the silent runners log
"Silent Runners.vbs", revision 56, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run \ {++}
"Yahoo! Pager" = ""C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet" ["Yahoo! Inc."]
"Aim6" = ""C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp" ["AOL LLC"]
"Steam" = ""C:\Program Files\Steam\Steam.exe" -silent" ["Valve Corporation"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run \ {++}
"StartCCC" = ""C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"" [null data]
"SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"" ["Sun Microsystems, Inc."]
"Recguard" = "C:\WINDOWS\SMINST\RECGUARD.EXE" [empty string]
"IAAnotif" = ""C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"" ["Intel Corporation"]
"ftutil2" = ""rundll32.exe" ftutil2.dll,SetWriteCacheMode" [MS]
"AVG7_CC" = "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP" ["GRISOFT, s.r.o."]
"RTHDCPL" = "RTHDCPL.EXE" ["Realtek Semiconductor Corp."]
"ZoneAlarm Client" = ""C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"" ["Zone Labs, LLC"]
"TkBellExe" = ""C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot" ["RealNetworks, Inc."]
"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\(Default) = "Winamp Toolbar BHO"
-> {HKLM...CLSID} = "Winamp Toolbar BHO"
\InProcServer32\(Default) = "C:\Program Files\Winamp Toolbar\winamptb.dll" ["AOL LLC"]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll" ["Sun Microsystems, Inc."]
{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}\(Default) = "ZoneAlarm Spy Blocker BHO"
-> {HKLM...CLSID} = "ZoneAlarm Spy Blocker BHO"
\InProcServer32\(Default) = "C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL" ["ZoneAlarm"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved\
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {HKLM...CLSID} = "RealOne Player Context Menu Class"
\InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]
"{7F67036B-66F1-411A-AD85-759FB9C5B0DB}" = "ShellViewRTF"
-> {HKLM...CLSID} = "ShellViewRTF"
\InProcServer32\(Default) = "C:\WINDOWS\system32\ShellvRTF.dll" ["XSS"]
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Shell Extension"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Find Extension"
-> {HKLM...CLSID} = "AVG7 Find Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
"{E0D79304-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]
"{E0D79305-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]
"{E0D79306-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]
"{E0D79307-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {HKLM...CLSID} = "Portable Media Devices Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{5E2121EE-0300-11D4-8D3B-444553540000}" = "Catalyst Context Menu extension"
-> {HKLM...CLSID} = "SimpleShlExt Class"
\InProcServer32\(Default) = "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll" [empty string]
"{D9872D13-7651-4471-9EEE-F0A00218BEBB}" = "Multiscan"
-> {HKLM...CLSID} = "ZLAVShExt Class"
\InProcServer32\(Default) = "C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll" ["Zone Labs, LLC"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\ShellExecuteHooks\
<<!>> "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" = (no title provided)
-> {HKLM...CLSID} = "SABShellExecuteHook Class"
\InProcServer32\(Default) = "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" ["SuperAdBlocker.com"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\She llServiceObjectDelayLoad\
"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> !SASWinLogon\DLLName = "C:\Program Files\SUPERAntiSpyware\SASWINLO.dll" ["SUPERAntiSpyware.com"]
<<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
<<!>> igfxcui\DLLName = "igfxdev.dll" ["Intel Corporation"]
<<!>> WRNotifier\DLLName = "WRLogonNTF.dll" [file not found]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandler s\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandler s\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]
ZLAVShExt\(Default) = "{D9872D13-7651-4471-9EEE-F0A00218BEBB}"
-> {HKLM...CLSID} = "ZLAVShExt Class"
\InProcServer32\(Default) = "C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll" ["Zone Labs, LLC"]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMen uHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHa ndlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {HKLM...CLSID} = "AVG7 Shell Extension Class"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG7\avgse.dll" ["GRISOFT, s.r.o."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]
ZLAVShExt\(Default) = "{D9872D13-7651-4471-9EEE-F0A00218BEBB}"
-> {HKLM...CLSID} = "ZLAVShExt Class"
\InProcServer32\(Default) = "C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll" ["Zone Labs, LLC"]


Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------

Note: detected settings may not have any effect.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\Explorer\

"NoCDBurning" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System\

"HideLegacyLogonScripts" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"HideLogoffScripts" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"RunLogonScriptSync" = (REG_DWORD) dword:0x00000001
{unrecognized setting}

"RunStartupScriptSync" = (REG_DWORD) dword:0x00000001
{unrecognized setting}

"HideStartupScripts" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System\

"shutdownwithoutlogon" = (REG_DWORD) dword:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) dword:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}

"InstallVisualStyle" = (REG_EXPAND_SZ) C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
{unrecognized setting}

"InstallTheme" = (REG_EXPAND_SZ) C:\WINDOWS\Resources\Themes\Royale.theme
{unrecognized setting}

"DisableRegistryTools" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"HideLegacyLogonScripts" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"HideLogoffScripts" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"RunLogonScriptSync" = (REG_DWORD) dword:0x00000001
{unrecognized setting}

"RunStartupScriptSync" = (REG_DWORD) dword:0x00000001
{unrecognized setting}

"HideStartupScripts" = (REG_DWORD) dword:0x00000000
{unrecognized setting}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Loca l Settings\Application Data\Microsoft\Wallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"


Startup items in "HP_Administrator" & "All Users" startup folders:
------------------------------------------------------------------

C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup
"Xfire" -> shortcut to: "C:\Program Files\Xfire\xfire.exe" ["Xfire Inc."]


Enabled Scheduled Tasks:
------------------------

"AppleSoftwareUpdate" -> launches: "C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task" ["Apple Inc."]
"User_Feed_Synchronization-{9A2FDC6F-1BD4-45AF-9928-51A90B2C128D}" -> launches: "C:\WINDOWS\system32\msfeedssync.exe sync" [MS]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Pa rameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Pa rameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 21
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"
-> {HKLM...CLSID} = "Winamp Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Winamp Toolbar\winamptb.dll" ["AOL LLC"]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"
-> {HKLM...CLSID} = "ZoneAlarm Spy Blocker"
\InProcServer32\(Default) = "C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL" ["ZoneAlarm"]

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" = "Winamp Toolbar"
-> {HKLM...CLSID} = "Winamp Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Winamp Toolbar\winamptb.dll" ["AOL LLC"]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}" = (no title provided)
-> {HKLM...CLSID} = "ZoneAlarm Spy Blocker"
\InProcServer32\(Default) = "C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL" ["ZoneAlarm"]

Explorer Bars

HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\

HKLM\SOFTWARE\Classes\CLSID\{916C1EF1-CA89-4F1B-AFDA-3CA85BD0F831}\(Default) = "ZoneAlarm PopBlocker"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.6.0_03"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.6.0_03"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll" ["Sun Microsystems, Inc."]

{85D1F590-48F4-11D9-9669-0800200C9A66}\
"MenuText" = "Uninstall BitDefender Online Scanner v8"
"Exec" = "%windir%\bdoscandel.exe" [null data]

{D9288080-1BAA-4BC4-9CF8-A92D743DB949}\
"ButtonText" = "Run IMVU"
"Exec" = "C:\Documents and Settings\HP_Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk" [null data]

{E2D4D26B-0180-43A4-B05F-462D6D54C789}\
"ButtonText" = "Internet Connection Help"
"MenuText" = "Internet Connection Help"
"Script" = "C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlet t-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm " [null data]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
AVG E-mail Scanner, AVGEMS, "C:\PROGRA~1\Grisoft\AVG7\avgemc.exe" ["GRISOFT, s.r.o."]
AVG7 Alert Manager Server, Avg7Alrt, "C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe" ["GRISOFT, s.r.o."]
AVG7 Update Service, Avg7UpdSvc, "C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe" ["GRISOFT, s.r.o."]
Media Center Extender Service, McrdSvc, "C:\WINDOWS\ehome\mcrdsvc.exe" [MS]
Media Center Receiver Service, ehRecvr, "C:\WINDOWS\eHome\ehRecvr.exe" [MS]
Media Center Scheduler Service, ehSched, "C:\WINDOWS\eHome\ehSched.exe" [MS]


Keyboard Driver Filters:
------------------------

HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E 96B-E325-11CE-BFC1-08002BE10318}\
"UpperFilters" = <<!>> "ELkbd" ["Intel Corporation"]


Print Monitors:
---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monito rs\
LIDIL hpzll463\Driver = "hpzll463.dll" ["Hewlett-Packard Company"]
Microsoft Shared Fax Monitor\Driver = "FXSMON.DLL" [MS]


---------- (launch time: 2008-03-26 22:16:05)
<<!>>: Suspicious data at a malware launch point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 41 seconds, including 18 seconds for message boxes)
Reply With Quote
  #40  
Old March 29th, 2008, 05:02 PM
dahli's Avatar
dahli dahli is offline
CTH Subscriber
  
Join Date: Oct 2004
Location: in a van down by the river
Posts: 5,335
Download the trial version of AVG Anti-Spyware from here and install it.

After installation, double-click the icon on your Desktop to launch AVG Anti-Spyware.

On the top of the main screen click Shield. Then click the word active to change it to inactive.

You will need to also update AVG Anti-Spyware to the latest definition files. On the top of the main screen click Update. Then click on Start Update. The update will start and a progress bar will show the updates being installed.

Now close AVG Anti-Spyware (don't scan just yet).


Reboot into Safe Mode. At startup tap F8 and select Safe Mode (see here).

Make sure all windows are closed and run AVG Anti-Spyware. Click Scanner, then click on the Scan tab. Click Complete System Scan to begin scanning. When the scan is complete click Recommended Action and change it to Quarantine. Then click Apply all actions.

Once the scan has finished, click the Save report button, then click Save Report As. This will create a text file. Make sure you know where to find this file again.


Then reboot back to Normal Mode. Run a new scan with HijackThis and post that and the AVG Anti-Spyware log back here please.
Reply With Quote
  #41  
Old March 30th, 2008, 12:34 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
  
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 6:26:30 PM 3/29/2008

+ Scan result:



C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP179\A0057234.dll -> Adware.Altnet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP190\A0061283.exe -> Adware.Altnet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP190\A0061284.dll -> Adware.Altnet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP190\A0061285.dll -> Adware.Altnet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP190\A0061286.dll -> Adware.Altnet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP190\A0061287.exe -> Adware.Altnet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP190\A0061288.dll -> Adware.Altnet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP190\A0061289.dll -> Adware.Altnet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP190\A0061290.dll -> Adware.Altnet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP190\A0061291.dll -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP179\A0057241.DLL -> Adware.P2PNet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP179\A0057242.cpl -> Adware.P2PNet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP179\A0057243.exe -> Adware.P2PNet : Cleaned with backup (quarantined).
C:\Documents and Settings\HP_Administrator\DoctorWeb\Quarantine\SbC Ie028.dll -> Adware.SideStep : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP145\A0053177.exe -> Not-A-Virus.Adware.Agent : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP145\A0053242.exe -> Not-A-Virus.Adware.Agent : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP147\A0055146.exe -> Not-A-Virus.Adware.Agent : Cleaned with backup (quarantined).
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator @2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator @msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.168:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.169:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.170:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.44:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.45:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.46:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.50:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.51:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.52:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.53:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.54:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.128:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.129:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.130:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.132:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.133:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.39:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator @atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.83:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.84:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.85:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.86:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.87:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.88:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.89:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.47:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.76:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.77:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.78:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.80:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.135:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.136:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.137:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.74:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.31:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.193:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.194:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.203:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator @ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.109:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.110:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.111:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator @questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator @revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.119:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.120:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.121:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.151:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.152:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.153:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.154:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.155:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.100:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.101:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.102:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.103:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.104:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.96:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.192:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.37:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.38:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.40:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.42:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.43:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.48:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.49:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.11:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.12:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.13:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.14:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.15:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.16:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.17:C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\d2jg4zms.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP146\A0054494.exe -> Trojan.Agent.cj : Cleaned with backup (quarantined).


::Report end
Reply With Quote
  #42  
Old March 30th, 2008, 12:35 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
  
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:31:16 PM, on 3/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\MSN\MSNIA\CC\MSNCC\logonmgr.exe
C:\Program Files\MSN\MSNIA\CC\MSNCC\msncc.exe
C:\HJT\HP_Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ION&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ION&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=127.0.0.1:9022
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [ftutil2] "rundll32.exe" ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\HP_Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.6.108.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1167164300484
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8519 bytes
Reply With Quote
  #43  
Old April 5th, 2008, 02:52 AM
dahli's Avatar
dahli dahli is offline
CTH Subscriber
  
Join Date: Oct 2004
Location: in a van down by the river
Posts: 5,335
How is your system running now?
Reply With Quote
  #44  
Old April 6th, 2008, 02:48 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
  
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
so much better now,The popups have stoped..Thank you for all of your work on this
Reply With Quote
Reply
Page 3 of 3 12 3

Bookmarks

« Previous Topic | Next Topic »
Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Slow computer and Firefox popup tamwood Malware Removal 7 March 19th, 2012 10:42 PM
Laggy Internet + Popup mrjunkers Malware Removal 19 March 7th, 2007 10:03 PM
Internet Sharing Configuration Popup Shaelynn Windows XP 10 January 1st, 2007 06:34 PM
popup ads and slow computer syedafghani Malware Removal 15 June 28th, 2005 05:43 PM
popup ads and slow computer syedafghani Windows 98 1 June 16th, 2005 04:42 AM


All times are GMT +1. The time now is 02:17 PM.