Vraag & Antwoord

Beveiliging & privacy

Scanners vinden niets, maar toch spyware.. + HijackThisLog

13 antwoorden
  • Sinds gisteravond heb ik last van pop-ups. Het begon met McAfee die aangaf dat het een trojan had gedetecteerd, namelijk vundo.dll en heeft deze ook gerepareerd. Meteen nadat dat gebeurt was, heb ik McAfee, Spybot S&D en Ad-Aware geupdate. Vervolgens startte ik mijn computer opnieuw op in veilige modus, en heb ik met alledrie de programma’s scans gedaan. Ze hebben behoorlijk wat spyware gevonden, en deze ook verwijderd. Na nog een paar keer scannen vinden ze echter niets meer. Nu heb ik dat als ik IE7 opstart, McAfee meteen waarschuwt dat er iets in het register aangepast wordt bij Internet Security Zones, en deze aanpassingen blokkeer ik meteen. Als ik IE afsluit en opnieuw opstart krijg ik de melding weer. Ik heb vervolgens ook nog geprobeerd IE opnieuw te installeren, maar dit heeft niets opgelost. Nu weet ik niet meer wat ik moet doen.. De meeste pop-ups zijn van pc-doctor en allemaal andere troep die wil dat ik programma’s installeer, en het begint onderhand behoorlijk frustrerend te worden, vooral omdat ik met McAfee, Spybot en Ad-Aware niets meer kan vinden. Overigens had ik voor gisteravond nooit last van dit soort willekeurige pop-ups, en de pop-ups komen ook voor in Mozilla Firefox. Wat me overigens ook is opgevallen is dat bij IE7 de beveiliging van cookies iedere keer vanzelf op laag gezet word. Ik heb een HijackThis log gemaakt, zie hieronder. Ik ben echter geen kei in dit soort dingen, dus bedankt voor de hulp alvast ;) Logfile of HijackThis v1.99.1 Scan saved at 13:39:54, on 24-5-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\DOCUME~1\Ufuk\LOCALS~1\Temp\clclean.0001 C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe C:\WINDOWS\V0230Mon.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\Mozilla Firefox\firefox.exe c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe C:\Documents and Settings\Ufuk\Bureaublad\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [mnu] C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe /S:T O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe O4 - HKLM\..\Run: [V0230Mon.exe] C:\WINDOWS\V0230Mon.exe O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [mnu] C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe /S:T O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by114w.bay114.mail.live.com/mail/resources/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
  • Yep vundo besmetting. Download [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:989e4dea54]Combofix[/b:989e4dea54][/url] naar je Bureaublad. Dubbelklik [b:989e4dea54]Combofix.exe[/b:989e4dea54] Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen. Tijdens het runnen van de fix, [b:989e4dea54]NIET[/b:989e4dea54] in het venster klikken, want dit zal je pc doen vasthangen. Wanneer de fix voltooid is en na herstart, zal de log [b:989e4dea54]combofix.txt[/b:989e4dea54] openen. Plaats dit log in je volgende post samen met een nieuw HijackThis log. NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
  • [b:e44c18b295]Combofix log:[/b:e44c18b295] "Ufuk" - 2007-05-24 16:44:20 Service Pack 2 ComboFix 07-05.24.7.V - Running from: "C:\Documents and Settings\Ufuk\Mijn documenten\ComboFix\" (((((((((((((((((((((((((((((((((((((((((((((((((( V Log ))))))))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\rcqyqmkj.dll C:\WINDOWS\system32\dcbeg.bak1 C:\WINDOWS\system32\dcbeg.ini C:\WINDOWS\system32\dcbeg.bak1 C:\WINDOWS\system32\dcbeg.ini C:\WINDOWS\system32\gebcd.dll C:\WINDOWS\system32\qomljkl.dll [b:e44c18b295]HijackThis Log:[/b:e44c18b295] Logfile of HijackThis v1.99.1 Scan saved at 16:55:16, on 24-5-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe C:\WINDOWS\V0230Mon.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\DOCUME~1\Ufuk\LOCALS~1\Temp\clclean.0001 C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Ufuk\Bureaublad\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [mnu] C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe /S:T O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe O4 - HKLM\..\Run: [V0230Mon.exe] C:\WINDOWS\V0230Mon.exe O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [mnu] C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe /S:T O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by114w.bay114.mail.live.com/mail/resources/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
  • Voor goede controle moet ik toch echt het [b:ba22b0624d]"volledige combofixlogje"[/b:ba22b0624d] zien aub.
  • [b:de7c55d358]Volledige log:[/b:de7c55d358] "Ufuk" - 2007-05-24 16:44:20 Service Pack 2 ComboFix 07-05.24.7.V - Running from: "C:\Documents and Settings\Ufuk\Mijn documenten\ComboFix\" (((((((((((((((((((((((((((((((((((((((((((((((((( V Log ))))))))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\rcqyqmkj.dll C:\WINDOWS\system32\dcbeg.bak1 C:\WINDOWS\system32\dcbeg.ini C:\WINDOWS\system32\dcbeg.bak1 C:\WINDOWS\system32\dcbeg.ini C:\WINDOWS\system32\gebcd.dll C:\WINDOWS\system32\qomljkl.dll * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * ((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-24 )))))))))))))))))))))))))))))))))) 2007-05-24 11:35 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-05-23 23:15 1,310,720 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2007-05-23 23:15 <DIR> dr------- C:\DOCUME~1\ADMINI~1\Menu Start 2007-05-23 23:15 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Sjablonen 2007-05-23 23:15 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Onlangs geopend 2007-05-23 23:15 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Netwerkprinteromgeving 2007-05-23 23:15 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Mijn documenten 2007-05-23 23:15 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Favorieten 2007-05-23 23:15 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Bureaublad 2007-05-23 23:15 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft 2007-05-15 11:36 <DIR> d-------- C:\DOCUME~1\Ufuk\APPLIC~1\Joost 2007-05-15 11:35 <DIR> d-------- C:\Program Files\Joost 2007-05-09 16:14 <DIR> d-------- C:\DOCUME~1\Zeki\APPLIC~1\GrabIt 2007-05-03 13:46 <DIR> d-------- C:\Program Files\TuneUp Utilities 2007 2007-05-02 21:58 <DIR> d-------- C:\Program Files\TomTom DesktopSuite (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-05-23 21:05:59 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\uTorrent 2007-05-23 13:17:26 -------- d-----w C:\Program Files\MSN Messenger 2007-05-23 13:17:26 -------- d-----w C:\Program Files\Messenger Plus! Live 2007-05-19 17:45:25 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\LimeWire 2007-05-13 09:22:44 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-05-13 09:21:42 -------- d-----w C:\Program Files\Common Files\PCSuite 2007-05-09 13:44:43 -------- d-----w C:\Program Files\NewsLeecher 2007-05-09 13:38:48 -------- d-----w C:\Program Files\GrabIt 2007-05-07 19:54:40 -------- d-----w C:\Program Files\Microsoft ActiveSync 2007-05-03 11:45:31 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2007-04-27 17:18:25 -------- d-----w C:\Program Files\DVD Shrink 2007-04-19 18:01:43 -------- d-----w C:\Program Files\iTunes 2007-04-19 18:01:35 -------- d-----w C:\Program Files\iPod 2007-04-19 18:00:27 -------- d-----w C:\Program Files\Apple Software Update 2007-04-18 16:15:26 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-13 10:50:01 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\Command & Conquer 3 Tiberium Wars 2007-04-12 18:52:46 -------- d-----w C:\Program Files\Electronic Arts 2007-04-10 17:35:18 -------- d-----w C:\Program Files\Common Files\Knowledge Adventure 2007-04-10 17:35:18 -------- d-----w C:\Program Files\Barbie(TM) 2007-03-28 17:42:42 29,704 ----a-w C:\WINDOWS\system32\uxtuneup.dll 2007-03-28 13:58:24 -------- d-----w C:\Program Files\Skype 2007-03-28 13:58:13 76,582 ----a-w C:\WINDOWS\system32\perfc013.dat 2007-03-28 13:58:13 455,614 ----a-w C:\WINDOWS\system32\perfh013.dat 2007-03-28 13:55:54 -------- d-----w C:\Program Files\EVEREST Ultimate 2007-03-27 11:13:33 -------- d-----w C:\Program Files\McAfee 2007-03-27 10:53:49 -------- d-----w C:\Program Files\McAfee.com 2007-03-27 10:51:31 -------- d-----w C:\Program Files\Common Files\McAfee 2007-03-25 17:59:18 -------- d-----w C:\Program Files\Palm 2007-03-17 13:45:54 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll 2007-03-16 14:17:29 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\NewsLeecher 2007-03-13 15:26:46 -------- d-----w C:\Program Files\QuickTime 2007-03-08 15:39:10 579,072 ----a-w C:\WINDOWS\system32\user32.dll 2007-03-08 15:39:10 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll 2007-03-08 15:39:10 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll 2007-03-08 15:37:59 1,843,712 ----a-w C:\WINDOWS\system32\win32k.sys 2007-03-06 19:58:31 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\Creative 2007-03-05 20:56:12 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\muvee Technologies 2007-03-05 15:39:25 50 ----a-w C:\AUTOEXEC.BAT 2007-03-05 15:39:16 -------- d-----w C:\Program Files\muvee Technologies 2007-03-05 15:37:54 -------- d-----w C:\Program Files\SightSpeed 2007-03-05 15:36:48 -------- d-----w C:\Program Files\Creative 2007-02-18 18:50:40 3,909 ----a-w C:\WINDOWS\mozver.dat 2007-02-05 20:20:07 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll [2006-12-15 04:23] {7DB2D5A0-7241-4E79-B68D-6309F01C5231}=c:\program files\mcafee\virusscan\scriptcl.dll [2006-12-22 16:02] {9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-07-07 12:29] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 07:56] "mnu"="C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe" [2006-05-01 19:54] "MBMon"="CTMBHA.DLL" [2005-05-19 04:54 C:\WINDOWS\system32\CTMBHA.DLL] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 06:03] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 06:03] "CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-09-15 10:47] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 02:00] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-09-14 22:09] "AVFX Engine"="C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-06-09 02:11] "V0230Mon.exe"="C:\WINDOWS\V0230Mon.exe" [2006-09-07 02:01] "MskAgentexe"="C:\Program Files\McAfee\MSK\MskAgent.exe" [2007-01-17 17:30] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 22:05] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 11:54] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mnu"="C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe" [2006-05-01 19:54] "SetDefaultMIDI"="MIDIDef.exe" [] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-02-05 17:40] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "UpdReg"=C:\WINDOWS\UpdReg.EXE "SigmatelSysTrayApp"=stsystra.exe "VoiceCenter"="C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "MWLExe"=C:\Program Files\Mcafee\MWL\MWLGui.exe /Start "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs* UxTuneUp Contents of the 'Scheduled Tasks' folder 2007-05-18 15:15:01 C:\WINDOWS\tasks\1-Click Maintenance.job 2007-03-27 10:50:49 C:\WINDOWS\tasks\McDefragTask.job 2007-03-27 10:50:48 C:\WINDOWS\tasks\McQcTask.job ******************************************************************** catchme 0.3.681 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-24 16:48:19 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ******************************************************************** Completion time: 2007-05-24 16:51:26 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-05-24 16:51 --- E O F --- (((((((((((((((((((((((((((((((((((((((((((((((((( V Log ))))))))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\rcqyqmkj.dll C:\WINDOWS\system32\dcbeg.bak1 C:\WINDOWS\system32\dcbeg.ini C:\WINDOWS\system32\dcbeg.bak1 C:\WINDOWS\system32\dcbeg.ini C:\WINDOWS\system32\gebcd.dll C:\WINDOWS\system32\qomljkl.dll * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * ((((((((((((((((((((((((((((((( Files Created from 24-0-01-07 to 24-05-2007 )))))))))))))))))))))))))))))))))) 24-05-2007 16:51 49.152 --a------ C:\WINDOWS\nircmd.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-05-23 21:05:59 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\uTorrent 2007-05-23 13:17:26 -------- d-----w C:\Program Files\MSN Messenger 2007-05-23 13:17:26 -------- d-----w C:\Program Files\Messenger Plus! Live 2007-05-19 17:45:25 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\LimeWire 2007-05-13 09:22:44 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-05-13 09:21:42 -------- d-----w C:\Program Files\Common Files\PCSuite 2007-05-09 13:44:43 -------- d-----w C:\Program Files\NewsLeecher 2007-05-09 13:38:48 -------- d-----w C:\Program Files\GrabIt 2007-05-07 19:54:40 -------- d-----w C:\Program Files\Microsoft ActiveSync 2007-05-03 11:45:31 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2007-04-27 17:18:25 -------- d-----w C:\Program Files\DVD Shrink 2007-04-19 18:01:43 -------- d-----w C:\Program Files\iTunes 2007-04-19 18:01:35 -------- d-----w C:\Program Files\iPod 2007-04-19 18:00:27 -------- d-----w C:\Program Files\Apple Software Update 2007-04-18 16:15:26 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-13 10:50:01 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\Command & Conquer 3 Tiberium Wars 2007-04-12 18:52:46 -------- d-----w C:\Program Files\Electronic Arts 2007-04-10 17:35:18 -------- d-----w C:\Program Files\Common Files\Knowledge Adventure 2007-04-10 17:35:18 -------- d-----w C:\Program Files\Barbie(TM) 2007-03-28 17:42:42 29,704 ----a-w C:\WINDOWS\system32\uxtuneup.dll 2007-03-28 13:58:24 -------- d-----w C:\Program Files\Skype 2007-03-28 13:58:13 76,582 ----a-w C:\WINDOWS\system32\perfc013.dat 2007-03-28 13:58:13 455,614 ----a-w C:\WINDOWS\system32\perfh013.dat 2007-03-28 13:55:54 -------- d-----w C:\Program Files\EVEREST Ultimate 2007-03-27 11:13:33 -------- d-----w C:\Program Files\McAfee 2007-03-27 10:53:49 -------- d-----w C:\Program Files\McAfee.com 2007-03-27 10:51:31 -------- d-----w C:\Program Files\Common Files\McAfee 2007-03-25 17:59:18 -------- d-----w C:\Program Files\Palm 2007-03-17 13:45:54 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll 2007-03-16 14:17:29 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\NewsLeecher 2007-03-13 15:26:46 -------- d-----w C:\Program Files\QuickTime 2007-03-08 15:39:10 579,072 ----a-w C:\WINDOWS\system32\user32.dll 2007-03-08 15:39:10 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll 2007-03-08 15:39:10 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll 2007-03-08 15:37:59 1,843,712 ----a-w C:\WINDOWS\system32\win32k.sys 2007-03-06 19:58:31 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\Creative 2007-03-05 20:56:12 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\muvee Technologies 2007-03-05 15:39:25 50 ----a-w C:\AUTOEXEC.BAT 2007-03-05 15:39:16 -------- d-----w C:\Program Files\muvee Technologies 2007-03-05 15:37:54 -------- d-----w C:\Program Files\SightSpeed 2007-03-05 15:36:48 -------- d-----w C:\Program Files\Creative 2007-03-02 12:16:52 109,608 ----a-w C:\WINDOWS\system32\drivers\Mpfp.sys 2007-03-02 11:08:08 -------- d-----w C:\Program Files\Windows Media Connect 2 2007-02-18 18:50:40 3,909 ----a-w C:\WINDOWS\mozver.dat 2007-02-14 13:39:10 -------- d-----w C:\Program Files\DivX 2007-02-13 17:56:54 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\Ahead 2007-02-09 11:10:35 574,464 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys 2007-02-05 20:20:07 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll 2007-02-01 04:56:06 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll 2007-02-01 04:56:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll 2007-02-01 04:56:05 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll 2007-02-01 04:56:04 639,066 ----a-w C:\WINDOWS\system32\DivX.dll 2007-01-31 21:27:01 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe 2007-01-30 23:15:10 118,784 ----a-w C:\WINDOWS\system32\DivXCodecUpdateChecker.exe 2007-01-30 05:03:40 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll 2007-01-30 05:03:26 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll 2007-01-30 05:03:26 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll 2007-01-30 04:56:56 73,728 ----a-w C:\WINDOWS\system32\dpl100.dll 2007-01-30 04:56:56 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll 2007-01-30 04:56:54 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll 2007-01-30 04:56:52 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll 2007-01-30 04:56:52 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll 2007-01-30 04:56:52 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll 2007-01-30 04:56:52 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll 2007-01-30 04:56:52 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll 2007-01-26 01:19:00 36,624 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys 2007-01-26 01:19:00 129,784 ------w C:\WINDOWS\system32\pxafs.dll 2007-01-26 01:19:00 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe 2007-01-26 01:19:00 116,472 ------w C:\WINDOWS\system32\pxcpyi64.exe 2007-01-22 11:55:32 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\AdobeUM 2007-01-19 11:53:04 51,056 ----a-w C:\WINDOWS\system32\sirenacm.dll 2007-01-10 15:48:16 -------- d-----w C:\Program Files\Microsoft Works 2007-01-10 15:43:58 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\OfficeUpdate12 2007-01-06 14:07:38 -------- d-----w C:\Program Files\Microsoft.NET 2006-12-22 14:02:40 71,496 ----a-w C:\WINDOWS\system32\drivers\mfeavfk.sys 2006-12-22 14:02:34 37,480 ----a-w C:\WINDOWS\system32\drivers\mfesmfk.sys 2006-12-22 14:02:34 34,184 ----a-w C:\WINDOWS\system32\drivers\mfebopk.sys 2006-12-22 14:02:34 32,008 ----a-w C:\WINDOWS\system32\drivers\mferkdk.sys 2006-12-22 14:02:34 170,408 ----a-w C:\WINDOWS\system32\drivers\mfehidk.sys 2006-12-12 16:24:42 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll 2006-12-04 14:21:50 414,720 ----a-w C:\WINDOWS\system32\msscp.dll 2006-11-30 16:15:11 -------- d-----w C:\Program Files\PC Connectivity Solution 2006-11-29 11:06:18 3,426,072 ----a-w C:\WINDOWS\system32\d3dx9_32.dll 2006-11-19 13:57:45 -------- d-----w C:\Program Files\ATI Technologies 2006-11-16 18:47:22 524,288 ----a-w C:\WINDOWS\opuc.dll 2006-11-16 16:03:46 -------- d-----w C:\Program Files\Common Files\NSV 2006-11-16 14:24:54 -------- d-----w C:\Program Files\DAEMON Tools 2006-11-16 14:21:36 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\ATI 2006-11-09 16:30:58 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2006-11-08 05:07:53 679,424 ----a-w C:\WINDOWS\system32\inetcomm.dll 2006-11-07 21:32:17 -------- d--h--r C:\DOCUME~1\Ufuk\APPLIC~1\SecuROM 2006-11-07 19:03:36 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll 2006-11-07 19:03:36 156,160 ----a-w C:\WINDOWS\system32\msls31.dll 2006-11-07 01:26:44 71,680 ----a-w C:\WINDOWS\system32\admparse.dll 2006-11-07 01:26:42 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll 2006-11-01 19:19:10 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll 2006-10-31 15:19:00 28,104 ----a-w C:\DOCUME~1\Ufuk\APPLIC~1\GDIPFONTCACHEV1.DAT 2006-10-29 13:26:18 -------- d-----w C:\Program Files\Atomic Clock Sync 2006-10-26 15:00:41 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2006-10-26 13:34:29 -------- d-----w C:\Program Files\LimeWire 2006-10-26 13:06:35 -------- d-----w C:\Program Files\Common Files\InstallShield 2006-10-26 13:00:11 271,360 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys 2006-10-26 13:00:11 18,048 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys 2006-10-22 19:59:18 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\Lavasoft 2006-10-22 19:58:22 -------- d-----w C:\Program Files\Lavasoft RegHance 2006-10-22 19:57:45 -------- d-----w C:\Program Files\Lavasoft 2006-10-22 19:24:07 -------- d-----w C:\Program Files\SigmaTel 2006-10-22 19:03:30 -------- d-----w C:\Program Files\Common Files\Real 2006-10-22 18:03:06 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\Real 2006-10-20 12:51:48 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\Google 2006-10-20 12:51:18 -------- d-----w C:\Program Files\Google 2006-10-20 01:39:56 714,752 ----a-w C:\WINDOWS\system32\sxs.dll 2006-10-19 19:38:28 831,048 ----a-w C:\WINDOWS\system32\WudfUpdate_01005.dll 2006-10-19 16:15:19 -------- d-----w C:\Program Files\Common Files\Ahead 2006-10-18 22:04:54 42,496 ------w C:\WINDOWS\system32\wpdshextres.dll 2006-10-18 21:58:00 8,704 ----a-w C:\WINDOWS\system32\wdfmgr.exe 2006-10-18 21:58:00 8,704 ----a-w C:\WINDOWS\system32\uwdf.exe 2006-10-18 21:47:22 767,488 ------w C:\WINDOWS\system32\WMVSENCD.dll 2006-10-18 21:47:22 656,896 ------w C:\WINDOWS\system32\WMVXENCD.dll 2006-10-18 21:47:22 63,488 ----a-w C:\WINDOWS\system32\wpdmtpus.dll 2006-10-18 21:47:22 629,760 ----a-w C:\WINDOWS\system32\wpd_ci.dll 2006-10-18 21:47:22 603,648 ----a-w C:\WINDOWS\system32\WMSPDMOD.dll 2006-10-18 21:47:22 4,096 ----a-w C:\WINDOWS\system32\wmvdmoe2.dll 2006-10-18 21:47:22 4,096 ----a-w C:\WINDOWS\system32\wmvdmod.dll 2006-10-18 21:47:22 4,096 ----a-w C:\WINDOWS\system32\WMVADVE.DLL 2006-10-18 21:47:22 4,096 ----a-w C:\WINDOWS\system32\WMVADVD.dll 2006-10-18 21:47:22 4,096 ----a-w C:\WINDOWS\system32\wmsdmoe2.dll 2006-10-18 21:47:22 4,096 ----a-w C:\WINDOWS\system32\wmsdmod.dll 2006-10-18 21:47:22 356,352 ----a-w C:\WINDOWS\system32\wpdsp.dll 2006-10-18 21:47:22 35,840 ----a-w C:\WINDOWS\system32\wpdconns.dll 2006-10-18 21:47:22 2,603,008 ------w C:\WINDOWS\system32\WpdShext.dll 2006-10-18 21:47:22 154,624 ----a-w C:\WINDOWS\system32\wpdmtp.dll 2006-10-18 21:47:22 133,632 ------w C:\WINDOWS\system32\WPDShServiceObj.dll 2006-10-18 21:47:22 1,574,912 ------w C:\WINDOWS\system32\WMVENCOD.dll 2006-10-18 21:47:22 1,543,680 ------w C:\WINDOWS\system32\WMVDECOD.dll 2006-10-18 21:47:22 1,382,912 ------w C:\WINDOWS\system32\WMVSDECD.dll 2006-10-18 21:47:22 1,329,152 ----a-w C:\WINDOWS\system32\WMSPDMOE.dll 2006-10-18 21:47:20 99,840 ----a-w C:\WINDOWS\system32\wmpshell.dll 2006-10-18 21:47:20 937,984 ----a-w C:\WINDOWS\system32\WMNetMgr.dll 2006-10-18 21:47:20 8,231,936 ----a-w C:\WINDOWS\system32\wmploc.dll 2006-10-18 21:47:20 613,376 ------w C:\WINDOWS\system32\wmpmde.dll 2006-10-18 21:47:20 535,040 ------w C:\WINDOWS\system32\wmdrmsdk.dll 2006-10-18 21:47:20 348,672 ----a-w C:\WINDOWS\system32\wmdrmnet.dll 2006-10-18 21:47:20 314,880 ----a-w C:\WINDOWS\system32\wmpdxm.dll 2006-10-18 21:47:20 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll 2006-10-18 21:47:20 242,688 ----a-w C:\WINDOWS\system32\wmpasf.dll 2006-10-18 21:47:20 227,328 ----a-w C:\WINDOWS\system32\wmerror.dll 2006-10-18 21:47:20 204,288 ----a-w C:\WINDOWS\system32\wmpsrcwp.dll 2006-10-18 21:47:20 157,184 ----a-w C:\WINDOWS\system32\wmidx.dll 2006-10-18 21:47:20 130,048 ------w C:\WINDOWS\system32\wmpps.dll 2006-10-18 21:47:20 1,661,440 ----a-w C:\WINDOWS\system32\wmpencen.dll 2006-10-18 21:47:18 757,248 ----a-w C:\WINDOWS\system32\wmadmod.dll 2006-10-18 21:47:18 429,056 ----a-w C:\WINDOWS\system32\wmdrmdev.dll 2006-10-18 21:47:18 4,096 ----a-w C:\WINDOWS\system32\wdfapi.dll 2006-10-18 21:47:18 37,376 ----a-w C:\WINDOWS\system32\wmdmps.dll 2006-10-18 21:47:18 33,792 ----a-w C:\WINDOWS\system32\wmdmlog.dll 2006-10-18 21:47:18 284,160 ------w C:\WINDOWS\system32\PortableDeviceApi.dll 2006-10-18 21:47:18 222,208 ----a-w C:\WINDOWS\system32\wmasf.dll 2006-10-18 21:47:18 211,456 ----a-w C:\WINDOWS\system32\qasf.dll 2006-10-18 21:47:18 199,168 ------w C:\WINDOWS\system32\PortableDeviceWMDRM.dll 2006-10-18 21:47:18 166,912 ------w C:\WINDOWS\system32\PortableDeviceTypes.dll 2006-10-18 21:47:18 132,096 ------w C:\WINDOWS\system32\PortableDeviceWiaCompat.dll 2006-10-18 21:47:18 101,888 ------w C:\WINDOWS\system32\PortableDeviceClassExtension.dll 2006-10-18 21:47:18 1,117,696 ----a-w C:\WINDOWS\system32\WMADMOE.dll 2006-10-18 21:47:16 321,536 ----a-w C:\WINDOWS\system32\mswmdm.dll 2006-10-18 21:47:16 27,136 ----a-w C:\WINDOWS\system32\mspmsnsv.dll 2006-10-18 21:47:16 179,712 ----a-w C:\WINDOWS\system32\msnetobj.dll 2006-10-18 21:47:16 175,616 ----a-w C:\WINDOWS\system32\mspmsp.dll 2006-10-18 21:47:14 4,096 ----a-w C:\WINDOWS\system32\MPG4DMOD.dll 2006-10-18 21:47:14 4,096 ----a-w C:\WINDOWS\system32\MP4SDMOD.dll 2006-10-18 21:47:14 4,096 ----a-w C:\WINDOWS\system32\MP43DMOD.dll 2006-10-18 21:47:14 317,440 ------w C:\WINDOWS\system32\MP4SDECD.dll 2006-10-18 21:47:14 259,072 ------w C:\WINDOWS\system32\MPG4DECD.dll 2006-10-18 21:47:14 259,072 ------w C:\WINDOWS\system32\MP43DECD.dll 2006-10-18 21:47:14 212,992 ------w C:\WINDOWS\system32\MFPLAT.dll 2006-10-18 21:47:14 11,264 ----a-w C:\WINDOWS\system32\LAPRXY.dll 2006-10-18 21:47:10 991,744 ----a-w C:\WINDOWS\system32\drmv2clt.dll 2006-10-18 21:47:10 542,720 ----a-w C:\WINDOWS\system32\blackbox.dll 2006-10-18 21:47:10 229,376 ----a-w C:\WINDOWS\system32\cewmdm.dll 2006-10-18 21:47:08 7,168 ----a-w C:\WINDOWS\system32\asferror.dll 2006-10-18 21:47:08 276,992 ----a-w C:\WINDOWS\system32\audiodev.dll 2006-10-18 20:03:58 100,864 ----a-w C:\WINDOWS\system32\logagent.exe 2006-10-18 20:00:46 249,856 ------w C:\WINDOWS\system32\drmupgds.exe 2006-10-18 20:00:14 17,408 ------w C:\WINDOWS\system32\wpdshextautoplay.exe 2006-10-18 20:00:00 38,528 ----a-w C:\WINDOWS\system32\drivers\wpdusb.sys 2006-10-17 10:06:00 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll 2006-10-17 10:05:10 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll 2006-10-17 10:03:56 17,408 ----a-w C:\WINDOWS\system32\corpol.dll 2006-10-17 09:57:58 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll 2006-10-17 09:56:10 45,568 ----a-w C:\WINDOWS\system32\mshta.exe 2006-10-17 09:28:56 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll 2006-10-16 16:16:24 124,928 ----a-w C:\WINDOWS\system32\oledlg.dll 2006-10-14 08:13:25 981,760 ----a-w C:\WINDOWS\system32\mfc42u.dll 2006-10-13 12:41:32 65,536 ----a-w C:\WINDOWS\system32\nwwks.dll 2006-10-13 12:41:32 64,000 ----a-w C:\WINDOWS\system32\nwapi32.dll 2006-10-13 12:41:32 144,384 ----a-w C:\WINDOWS\system32\nwprovau.dll 2006-10-13 10:34:36 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\Apple Computer 2006-10-13 10:23:15 163,584 ----a-w C:\WINDOWS\system32\drivers\nwrdr.sys 2006-10-12 22:10:06 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\Hamachi 2006-10-12 16:12:36 15,440 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys 2006-10-10 07:54:30 50,688 ----a-w C:\WINDOWS\system32\nmwcdcls.dll 2006-10-04 18:18:15 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\DivX 2006-10-03 18:47:52 109,360 ----a-w C:\WINDOWS\system32\GEARAspi.dll 2006-10-03 16:46:25 -------- d-----w C:\Program Files\Common Files\Adobe Systems Shared 2006-10-02 14:28:42 312,128 ------w C:\WINDOWS\system32\msdelta.dll 2006-10-01 12:30:59 14 ----a-w C:\WINDOWS\system32\SysEngineDrive1.sys 2006-10-01 12:27:55 -------- d-----w C:\Program Files\BlazeVideo 2006-10-01 10:01:06 -------- d-----w C:\Program Files\QuickPar 2006-09-29 00:01:00 500,480 ----a-w C:\WINDOWS\system32\drivers\V0230VID.sys 2006-09-29 00:01:00 36,864 ----a-w C:\WINDOWS\system32\V0230Pin.dll 2006-09-28 18:44:50 -------- d-----w C:\Program Files\SlySoft 2006-09-28 18:25:22 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\SlySoft 2006-09-28 18:15:28 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\PC Suite 2006-09-28 18:10:03 -------- d-----w C:\Program Files\Garmin 2006-09-28 16:36:37 -------- d-----w C:\Program Files\DIFX 2006-09-28 15:05:56 237,848 ----a-w C:\WINDOWS\system32\xactengine2_4.dll 2006-09-28 15:05:20 2,414,360 ----a-w C:\WINDOWS\system32\d3dx9_31.dll 2006-09-28 15:04:02 68,888 ----a-w C:\WINDOWS\system32\xinput1_3.dll 2006-09-28 15:03:28 15,128 ----a-w C:\WINDOWS\system32\x3daudio1_1.dll 2006-09-27 17:01:02 -------- d-----w C:\Program Files\FTDv3.7.3 2006-09-27 14:24:53 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\TuneUp Software 2006-09-27 13:19:37 -------- d-----w C:\Program Files\Nero 2006-09-27 13:05:18 -------- d-----w C:\Program Files\Jasc Software Inc 2006-09-27 12:47:48 -------- d-----w C:\Program Files\Gabest 2006-09-26 21:06:49 -------- d-----w C:\Program Files\Messenger 2006-09-26 20:32:54 -------- d-----w C:\Program Files\Common Files\ODBC 2006-09-26 20:32:51 -------- d-----w C:\Program Files\Common Files\SpeechEngines 2006-09-26 20:25:21 -------- d-----w C:\Program Files\Trust 2006-09-26 20:01:18 -------- d-----w C:\DOCUME~1\Ufuk\APPLIC~1\Help 2006-09-26 19:29:42 -------- d-----w C:\Program Files\Viruz-V 2006-09-26 19:26:13 611,064 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2006-09-26 19:20:20 -------- d-----w C:\Program Files\Orange 2006-09-26 19:17:47 -------- d-----w C:\Program Files\SAGEM 2006-09-26 19:12:44 -------- d-----w C:\Program Files\Common Files\Creative Labs Shared 2006-09-26 19:05:04 -------- d-----w C:\Program Files\Dell Photo Printer 720 2006-09-26 19:04:30 -------- d-----w C:\Program Files\Dell 720 2006-09-26 18:50:05 -------- d-----w C:\Program Files\Intel 2006-09-26 18:47:48 -------- d-----w C:\Program Files\Dell 2006-09-26 18:41:46 -------- d-----w C:\Program Files\microsoft frontpage 2006-09-26 18:41:34 0 --sha-r C:\MSDOS.SYS 2006-09-26 18:41:34 0 --sha-r C:\IO.SYS 2006-09-26 18:41:34 0 ----a-w C:\CONFIG.SYS 2006-09-26 18:40:36 -------- d--h--w C:\Program Files\WindowsUpdate 2006-09-26 18:40:35 -------- d-----w C:\Program Files\Online Services 2006-09-26 18:39:47 -------- d-----w C:\Program Files\Common Files\MSSoap 2006-09-26 18:39:38 -------- d-----w C:\Program Files\Movie Maker 2006-09-26 18:38:54 21,748 ----a-w C:\WINDOWS\system32\emptyregdb.dat 2006-09-26 18:38:44 -------- d-----w C:\Program Files\MSN Gaming Zone 2006-09-26 18:38:35 -------- d-----w C:\Program Files\Windows NT 2006-09-22 00:01:00 294,912 ----a-w C:\WINDOWS\system32\V0230CVW.dll 2006-09-19 14:44:04 15,664 ----a-w C:\WINDOWS\system32\drivers\GEARAspiWDM.sys 2006-09-16 02:02:34 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe 2006-09-15 22:30:16 87,040 ------w C:\WINDOWS\system32\WUDFCoinstaller.dll 2006-09-15 22:30:16 55,296 ------w C:\WINDOWS\system32\WudfSvc.dll 2006-09-15 22:30:16 308,224 ------w C:\WINDOWS\system32\WUDFx.dll 2006-09-15 22:30:06 142,848 ------w C:\WINDOWS\system32\WudfHost.exe 2006-09-15 21:30:10 82,688 ------w C:\WINDOWS\system32\drivers\WudfRd.sys 2006-09-15 21:29:54 163,840 ------w C:\WINDOWS\system32\WudfPlatform.dll 2006-09-15 21:29:52 76,544 ------w C:\WINDOWS\system32\drivers\WudfPf.sys 2006-09-13 05:07:10 1,084,416 ----a-w C:\WINDOWS\system32\msxml3.dll 2006-09-13 00:01:00 126,976 ----a-w C:\WINDOWS\system32\V0230Vfw.dll 2006-09-07 00:01:00 32,768 ----a-w C:\WINDOWS\V0230Mon.exe 2006-08-25 15:51:55 617,472 ----a-w C:\WINDOWS\system32\comctl32.dll 2006-08-25 03:47:00 2,560 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys 2006-08-25 03:47:00 2,432 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys 2006-08-24 12:19:52 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll 2006-08-24 12:18:10 499,254 ----a-w C:\WINDOWS\system32\dxmasf.dll 2006-08-21 12:28:04 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll 2006-08-21 09:14:58 23,040 ----a-w C:\WINDOWS\system32\fltmc.exe 2006-08-21 09:14:58 128,896 ----a-w C:\WINDOWS\system32\drivers\fltmgr.sys 2006-08-17 12:30:16 727,040 ----a-w C:\WINDOWS\system32\lsasrv.dll 2006-08-17 12:30:16 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll 2006-08-16 11:59:42 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2006-08-14 10:34:41 332,928 ----a-w C:\WINDOWS\system32\drivers\srv.sys 2006-08-11 00:01:00 32,768 ----a-w C:\WINDOWS\system32\V0230Hwx.dll 2006-07-28 08:30:32 236,824 ----a-w C:\WINDOWS\system32\xactengine2_3.dll 2006-07-28 08:30:14 62,744 ----a-w C:\WINDOWS\system32\xinput1_2.dll 2006-07-21 08:29:40 72,704 ----a-w C:\WINDOWS\system32\hlink.dll 2006-07-14 15:29:44 966,656 ----a-w C:\WINDOWS\UNRecode.exe 2006-07-14 15:29:44 966,656 ----a-w C:\WINDOWS\UNNeroShowTime.exe 2006-07-14 15:29:44 966,656 ----a-w C:\WINDOWS\UNNeroMediaHome.exe 2006-07-14 15:29:44 966,656 ----a-w C:\WINDOWS\UNNeroBackItUp.exe 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2006-06-29 07:05:44 26,112 ------w C:\WINDOWS\system32\idndl.dll 2006-06-29 07:05:44 23,552 ------w C:\WINDOWS\system32\normaliz.dll 2006-06-28 16:59:26 24,576 ------w C:\WINDOWS\system32\nlsdl.dll 2006-06-22 05:17:19 1,440,768 ----a-w C:\WINDOWS\system32\query.dll 2006-06-22 05:17:18 69,120 ----a-w C:\WINDOWS\system32\ciodm.dll 2006-06-16 10:30:54 90,112 ----a-w C:\WINDOWS\CtDrvIns.exe 2006-06-14 09:00:45 82,944 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys 2006-06-14 08:47:46 6,400 ----a-w C:\WINDOWS\system32\drivers\splitter.sys 2006-06-14 08:47:45 172,416 ----a-w C:\WINDOWS\system32\drivers\kmixer.sys 2006-05-15 14:24:50 86,880 ----a-w C:\WINDOWS\system32\drivers\WscNetDr.sys 2006-05-05 09:47:57 174,592 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys 2006-05-05 09:41:45 453,120 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys 2006-04-20 11:51:50 359,808 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2006-04-10 16:05:10 104,576 ----a-w C:\WINDOWS\system32\drivers\wceusbsh.sys 2006-03-24 04:40:00 49,152 ----a-w C:\WINDOWS\system32\wdigest.dll 2006-03-24 00:00:00 6,272 ----a-w C:\WINDOWS\system32\drivers\V0230Vfx.sys 2006-03-17 00:38:01 28,672 ------w C:\WINDOWS\system32\verclsid.exe 2006-03-17 00:33:10 262,784 ----a-w C:\WINDOWS\system32\drivers\http.sys 2006-03-16 00:00:00 9,216 ----a-w C:\WINDOWS\V0230Cfg.exe 2006-03-16 00:00:00 8,192 ----a-w C:\WINDOWS\system32\V0230Srv.exe 2006-03-01 19:44:36 956,416 ----a-w C:\WINDOWS\system32\msdtctm.dll 2006-03-01 19:44:36 91,136 ----a-w C:\WINDOWS\system32\mtxoci.dll 2006-03-01 19:44:36 66,560 ----a-w C:\WINDOWS\system32\mtxclu.dll 2006-03-01 19:44:36 426,496 ----a-w C:\WINDOWS\system32\msdtcprx.dll 2006-03-01 19:44:36 161,280 ----a-w C:\WINDOWS\system32\msdtcuiu.dll 2006-03-01 19:44:36 11,776 ----a-w C:\WINDOWS\system32\xolehlp.dll 2006-02-15 00:22:26 142,464 ----a-w C:\WINDOWS\system32\drivers\aec.sys 2006-01-04 03:36:30 68,096 ----a-w C:\WINDOWS\system32\webclnt.dll 2005-12-01 12:31:38 1,645,320 ----a-w C:\WINDOWS\system32\gdiplus.dll 2005-10-21 01:47:05 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys 2005-10-21 01:47:05 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys 2005-10-21 01:47:04 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys 2005-10-21 01:47:04 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys 2005-10-20 22:31:13 1,092,096 ----a-w C:\WINDOWS\system32\esent.dll 2005-10-18 09:08:04 349,760 ----a-w C:\WINDOWS\system32\mcinsctl.dll 2005-10-17 21:21:57 80,896 ----a-w C:\WINDOWS\system32\fontsub.dll 2005-10-17 21:21:57 118,272 ----a-w C:\WINDOWS\system32\t2embed.dll 2005-09-23 05:28:56 32,768 ----a-w C:\WINDOWS\system32\netfxperf.dll 2005-09-23 05:28:52 74,240 ----a-w C:\WINDOWS\system32\mscories.dll 2005-09-23 05:28:52 270,848 ----a-w C:\WINDOWS\system32\mscoree.dll 2005-09-23 05:28:52 150,016 ----a-w C:\WINDOWS\system32\mscorier.dll 2005-09-23 05:28:38 83,456 ----a-w C:\WINDOWS\system32\dfshim.dll 2005-09-21 10:14:32 1,350,784 ----a-w C:\WINDOWS\system32\drivers\sigfilt.sys 2005-09-10 01:55:37 2,067,968 ----a-w C:\WINDOWS\system32\cdosys.dll 2005-09-01 02:28:26 19,968 ----a-w C:\WINDOWS\system32\linkinfo.dll 2005-08-30 03:56:40 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll 2005-08-23 03:40:36 124,416 ----a-w C:\WINDOWS\system32\umpnpmgr.dll 2005-08-22 18:36:16 197,632 ----a-w C:\WINDOWS\system32\netman.dll 2005-08-17 06:41:08 1,022,040 ----a-w C:\WINDOWS\system32\drivers\sthda.sys 2005-08-15 10:08:26 5,888 ----a-w C:\WINDOWS\system32\drivers\imagedrv.sys 2005-08-15 10:08:26 127,488 ----a-w C:\WINDOWS\system32\drivers\imagesrv.sys 2005-08-05 20:05:00 516,096 ------w C:\WINDOWS\system32\ati2sgag.exe 2005-08-04 01:07:56 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll 2005-08-04 00:27:54 249,856 ----a-w C:\WINDOWS\system32\ATIDEMGR.dll 2005-08-03 23:46:26 6,684,672 ----a-w C:\WINDOWS\system32\atioglx1.dll 2005-08-03 22:28:52 5,005,312 ----a-w C:\WINDOWS\system32\atioglxx.dll 2005-08-03 22:10:38 205,312 ------w C:\WINDOWS\system32\ati2dvag.dll 2005-08-03 22:10:18 1,273,344 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys 2005-08-03 22:04:56 106,496 ----a-w C:\WINDOWS\system32\atipdlxx.dll 2005-08-03 22:04:42 73,728 ----a-w C:\WINDOWS\system32\Oemdspif.dll 2005-08-03 22:04:34 25,088 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe 2005-08-03 22:04:28 39,936 ----a-w C:\WINDOWS\system32\ati2edxx.dll 2005-08-03 22:04:18 46,080 ----a-w C:\WINDOWS\system32\ati2evxx.dll 2005-08-03 22:02:58 380,928 ----a-w C:\WINDOWS\system32\ati2evxx.exe 2005-08-03 22:02:32 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL 2005-08-03 21:54:08 2,365,472 ------w C:\WINDOWS\system32\ati3duag.dll 2005-08-03 21:47:08 639,872 ------w C:\WINDOWS\system32\ativvaxx.dll 2005-08-03 21:34:12 147,456 ----a-w C:\WINDOWS\system32\atikvmag.dll 2005-08-03 21:08:22 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll 2005-08-03 21:02:26 212,992 ------w C:\WINDOWS\system32\ati2cqag.dll 2005-07-26 04:42:48 75,264 ----a-w C:\WINDOWS\system32\olecli32.dll 2005-07-26 04:42:48 540,160 ----a-w C:\WINDOWS\system32\comuid.dll 2005-07-26 04:42:48 397,824 ----a-w C:\WINDOWS\system32\rpcss.dll 2005-07-26 04:42:48 37,888 ----a-w C:\WINDOWS\system32\olecnv32.dll 2005-07-26 04:42:48 243,200 ----a-w C:\WINDOWS\system32\es.dll 2005-07-26 04:42:48 101,376 ----a-w C:\WINDOWS\system32\txflog.dll 2005-07-26 04:42:48 1,284,608 ----a-w C:\WINDOWS\system32\ole32.dll 2005-07-26 04:42:48 1,267,200 ----a-w C:\WINDOWS\system32\comsvcs.dll 2005-07-26 04:42:47 97,792 ----a-w C:\WINDOWS\system32\comrepl.dll 2005-07-26 04:42:47 625,152 ----a-w C:\WINDOWS\system32\catsrvut.dll 2005-07-26 04:42:47 60,416 ----a-w C:\WINDOWS\system32\colbact.dll 2005-07-26 04:42:47 498,688 ----a-w C:\WINDOWS\system32\clbcatq.dll 2005-07-26 04:42:47 225,792 ----a-w C:\WINDOWS\system32\catsrv.dll 2005-07-26 04:42:47 110,080 ----a-w C:\WINDOWS\system32\clbcatex.dll 2005-07-14 02:26:16 155,648 ----a-w C:\WINDOWS\system32\stacapi.dll 2005-07-14 02:23:38 109,056 ----a-w C:\WINDOWS\system32\staco.dll 2005-07-08 16:29:37 249,344 ----a-w C:\WINDOWS\system32\tapisrv.dll 2005-07-07 00:07:00 36,864 ----a-w C:\WINDOWS\system32\CtCamMgr.dll 2005-06-29 01:53:10 74,240 ----a-w C:\WINDOWS\system32\mscms.dll 2005-06-29 01:53:10 254,976 ----a-w C:\WINDOWS\system32\icm32.dll 2005-06-17 05:33:40 872,064 ----a-w C:\WINDOWS\system32\drivers\iaStor.sys 2005-06-15 17:51:07 295,936 ----a-w C:\WINDOWS\system32\kerberos.dll 2005-06-10 23:53:32 57,856 ----a-w C:\WINDOWS\system32\spoolsv.exe 2005-06-10 15:59:16 95,617 ----a-w C:\WINDOWS\system32\atiicdxx.dat 2005-06-10 04:11:54 139,528 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys 2005-05-27 02:08:56 41,472 ----a-w C:\WINDOWS\system32\hhsetup.dll 2005-05-27 02:08:56 155,136 ----a-w C:\WINDOWS\system32\itircl.dll 2005-05-27 02:08:56 137,216 ----a-w C:\WINDOWS\system32\itss.dll 2005-05-26 23:22:01 10,752 ----a-w C:\WINDOWS\hh.exe 2005-05-26 14:34:52 2,297,552 ----a-w C:\WINDOWS\system32\d3dx9_26.dll 2005-05-26 02:16:34 466,200 ----a-w C:\WINDOWS\system32\wuapi.dll 2005-05-26 02:16:34 194,840 ----a-w C:\WINDOWS\system32\wuaueng1.dll 2005-05-26 02:16:34 174,360 ----a-w C:\WINDOWS\system32\wuauclt1.exe 2005-05-26 02:16:34 128,280 ----a-w C:\WINDOWS\system32\wucltui.dll 2005-05-26 02:16:34 125,208 ----a-w C:\WINDOWS\system32\wuauclt.exe 2005-05-26 02:16:30 41,240 ----a-w C:\WINDOWS\system32\wups.dll 2005-05-26 02:16:30 18,200 ----a-w C:\WINDOWS\system32\wups2.dll 2005-05-26 02:16:30 173,536 ----a-w C:\WINDOWS\system32\wuweb.dll 2005-05-26 02:16:30 1,343,768 ----a-w C:\WINDOWS\system32\wuaueng.dll 2005-05-26 02:16:24 75,544 ----a-w C:\WINDOWS\system32\cdm.dll 2005-05-26 02:16:24 198,424 ----a-w C:\WINDOWS\system32\iuengine.dll 2005-05-25 09:34:00 158,464 ----a-w C:\WINDOWS\system32\drivers\CTUSFSYN.SYS 2005-05-24 17:23:32 288,320 ----a-w C:\WINDOWS\system32\mcgdmgr.dll 2005-05-19 02:54:00 1,345,520 ----a-w C:\WINDOWS\system32\CTMBHA.DLL 2005-05-11 02:31:47 79,360 ----a-w C:\WINDOWS\system32\telnet.exe 2005-05-04 12:45:36 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll 2005-05-04 12:45:36 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe 2005-05-04 12:45:36 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll 2005-05-04 12:45:36 15,360 ----a-w C:\WINDOWS\system32\msisip.dll 2005-03-31 15:04:52 180,736 ----a-w C:\WINDOWS\system32\drivers\e1e5132.sys 2005-03-30 01:26:44 88,960 ----a-w C:\WINDOWS\system32\drivers\NvAtaBus.sys 2005-03-30 01:26:44 68,992 ----a-w C:\WINDOWS\system32\drivers\nvraid.sys 2005-03-30 01:25:51 39,904 ----a-w C:\WINDOWS\system32\drivers\cercsr6.sys 2005-03-30 01:25:24 4,627 ----a-w C:\WINDOWS\system32\oembios.dat 2005-03-30 01:25:24 13,107,200 ----a-w C:\WINDOWS\system32\oembios.bin 2005-03-22 10:20:44 339,968 ----a-w C:\WINDOWS\stsystra.exe 2005-03-17 21:39:56 1,146,320 ----a-w C:\WINDOWS\system32\FM20.DLL 2005-03-10 09:49:42 17,408 ----a-w C:\WINDOWS\system32\EtCoInst.dll 2005-03-09 14:22:52 126,976 ----a-w C:\WINDOWS\system32\Prounstl.exe 2005-03-09 14:21:40 163,840 ----a-w C:\WINDOWS\system32\e1000msg.dll 2005-03-09 03:01:00 51,712 ----a-w C:\WINDOWS\system32\CISETUP.DLL 2005-03-08 16:26:28 23,040 ----a-w C:\WINDOWS\system32\IntelNic.dll 2005-03-02 18:19:18 56,832 ----a-w C:\WINDOWS\system32\authz.dll 2005-02-23 06:36:00 132,608 ----a-w C:\WINDOWS\system32\CtDvInst.dll 2005-02-16 13:18:04 90,184 ----a-w C:\WINDOWS\system32\NeroCo.dll 2005-02-16 12:41:48 20,480 ----a-w C:\WINDOWS\MBDEF.EXE 2005-01-28 11:32:44 258,296 ----a-w C:\WINDOWS\system32\drmclien.dll 2005-01-28 06:53:22 96,768 ----a-w C:\WINDOWS\system32\drmstor.dll 2005-01-28 06:52:52 20,480 ----a-w C:\WINDOWS\system32\wmpui.dll 2005-01-28 06:52:52 20,480 ----a-w C:\WINDOWS\system32\wmpcore.dll 2005-01-28 06:52:52 20,480 ----a-w C:\WINDOWS\system32\wmpcd.dll 2005-01-27 23:36:26 331,776 ----a-w C:\WINDOWS\system32\wpdmtpdr.dll 2005-01-27 23:36:16 10,752 ----a-w C:\WINDOWS\system32\wpdtrace.dll 2005-01-10 10:15:00 20,992 ----a-w C:\WINDOWS\system32\SFMAN32.DLL 2005-01-10 10:15:00 138,752 ----a-w C:\WINDOWS\system32\drivers\CTSFM2K.SYS 2005-01-10 10:15:00 115,200 ----a-w C:\WINDOWS\system32\SFMS32.DLL 2005-01-10 10:15:00 106,496 ----a-w C:\WINDOWS\system32\drivers\CTOSS2K.SYS 2005-01-06 07:54:24 57,344 ----a-w C:\WINDOWS\system32\dlbccinf.dll 2005-01-06 07:54:14 49,152 ----a-w C:\WINDOWS\system32\dlbccoin.dll 2005-01-06 07:20:46 73,728 ----a-w C:\WINDOWS\system32\dlbcpwr.dll 2004-12-22 10:40:02 24,576 ----a-w C:\WINDOWS\MIDIDEF.EXE 2004-12-07 19:34:27 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll 2004-11-17 17:43:32 352,768 ----a-w C:\WINDOWS\system32\hypertrm.dll 2004-10-25 19:02:00 21,664 ----a-w C:\WINDOWS\system32\drivers\Entech.sys 2004-10-19 08:07:22 9,728 ------w C:\WINDOWS\system32\drivers\PfModNT.sys 2004-09-29 22:28:37 134,912 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys 2004-08-12 15:45:54 137,728 ------w C:\WINDOWS\system32\drivers\Hdaudbus.sys 2004-08-12 15:45:52 61,952 ------w C:\WINDOWS\system32\Hdaudpropshortcut.exe 2004-08-12 15:45:52 24,064 ------w C:\WINDOWS\system32\Hdaudprop.dll 2004-08-12 15:45:52 113,664 ------w C:\WINDOWS\system32\drivers\Hdaudio.sys 2004-08-12 15:45:42 5,120 ------w C:\WINDOWS\system32\Hdaudpropres.dll 2004-08-04 12:00:00 999,936 ----a-w C:\WINDOWS\system32\setupapi.dll 2004-08-04 12:00:00 999,424 ----a-w C:\WINDOWS\system32\msgina.dll 2004-08-04 12:00:00 993,280 ----a-w C:\WINDOWS\system32\syssetup.dll 2004-08-04 12:00:00 99,840 ----a-w C:\WINDOWS\system32\winscard.dll 2004-08-04 12:00:00 99,328 ----a-w C:\WINDOWS\system32\loadperf.dll 2004-08-04 12:00:00 98,304 ----a-w C:\WINDOWS\system32\slbiop.dll 2004-08-04 12:00:00 98,304 ----a-w C:\WINDOWS\system32\scardsvr.exe 2004-08-04 12:00:00 98,304 ----a-w C:\WINDOWS\system32\rtm.dll 2004-08-04 12:00:00 98,304 ----a-w C:\WINDOWS\system32\psbase.dll 2004-08-04 12:00:00 98,304 ----a-w C:\WINDOWS\system32\odbcint.dll 2004-08-04 12:00:00 98,304 ----a-w C:\WINDOWS\system32\cscript.exe 2004-08-04 12:00:00 98,304 ----a-w C:\WINDOWS\system32\ahui.exe 2004-08-04 12:00:00 98,278 ----a-w C:\WINDOWS\system32\eventquery.vbs 2004-08-04 12:00:00 97,280 ----a-w C:\WINDOWS\system32\dpcdll.dll 2004-08-04 12:00:00 96,256 ----a-w C:\WINDOWS\system32\drivers\sptddrv1.sys 2004-08-04 12:00:00 96,256 ----a-w C:\WINDOWS\system32\drivers\scsiport.sys 2004-08-04 12:00:00 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll 2004-08-04 12:00:00 94,784 ----a-w C:\WINDOWS\twain.dll 2004-08-04 12:00:00 94,282 ----a-w C:\WINDOWS\system32\msencode.dll 2004-08-04 12:00:00 94,208 ----a-w C:\WINDOWS\system32\tscfgwmi.dll 2004-08-04 12:00:00 937,984 ----a-w C:\WINDOWS\system32\winbrand.dll 2004-08-04 12:00:00 93,696 ----a-w C:\WINDOWS\system32\wlnotify.dll 2004-08-04 12:00:00 93,184 ----a-w C:\WINDOWS\system32\dskquota.dll 2004-08-04 12:00:00 924,432 ----a-w C:\WINDOWS\system32\mfc40.dll 2004-08-04 12:00:00 92,384 ----a-w C:\WINDOWS\system32\krnl386.exe 2004-08-04 12:00:00 92,168 ----a-w C:\WINDOWS\system32\rdpdd.dll 2004-08-04 12:00:00 92,160 ----a-w C:\WINDOWS\system32\smlogsvc.exe 2004-08-04 12:00:00 92,160 ----a-w C:\WINDOWS\system32\ntprint.dll 2004-08-04 12:00:00 92,032 ----a-w C:\WINDOWS\system32\drivers\ksecdd.sys 2004-08-04 12:00:00 91,776 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys 2004-08-04 12:00:00 91,648 ----a-w C:\WINDOWS\system32\xactsrv.dll 2004-08-04 12:00:00 91,136 ----a-w C:\WINDOWS\system32\mydocs.dll 2004-08-04 12:00:00 90,624 ----a-w C:\WINDOWS\system32\trkwks.dll 2004-08-04 12:00:00 90,112 ----a-w C:\WINDOWS\system32\rsvpsp.dll 2004-08-04 12:00:00 90,112 ----a-w C:\WINDOWS\system32\mycomput.dll 2004-08-04 12:00:00 9,936 ----a-w C:\WINDOWS\system32\lzexpand.dll 2004-08-04 12:00:00 9,728 ----a-w C:\WINDOWS\system32\sprestrt.exe 2004-08-04 12:00:00 9,728 ----a-w C:\WINDOWS\system32\rsvpperf.dll 2004-08-04 12:00:00 9,728 ----a-w C:\WINDOWS\system32\reset.exe 2004-08-04 12:00:00 9,728 ----a-w C:\WINDOWS\system32\proxycfg.exe 2004-08-04 12:00:00 9,728 ----a-w C:\WINDOWS\system32\label.exe 2004-08-04 12:00:00 9,728 ----a-w C:\WINDOWS\system32\finger.exe 2004-08-04 12:00:00 9,600 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys 2004-08-04 12:00:00 9,600 ----a-w C:\WINDOWS\system32\drivers\hidusb.sys 2004-08-04 12:00:00 9,344 ----a-w C:\WINDOWS\system32\vga.dll 2004-08-04 12:00:00 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll 2004-08-04 12:00:00 9,216 ----a-w C:\WINDOWS\system32\wshatm.dll 2004-08-04 12:00:00 9,216 ----a-w C:\WINDOWS\system32\winfax.dll 2004-08-04 12:00:00 9,216 ----a-w C:\WINDOWS\system32\wifeman.dll 2004-08-04 12:00:00 9,216 ----a-w C:\WINDOWS\system32\subst.exe 2004-08-04 12:00:00 9,216 ----a-w C:\WINDOWS\system32\scrnsave.scr 2004-08-04 12:00:00 9,216 ----a-w C:\WINDOWS\system32\print.exe 2004-08-04 12:00:00 9,216 ----a-w C:\WINDOWS\system32\lprmonui.dll 2004-08-04 12:00:00 9,216 ----a-w C:\WINDOWS\system32\iissuba.dll 2004-08-04 12:00:00 9,216 ----a-w C:\WINDOWS\system32\find.exe 2004-08-04 12:00:00 9,216 ----a-w C:\WINDOWS\system32\eventvwr.exe 2004-08-04 12:00:00 9,216 ----a-w C:\WINDOWS\system32\diskcomp.com 2004-08-04 12:00:00 9,040 ----a-w C:\WINDOWS\system32\ver.dll 2004-08-04 12:00:00 9,029 ----a-w C:\WINDOWS\system32\ansi.sys 2004-08-04 12:00:00 89,600 ----a-w C:\WINDOWS\system32\langwrbk.dll 2004-08-04 12:00:00 89,088 ----a-w C:\WINDOWS\system32\rasauto.dll 2004-08-04 12:00:00 89,088 ----a-w C:\WINDOWS\system32\mqlogmgr.dll 2004-08-04 12:00:00 882 ----a-w C:\WINDOWS\system32\share.exe 2004-08-04 12:00:00 882 ----a-w C:\WINDOWS\system32\fastopen.exe 2004-08-04 12:00:00 881,152 ----a-w C:\WINDOWS\system32\netplwiz.dll 2004-08-04 12:00:00 88,576 ----a-w C:\WINDOWS\system32\netsh.exe 2004-08-04 12:00:00 88,576 ----a-w C:\WINDOWS\system32\fldrclnr.dll 2004-08-04 12:00:00 88,448 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys 2004-08-04 12:00:00 88,064 ----a-w C:\WINDOWS\system32\p2pnetsh.dll 2004-08-04 12:00:00 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll 2004-08-04 12:00:00 87,040 ----a-w C:\WINDOWS\system32\mprapi.dll 2004-08-04 12:00:00 86,556 ----a-w C:\WINDOWS\system32\dgsetup.dll 2004-08-04 12:00:00 86,528 ----a-w C:\WINDOWS\system32\iassam.dll 2004-08-04 12:00:00 86,073 ----a-w C:\WINDOWS\system32\usrfaxa.dll 2004-08-04 12:00:00 86,016 ----a-w C:\WINDOWS\system32\p2pgasvc.dll 2004-08-04 12:00:00 86,016 ----a-w C:\WINDOWS\system32\msapsspc.dll 2004-08-04 12:00:00 86,016 ----a-w C:\WINDOWS\system32\isign32.dll 2004-08-04 12:00:00 86,016 ----a-w C:\WINDOWS\system32\ipxmontr.dll 2004-08-04 12:00:00 859,648 ----a-w C:\WINDOWS\system32\tapi3.dll 2004-08-04 12:00:00 85,504 ----a-w C:\WINDOWS\system32\makecab.exe 2004-08-04 12:00:00 85,504 ----a-w C:\WINDOWS\system32\diantz.exe 2004-08-04 12:00:00 85,504 ----a-w C:\WINDOWS\system32\catsrvps.dll 2004-08-04 12:00:00 85,504 ----a-w C:\WINDOWS\system32\cabview.dll 2004-08-04 12:00:00 85,504 ----a-w C:\WINDOWS\system32\avifil32.dll 2004-08-04 12:00:00 847,872 ----a-w C:\WINDOWS\system32\dbgeng.dll 2004-08-04 12:00:00 84,992 ----a-w C:\WINDOWS\system32\mciavi32.dll 2004-08-04 12:00:00 831,519 ----a-w C:\WINDOWS\system32\mswdat10.dll 2004-08-04 12:00:00 83,456 ----a-w C:\WINDOWS\system32\olepro32.dll 2004-08-04 12:00:00 83,456 ----a-w C:\WINDOWS\system32\dpvsetup.exe 2004-08-04 12:00:00 825,344 ----a-w C:\WINDOWS\system32\d3dim700.dll 2004-08-04 12:00:00 822,784 ----a-w C:\WINDOWS\system32\comres.dll 2004-08-04 12:00:00 82,944 ----a-w C:\WINDOWS\system32\ws2_32.dll 2004-08-04 12:00:00 82,944 ----a-w C:\WINDOWS\system32\tapiui.dll 2004-08-04 12:00:00 82,944 ----a-w C:\WINDOWS\system32\olecli.dll 2004-08-04 12:00:00 82,432 ----a-w C:\WINDOWS\system32\ufat.dll 2004-08-04 12:00:00 82,432 ----a-w C:\WINDOWS\system32\dmscript.dll 2004-08-04 12:00:00 82,432 ----a-w C:\WINDOWS\system32\dfrgfat.exe 2004-08-04 12:00:00 817 ----a-w C:\WINDOWS\system32\mscdexnt.exe 2004-08-04 12:00:00 815,104 ----a-w C:\WINDOWS\system32\mmc.exe 2004-08-04 12:00:00 81,920 ----a-w C:\WINDOWS\system32\ils.dll 2004-08-04 12:00:00 81,920 ----a-w C:\WINDOWS\system32\fsusd.dll 2004-08-04 12:00:00 81,408 ----a-w C:\WINDOWS\system32\wscsvc.dll 2004-08-04 12:00:00 81,408 ----a-w C:\WINDOWS\system32\netui0.dll 2004-08-04 12:00:00 800,000 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys 2004-08-04 12:00:00 80,896 ----a-w C:\WINDOWS\system32\faultrep.dll 2004-08-04 12:00:00 80,896 ----a-w C:\WINDOWS\system32\charmap.exe 2004-08-04 12:00:00 80,896 ----a-w C:\WINDOWS\system32\autodisc.dll 2004-08-04 12:00:00 80,384 ----a-w C:\WINDOWS\system32\iccvid.dll 2004-08-04 12:00:00 80,384 ----a-w C:\WINDOWS\system32\eventtriggers.exe 2004-08-04 12:00:00 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys 2004-08-04 12:00:00 8,832 ----a-w C:\WINDOWS\system32\drivers\rasacd.sys 2004-08-04 12:00:00 8,704 ----a-w C:\WINDOWS\system32\lpr.exe 2004-08-04 12:00:00 8,704 ----a-w C:\WINDOWS\system32\hostname.exe 2004-08-04 12:00:00 8,704 ----a-w C:\WINDOWS\system32\dciman32.dll 2004-08-04 12:00:00 8,704 ----a-w C:\WINDOWS\system32\batt.dll 2004-08-04 12:00:00 8,488 ----a-w C:\WINDOWS\system32\exe2bin.exe 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\winhlp32.exe 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\streamci.dll 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\smbinst.exe 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\qosname.dll 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\psnppagn.dll 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\ntlsapi.dll 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\mqperf.dll 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\mountvol.exe 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\mciole16.dll 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\mag_hook.dll 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\igmpagnt.dll 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\d3d8thk.dll 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\control.exe 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\cidaemon.exe 2004-08-04 12:00:00 8,192 ----a-w C:\WINDOWS\system32\bitsprx2.dll 2004-08-04 12:00:00 8,192 ----a-r C:\WINDOWS\system32\kbdhept.dll 2004-08-04 12:00:00 79,872 ----a-w C:\WINDOWS\system32\tlntsess.exe 2004-08-04 12:00:00 79,744 ----a-w C:\WINDOWS\system32\drivers\videoprt.sys 2004-08-04 12:00:00 78,336 ----a-w C:\WINDOWS\system32\unimdmat.dll 2004-08-04 12:00:00 78,336 ----a-w C:\WINDOWS\system32\shrpubw.exe 2004-08-04 12:00:00 78,336 ----a-w C:\WINDOWS\system32\sdbinst.exe 2004-08-04 12:00:00 78,336 ----a-w C:\WINDOWS\system32\rtcshare.exe 2004-08-04 12:00:00 78,336 ----a-w C:\WINDOWS\system32\browsewm.dll 2004-08-04 12:00:00 772,608 ----a-w C:\WINDOWS\system32\winntbbu.dll 2004-08-04 12:00:00 77,891 ----a-w C:\WINDOWS\system32\usrmlnka.exe 2004-08-04 12:00:00 77,890 ----a-w C:\WINDOWS\system32\usrdpa.dll 2004-08-04 12:00:00 77,883 ----a-w C:\WINDOWS\system32\usrrtosa.dll 2004-08-04 12:00:00 77,824 ----a-w C:\WINDOWS\system32\cliconfg.dll 2004-08-04 12:00:00 77,312 ----a-w C:\WINDOWS\system32\gcdef.dll 2004-08-04 12:00:00 77,312 ----a-w C:\WINDOWS\system32\browser.dll 2004-08-04 12:00:00 76,800 ----a-w C:\WINDOWS\system32\nslookup.exe 2004-08-04 12:00:00 76,800 ----a-w C:\WINDOWS\system32\dhcpsapi.dll 2004-08-04 12:00:00 76,288 ----a-w C:\WINDOWS\system32\mmcbase.dll 2004-08-04 12:00:00 755,200 ----a-w C:\WINDOWS\system32\ir50_32.dll 2004-08-04 12:00:00 75,776 ----a-w C:\WINDOWS\system32\wiascr.dll 2004-08-04 12:00:00 75,776 ----a-w C:\WINDOWS\system32\strmfilt.dll 2004-08-04 12:00:00 75,776 ----a-w C:\WINDOWS\system32\cryptdlg.dll 2004-08-04 12:00:00 75,264 ----a-w C:\WINDOWS\system32\locator.exe 2004-08-04 12:00:00 75,264 ----a-w C:\WINDOWS\system32\inetpp.dll 2004-08-04 12:00:00 741 ----a-w C:\WINDOWS\system32\noise.dat 2004-08-04 12:00:00 74,752 ----a-w C:\WINDOWS\system32\tlntsvr.exe 2004-08-04 12:00:00 74,752 ----a-w C:\WINDOWS\system32\spoolss.dll 2004-08-04 12:00:00 74,752 ----a-w C:\WINDOWS\system32\fdeploy.dll 2004-08-04 12:00:00 74,752 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys 2004-08-04 12:00:00 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll 2004-08-04 12:00:00 73,802 ----a-w C:\WINDOWS\system32\msrclr40.dll 2004-08-04 12:00:00 73,728 ----a-w C:\WINDOWS\system32\tasklist.exe 2004-08-04 12:00:00 73,728 ----a-w C:\WINDOWS\system32\taskkill.exe 2004-08-04 12:00:00 73,728 ----a-w C:\WINDOWS\system32\icwdial.dll 2004-08-04 12:00:00 73,728 ----a-w C:\WINDOWS\system32\csseqchk.dll 2004-08-04 12:00:00 73,472 ----a-w C:\WINDOWS\system32\drivers\sr.sys 2004-08-04 12:00:00 73,216 ----a-w C:\WINDOWS\system32\msaudite.dll 2004-08-04 12:00:00 73,216 ----a-w C:\WINDOWS\system32\magnify.exe 2004-08-04 12:00:00 73,216 ----a-w C:\WINDOWS\system32\avwav.dll 2004-08-04 12:00:00 729,088 ----a-w C:\WINDOWS\system32\ntdll.dll 2004-08-04 12:00:00 728,576 ----a-w C:\WINDOWS\system32\userenv.dll 2004-08-04 12:00:00 72,960 ----a-w C:\WINDOWS\system32\drivers\mqac.sys 2004-08-04 12:00:00 72,704 ----a-w C:\WINDOWS\system32\msw3prt.dll 2004-08-04 12:00:00 72,192 ----a-w C:\WINDOWS\system32\sprio800.dll 2004-08-04 12:00:00 72,192 ----a-w C:\WINDOWS\system32\dsdmoprp.dll 2004-08-04 12:00:00 713,728 ----a-w C:\WINDOWS\system32\opengl32.dll 2004-08-04 12:00:00 71,680 ----a-w C:\WINDOWS\system32\ssdpsrv.dll 2004-08-04 12:00:00 71,680 ----a-w C:\WINDOWS\system32\msacm32.dll 2004-08-04 12:00:00 71,680 ----a-w C:\WINDOWS\system32\blastcln.exe 2004-08-04 12:00:00 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys 2004-08-04 12:00:00 71,168 ----a-w C:\WINDOWS\system32\sigverif.exe 2004-08-04 12:00:00 71,040 ----a-w C:\WINDOWS\system32\drivers\dxg.sys 2004-08-04 12:00:00 71,006 ----a-w C:\WINDOWS\system32\edit.com 2004-08-04 12:00:00 708,608 ----a-w C:\WINDOWS\system32\ss3dfo.scr 2004-08-04 12:00:00 707 ----a-w C:\WINDOWS\_default.pif 2004-08-04 12:00:00 701,440 ----a-w C:\WINDOWS\system32\msxml2.dll 2004-08-04 12:00:00 70,656 ----a-w C:\WINDOWS\system32\sprio600.dll 2004-08-04 12:00:00 70,656 ----a-w C:\WINDOWS\system32\scarddlg.dll 2004-08-04 12:00:00 70,656 ----a-w C:\WINDOWS\system32\ipxpromn.dll 2004-08-04 12:00:00 70,656 ----a-w C:\WINDOWS\system32\ifsutil.dll 2004-08-04 12:00:00 70,656 ----a-w C:\WINDOWS\system32\amstream.dll 2004-08-04 12:00:00 70,192 ----a-w C:\WINDOWS\system32\mmsystem.dll 2004-08-04 12:00:00 70,144 ----a-w C:\WINDOWS\system32\systeminfo.exe 2004-08-04 12:00:00 70,144 ----a-w C:\WINDOWS\system32\notepad.exe 2004-08-04 12:00:00 70,144 ----a-w C:\WINDOWS\system32\avicap.dll 2004-08-04 12:00:00 70,144 ----a-w C:\WINDOWS\NOTEPAD.EXE 2004-08-04 12:00:00 7,936 ----a-w C:\WINDOWS\system32\drivers\fs_rec.sys 2004-08-04 12:00:00 7,680 ----a-w C:\WINDOWS\system32\vcdex.dll 2004-08-04 12:00:00 7,680 ----a-w C:\WINDOWS\system32\ncxpnt.dll 2004-08-04 12:00:00 7,680 ----a-w C:\WINDOWS\system32\mll_mtf.dll 2004-08-04 12:00:00 7,680 ----a-w C:\WINDOWS\system32\mciole32.dll 2004-08-04 12:00:00 7,680 ----a-w C:\WINDOWS\system32\kbdsmsno.dll 2004-08-04 12:00:00 7,680 ----a-w C:\WINDOWS\system32\kbdsmsfi.dll 2004-08-04 12:00:00 7,680 ----a-w C:\WINDOWS\system32\kbdcan.dll 2004-08-04 12:00:00 7,680 ----a-w C:\WINDOWS\system32\drivers\mcd.sys 2004-08-04 12:00:00 7,680 ----a-w C:\WINDOWS\system32\ckcnv.exe 2004-08-04 12:00:00 7,680 ----a-w C:\WINDOWS\system32\chcp.com 2004-08-04 12:00:00 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll 2004-08-04 12:00:00 7,168 ----a-w C:\WINDOWS\system32\wshnetbs.dll 2004-08-04 12:00:00 7,168 ----a-w C:\WINDOWS\system32\tlntsvrp.dll 2004-08-04 12:00:00 7,168 ----a-w C:\WINDOWS\system32\recover.exe 2004-08-04 12:00:00 7,168 ----a-w C:\WINDOWS\system32\msr2cenu.dll 2004-08-04 12:00:00 7,168 ----a-w C:\WINDOWS\system32\mscat32.dll 2004-08-04 12:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdukx.dll 2004-08-04 12:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdno1.dll 2004-08-04 12:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdnec.dll 2004-08-04 12:00:00 7,168 ----a-w C:\WINDOWS\system32\kbdfi1.dll 2004-08-04 12:00:00 7,168 ----a-w C:\WINDOWS\system32\hccoin.dll 2004-08-04 12:00:00 7,168 ----a-w C:\WINDOWS\system32\forcedos.exe 2004-08-04 12:00:00 7,168 ----a-w C:\WINDOWS\system32\diskcopy.com 2004-08-04 12:00:00 7,168 ----a-w C:\WINDOWS\system32\bitsprx3.dll 2004-08-04 12:00:00 7,168 ----a-r C:\WINDOWS\system32\kbdcz.dll 2004-08-04 12:00:00 7,084 ----a-w C:\WINDOWS\system32\nlsfunc.exe 2004-08-04 12:00:00 7,040 ----a-w C:\WINDOWS\system32\kdcom.dll 2004-08-04 12:00:00 69,700 ----a-w C:\WINDOWS\system32\usrshuta.exe 2004-08-04 12:00:00 69,699 ----a-w C:\WINDOWS\system32\usrcoina.dll 2004-08-04 12:00:00 69,632 ----a-w C:\WINDOWS\system32\spnike.dll 2004-08-04 12:00:00 69,632 ----a-w C:\WINDOWS\system32\raschap.dll 2004-08-04 12:00:00 69,632 ----a-w C:\WINDOWS\system32\openfiles.exe 2004-08-04 12:00:00 69,632 ----a-w C:\WINDOWS\system32\odbcconf.exe 2004-08-04 12:00:00 69,632 ----a-w C:\WINDOWS\system32\msr2c.dll 2004-08-04 12:00:00 69,632 ----a-w C:\WINDOWS\system32\msconf.dll 2004-08-04 12:00:00 69,120 ----a-w C:\WINDOWS\system32\olethk32.dll 2004-08-04 12:00:00 69,120 ----a-w C:\WINDOWS\system32\MSCTFP.dll 2004-08-04 12:00:00 69,120 ----a-w C:\WINDOWS\system32\mprddm.dll 2004-08-04 12:00:00 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys 2004-08-04 12:00:00 684,032 ----a-w C:\WINDOWS\system32\sstext3d.scr 2004-08-04 12:00:00 684,032 ----a-w C:\WINDOWS\system32\advapi32.dll 2004-08-04 12:00:00 68,608 ----a-w C:\WINDOWS\system32\digest.dll 2004-08-04 12:00:00 68,096 ----a-w C:\WINDOWS\system32\shgina.dll 2004-08-04 12:00:00 68,096 ----a-w C:\WINDOWS\system32\osuninst.dll 2004-08-04 12:00:00 68,096 ----a-w C:\WINDOWS\system32\adsmsext.dll 2004-08-04 12:00:00 676,864 ----a-w C:\WINDOWS\system32\rasdlg.dll 2004-08-04 12:00:00 673,088 ----a-w C:\WINDOWS\system32\mlang.dat 2004-08-04 12:00:00 67,584 ----a-w C:\WINDOWS\system32\sti.dll 2004-08-04 12:00:00 67,584 ----a-w C:\WINDOWS\system32\srclient.dll 2004-08-04 12:00:00 67,584 ----a-w C:\WINDOWS\system32\drivers\sdbus.sys 2004-08-04 12:00:00 67,584 ----a-w C:\WINDOWS\system32\browselc.dll 2004-08-04 12:00:00 67,584 ----a-w C:\WINDOWS\system32\acctres.dll 2004-08-04 12:00:00 67,072 ----a-w C:\WINDOWS\system32\rdshost.exe 2004-08-04 12:00:00 67,072 ----a-w C:\WINDOWS\system32\ntdsapi.dll 2004-08-04 12:00:00 67,072 ----a-w C:\WINDOWS\system32\console.dll 2004-08-04 12:00:00 662,528 ----a-w C:\WINDOWS\system32\getuname.dll 2004-08-04 12:00:00 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll 2004-08-04 12:00:00 66,560 ----a-w C:\WINDOWS\system32\ipxsap.dll 2004-08-04 12:00:00 66,176 ----a-w C:\WINDOWS\system32\drivers\udfs.sys 2004-08-04 12:00:00 66,048 ----a-w C:\WINDOWS\system32\wextract.exe 2004-08-04 12:00:00 655,360 ----a-w C:\WINDOWS\system32\mstscax.dll 2004-08-04 12:00:00 65,920 ----a-w C:\WINDOWS\system32\drivers\serial.sys 2004-08-04 12:00:00 65,536 ----a-w C:\WINDOWS\system32\wshext.dll 2004-08-04 12:00:00 65,536 ----a-w C:\WINDOWS\system32\shimeng.dll 2004-08-04 12:00:00 65,536 ----a-w C:\WINDOWS\system32\odbccu32.dll 2004-08-04 12:00:00 65,536 ----a-w C:\WINDOWS\system32\odbccr32.dll 2004-08-04 12:00:00 65,536 ----a-w C:\WINDOWS\system32\jgsh400.dll 2004-08-04 12:00:00 65,536 ----a-w C:\WINDOWS\system32\icwphbk.dll 2004-08-04 12:00:00 65,024 ----a-w C:\WINDOWS\system32\pautoenr.dll 2004-08-04 12:00:00 65,024 ----a-w C:\WINDOWS\system32\msratelc.dll 2004-08-04 12:00:00 65,024 ----a-w C:\WINDOWS\system32\cleanmgr.exe 2004-08-04 12:00:00 65,024 ----a-w C:\WINDOWS\system32\avicap32.dll 2004-08-04 12:00:00 65,024 ----a-w C:\WINDOWS\system32\asycfilt.dll 2004-08-04 12:00:00 640,000 ----a-w C:\WINDOWS\system32\dbghelp.dll 2004-08-04 12:00:00 64,512 ----a-w C:\WINDOWS\system32\cmstp.exe 2004-08-04 12:00:00 64,000 ----a-w C:\WINDOWS\system32\samlib.dll 2004-08-04 12:00:00 632,832 ----a-w C:\WINDOWS\system32\autoconv.exe 2004-08-04 12:00:00 63,744 ----a-w C:\WINDOWS\system32\drivers\mf.sys 2004-08-04 12:00:00 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys 2004-08-04 12:00:00 63,488 ----a-w C:\WINDOWS\system32\cryptnet.dll 2004-08-04 12:00:00 63,232 ----a-w C:\WINDOWS\system32\drivers\nwlnknb.sys 2004-08-04 12:00:00 629,248 ----a-w C:\WINDOWS\system32\netcfgx.dll 2004-08-04 12:00:00 62,976 ----a-w C:\WINDOWS\system32\tlntadmn.exe 2004-08-04 12:00:00 62,976 ----a-w C:\WINDOWS\system32\rsopprov.exe 2004-08-04 12:00:00 62,976 ----a-w C:\WINDOWS\system32\dsauth.dll 2004-08-04 12:00:00 62,464 ----a-w C:\WINDOWS\system32\rdpclip.exe 2004-08-04 12:00:00 62,464 ----a-w C:\WINDOWS\system32\iasnap.dll 2004-08-04 12:00:00 62,464 ----a-w C:\WINDOWS\system32\dpnmodem.dll 2004-08-04 12:00:00 619,008 ----a-w C:\WINDOWS\system32\dx7vb.dll 2004-08-04 12:00:00 619,008 ----a-w C:\WINDOWS\system32\autochk.exe 2004-08-04 12:00:00 614,912 ----a-w C:\WINDOWS\system32\h323msp.dll 2004-08-04 12:00:00 614,429 ----a-w C:\WINDOWS\system32\mswstr10.dll 2004-08-04 12:00:00 610,816 ----a-w C:\WINDOWS\system32\autofmt.exe 2004-08-04 12:00:00 610,304 ----a-w C:\WINDOWS\system32\sspipes.scr 2004-08-04 12:00:00 61,952 ----a-w C:\WINDOWS\system32\dpnwsock.dll 2004-08-04 12:00:00 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys 2004-08-04 12:00:00 61,508 ----a-w C:\WINDOWS\system32\usrprbda.exe 2004-08-04 12:00:00 61,500 ----a-w C:\WINDOWS\system32\usrcntra.dll 2004-08-04 12:00:00 61,440 ----a-w C:\WINDOWS\system32\remotepg.dll 2004-08-04 12:00:00 61,440 ----a-w C:\WINDOWS\system32\rasman.dll 2004-08-04 12:00:00 61,440 ----a-w C:\WINDOWS\system32\ocmanage.dll 2004-08-04 12:00:00 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll 2004-08-04 12:00:00 61,440 ----a-w C:\WINDOWS\system32\logman.exe 2004-08-04 12:00:00 61,440 ----a-w C:\WINDOWS\system32\dmcompos.dll 2004-08-04 12:00:00 61,264 ----a-w C:\WINDOWS\system32\msacm.dll 2004-08-04 12:00:00 61,056 ----a-w C:\WINDOWS\system32\drivers\ohci1394.sys 2004-08-04 12:00:00 609,280 ----a-w C:\WINDOWS\system32\wsecedit.dll 2004-08-04 12:00:00 601,088 ----a-w C:\WINDOWS\system32\crypt32.dll 2004-08-04 12:00:00 60,928 ----a-w C:\WINDOWS\system32\mqgentr.dll 2004-08-04 12:00:00 60,928 ----a-w C:\WINDOWS\system32\miglibnt.dll 2004-08-04 12:00:00 60,928 ----a-w C:\WINDOWS\system32\iassvcs.dll 2004-08-04 12:00:00 60,928 ----a-w C:\WINDOWS\system32\dpnhupnp.dll 2004-08-04 12:00:00 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys 2004-08-04 12:00:00 60,416 ----a-w C:\WINDOWS\system32\ipv6mon.dll 2004-08-04 12:00:00 60,416 ----a-w C:\WINDOWS\system32\fwcfg.dll 2004-08-04 12:00:00 60,416 ----a-w C:\WINDOWS\system32\cryptsvc.dll 2004-08-04 12:00:00 6,912 ----a-w C:\WINDOWS\system32\drivers\parvdm.sys 2004-08-04 12:00:00 6,656 ----a-w C:\WINDOWS\system32\wuauserv.dll 2004-08-04 12:00:00 6,656 ----a-w C:\WINDOWS\system32\sensapi.dll 2004-08-04 12:00:00 6,656 ----a-w C:\WINDOWS\system32\routetab.dll 2004-08-04 12:00:00 6,656 ----a-w C:\WINDOWS\system32\msswchx.exe 2004-08-04 12:00:00 6,656 ----a-w C:\WINDOWS\system32\msidle.dll 2004-08-04 12:00:00 6,656 ----a-w C:\WINDOWS\system32\kbdsg.dll 2004-08-04 12:00:00 6,656 ----a-w C:\WINDOWS\system32\kbdla.dll 2004-08-04 12:00:00 6,656 ----a-w C:\WINDOWS\system32\kbdinmal.dll 2004-08-04 12:00:00 6,656 ----a-w C:\WINDOWS\system32\kbdinben.dll 2004-08-04 12:00:00 6,656 ----a-r C:\WINDOWS\system32\kbdycl.dll 2004-08-04 12:00:00 6,656 ----a-r C:\WINDOWS\system32\kbdsl1.dll 2004-08-04 12:00:00 6,656 ----a-r C:\WINDOWS\system32\kbdsl.dll 2004-08-04 12:00:00 6,656 ----a-r C:\WINDOWS\system32\kbdpl.dll 2004-08-04 12:00:00 6,656 ----a-r C:\WINDOWS\system32\kbdhu.dll 2004-08-04 12:00:00 6,656 ----a-r C:\WINDOWS\system32\kbdhela3.dll 2004-08-04 12:00:00 6,656 ----a-r C:\WINDOWS\system32\kbdcz2.dll 2004-08-04 12:00:00 6,656 ----a-r C:\WINDOWS\system32\kbdcz1.dll 2004-08-04 12:00:00 6,656 ----a-r C:\WINDOWS\system32\kbdcr.dll 2004-08-04 12:00:00 6,656 ----a-r C:\WINDOWS\system32\KBDAL.DLL 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\svcpack.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\nwevent.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\msdtc.exe 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\lpq.exe 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdusx.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdusr.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdusl.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdsw.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdsp.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdsf.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdpo.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdno.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdne.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdmlt48.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdmlt47.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdmac.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdinbe1.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdic.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdgr1.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdgr.dll 2004-08-
  • ik krijg zo te zien de hele log niet in 1 post, ik heb dan ook geen idee of het genoeg is of te weinig wat ik post.. :-? [b:fb4cbb2e5f]Hier verder:[/b:fb4cbb2e5f] 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdgr1.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdgr.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdfr.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdfo.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdfi.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdfc.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdes.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdda.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdca.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdbr.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdbene.dll 2004-08-04 12:00:00 6,144 ----a-w C:\WINDOWS\system32\kbdbe.dll 2004-08-04 12:00:00 6,144 ----a-r C:\WINDOWS\system32\kbdtuq.dll 2004-08-04 12:00:00 6,144 ----a-r C:\WINDOWS\system32\kbdtuf.dll 2004-08-04 12:00:00 6,144 ----a-r C:\WINDOWS\system32\kbdlv1.dll 2004-08-04 12:00:00 6,144 ----a-r C:\WINDOWS\system32\kbdlv.dll 2004-08-04 12:00:00 6,144 ----a-r C:\WINDOWS\system32\kbdhela2.dll 2004-08-04 12:00:00 6,144 ----a-r C:\WINDOWS\system32\kbdgkl.dll 2004-08-04 12:00:00 6,144 ----a-r C:\WINDOWS\system32\kbdest.dll 2004-08-04 12:00:00 593,408 ----a-w C:\WINDOWS\system32\wiashext.dll 2004-08-04 12:00:00 590,336 ----a-w C:\WINDOWS\system32\d3dramp.dll 2004-08-04 12:00:00 59,904 ----a-w C:\WINDOWS\system32\regsvc.dll 2004-08-04 12:00:00 59,904 ----a-w C:\WINDOWS\system32\mpr.dll 2004-08-04 12:00:00 59,904 ----a-w C:\WINDOWS\system32\fsutil.exe 2004-08-04 12:00:00 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys 2004-08-04 12:00:00 59,904 ----a-w C:\WINDOWS\system32\driverquery.exe 2004-08-04 12:00:00 59,904 ----a-w C:\WINDOWS\system32\devenum.dll 2004-08-04 12:00:00 59,904 ----a-w C:\WINDOWS\system32\cabinet.dll 2004-08-04 12:00:00 586,240 ----a-w C:\WINDOWS\system32\mlang.dll 2004-08-04 12:00:00 581,120 ----a-w C:\WINDOWS\system32\rpcrt4.dll 2004-08-04 12:00:00 58,880 ----a-w C:\WINDOWS\system32\resutils.dll 2004-08-04 12:00:00 58,880 ----a-w C:\WINDOWS\system32\rastapi.dll 2004-08-04 12:00:00 58,880 ----a-w C:\WINDOWS\system32\packager.exe 2004-08-04 12:00:00 58,880 ----a-w C:\WINDOWS\system32\ntlanui.dll 2004-08-04 12:00:00 58,880 ----a-w C:\WINDOWS\system32\msdtclog.dll 2004-08-04 12:00:00 58,880 ----a-w C:\WINDOWS\system32\licwmi.dll 2004-08-04 12:00:00 58,880 ----a-w C:\WINDOWS\system32\gpupdate.exe 2004-08-04 12:00:00 58,880 ----a-w C:\WINDOWS\system32\atl.dll 2004-08-04 12:00:00 58,368 ----a-w C:\WINDOWS\system32\dvdplay.exe 2004-08-04 12:00:00 58,112 ----a-w C:\WINDOWS\system32\drivers\vdmindvd.sys 2004-08-04 12:00:00 572,928 ----a-w C:\WINDOWS\system32\printui.dll 2004-08-04 12:00:00 572,928 ----a-w C:\WINDOWS\system32\gpedit.dll 2004-08-04 12:00:00 57,856 ----a-w C:\WINDOWS\system32\wmerrNLD.dll 2004-08-04 12:00:00 57,856 ----a-w C:\WINDOWS\system32\synceng.dll 2004-08-04 12:00:00 57,856 ----a-w C:\WINDOWS\system32\rasphone.exe 2004-08-04 12:00:00 57,856 ----a-w C:\WINDOWS\system32\dpwsockx.dll 2004-08-04 12:00:00 57,856 ----a-w C:\WINDOWS\system32\clusapi.dll 2004-08-04 12:00:00 57,856 ----a-w C:\WINDOWS\system32\cipher.exe 2004-08-04 12:00:00 57,616 ----a-w C:\WINDOWS\system32\odbcji32.dll 2004-08-04 12:00:00 57,392 ----a-w C:\WINDOWS\system32\wshnl.dll 2004-08-04 12:00:00 57,344 ----a-w C:\WINDOWS\system32\sol.exe 2004-08-04 12:00:00 57,344 ----a-w C:\WINDOWS\system32\msasn1.dll 2004-08-04 12:00:00 57,344 ----a-w C:\WINDOWS\system32\mfc42loc.dll 2004-08-04 12:00:00 57,344 ----a-w C:\WINDOWS\system32\ipconfig.exe 2004-08-04 12:00:00 566,784 ----a-w C:\WINDOWS\system32\shdoclc.dll 2004-08-04 12:00:00 565,760 ----a-w C:\WINDOWS\system32\msvcp50.dll 2004-08-04 12:00:00 562,688 ----a-w C:\WINDOWS\system32\qedit.dll 2004-08-04 12:00:00 56,832 ----a-w C:\WINDOWS\system32\reg.exe 2004-08-04 12:00:00 56,832 ----a-w C:\WINDOWS\system32\getmac.exe 2004-08-04 12:00:00 56,320 ----a-w C:\WINDOWS\system32\wmiscmgr.dll 2004-08-04 12:00:00 56,320 ----a-w C:\WINDOWS\system32\servdeps.dll 2004-08-04 12:00:00 553,472 ----a-w C:\WINDOWS\system32\oleaut32.dll 2004-08-04 12:00:00 552,989 ----a-w C:\WINDOWS\system32\msrepl40.dll 2004-08-04 12:00:00 55,936 ----a-w C:\WINDOWS\system32\drivers\nwlnkspx.sys 2004-08-04 12:00:00 55,936 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys 2004-08-04 12:00:00 55,808 ----a-w C:\WINDOWS\system32\secur32.dll 2004-08-04 12:00:00 55,808 ----a-w C:\WINDOWS\system32\icmui.dll 2004-08-04 12:00:00 55,808 ----a-w C:\WINDOWS\system32\freecell.exe 2004-08-04 12:00:00 55,808 ----a-w C:\WINDOWS\system32\eventlog.dll 2004-08-04 12:00:00 55,296 ----a-w C:\WINDOWS\system32\sendmail.dll 2004-08-04 12:00:00 55,296 ----a-w C:\WINDOWS\system32\npptools.dll 2004-08-04 12:00:00 55,296 ----a-w C:\WINDOWS\system32\dmutil.dll 2004-08-04 12:00:00 54,784 ----a-w C:\WINDOWS\system32\narrator.exe 2004-08-04 12:00:00 54,784 ----a-w C:\WINDOWS\system32\msvcirt.dll 2004-08-04 12:00:00 54,784 ----a-w C:\WINDOWS\system32\ixsso.dll 2004-08-04 12:00:00 54,784 ----a-w C:\WINDOWS\system32\dfrgres.dll 2004-08-04 12:00:00 54,784 ----a-w C:\WINDOWS\system32\dataclen.dll 2004-08-04 12:00:00 54,784 ----a-w C:\WINDOWS\system32\cryptext.dll 2004-08-04 12:00:00 54,272 ----a-w C:\WINDOWS\system32\stclient.dll 2004-08-04 12:00:00 54,272 ----a-w C:\WINDOWS\system32\rsm.exe 2004-08-04 12:00:00 539,136 ----a-w C:\WINDOWS\system32\spider.exe 2004-08-04 12:00:00 53,920 ----a-w C:\WINDOWS\system32\dosx.exe 2004-08-04 12:00:00 53,760 ----a-w C:\WINDOWS\system32\winsta.dll 2004-08-04 12:00:00 53,760 ----a-w C:\WINDOWS\system32\ipv6.exe 2004-08-04 12:00:00 53,760 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys 2004-08-04 12:00:00 53,632 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys 2004-08-04 12:00:00 53,520 ----a-w C:\WINDOWS\system32\dpserial.dll 2004-08-04 12:00:00 53,305 ----a-w C:\WINDOWS\system32\usrlbva.dll 2004-08-04 12:00:00 53,279 ----a-w C:\WINDOWS\system32\msjter40.dll 2004-08-04 12:00:00 53,248 ----a-w C:\WINDOWS\system32\mfc40loc.dll 2004-08-04 12:00:00 53,248 ----a-w C:\WINDOWS\system32\drivers\1394bus.sys 2004-08-04 12:00:00 527,872 ----a-w C:\WINDOWS\system32\cryptui.dll 2004-08-04 12:00:00 526,848 ----a-w C:\WINDOWS\system32\p2psvc.dll 2004-08-04 12:00:00 52,736 ----a-w C:\WINDOWS\system32\migpwd.exe 2004-08-04 12:00:00 52,736 ----a-w C:\WINDOWS\system32\basesrv.dll 2004-08-04 12:00:00 52,224 ----a-w C:\WINDOWS\system32\tsappcmp.dll 2004-08-04 12:00:00 52,224 ----a-w C:\WINDOWS\system32\dssec.dll 2004-08-04 12:00:00 52,206 ----a-w C:\WINDOWS\system32\command.com 2004-08-04 12:00:00 517,632 ----a-w C:\WINDOWS\system32\mqsnap.dll 2004-08-04 12:00:00 515,072 ----a-w C:\WINDOWS\system32\logonui.exe 2004-08-04 12:00:00 512,029 ----a-w C:\WINDOWS\system32\msexch40.dll 2004-08-04 12:00:00 51,712 ----a-w C:\WINDOWS\system32\wzcsapi.dll 2004-08-04 12:00:00 51,712 ----a-w C:\WINDOWS\system32\w32tm.exe 2004-08-04 12:00:00 51,712 ----a-w C:\WINDOWS\system32\vdmredir.dll 2004-08-04 12:00:00 51,712 ----a-w C:\WINDOWS\system32\msident.dll 2004-08-04 12:00:00 51,712 ----a-w C:\WINDOWS\system32\eventcreate.exe 2004-08-04 12:00:00 51,712 ----a-w C:\WINDOWS\system32\drivers\tosdvd.sys 2004-08-04 12:00:00 51,456 ----a-w C:\WINDOWS\system32\vga256.dll 2004-08-04 12:00:00 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys 2004-08-04 12:00:00 51,200 ----a-w C:\WINDOWS\system32\wstdecod.dll 2004-08-04 12:00:00 51,200 ----a-w C:\WINDOWS\system32\syncapp.exe 2004-08-04 12:00:00 506,368 ----a-w C:\WINDOWS\system32\msxml.dll 2004-08-04 12:00:00 504,832 ----a-w C:\WINDOWS\system32\winlogon.exe 2004-08-04 12:00:00 504,832 ----a-w C:\WINDOWS\system32\mqutil.dll 2004-08-04 12:00:00 50,688 ----a-w C:\WINDOWS\twain_32.dll 2004-08-04 12:00:00 50,688 ----a-w C:\WINDOWS\system32\smss.exe 2004-08-04 12:00:00 50,688 ----a-w C:\WINDOWS\system32\proquota.exe 2004-08-04 12:00:00 50,688 ----a-w C:\WINDOWS\system32\mmcshext.dll 2004-08-04 12:00:00 50,688 ----a-w C:\WINDOWS\system32\loghours.dll 2004-08-04 12:00:00 50,688 ----a-w C:\WINDOWS\system32\camocx.dll 2004-08-04 12:00:00 50,688 ----a-w C:\WINDOWS\system32\btpanui.dll 2004-08-04 12:00:00 50,176 ----a-w C:\WINDOWS\system32\xmlprovi.dll 2004-08-04 12:00:00 50,176 ----a-w C:\WINDOWS\system32\utilman.exe 2004-08-04 12:00:00 50,176 ----a-w C:\WINDOWS\system32\mdhcp.dll 2004-08-04 12:00:00 50,176 ----a-w C:\WINDOWS\system32\inetres.dll 2004-08-04 12:00:00 5,888 ----a-w C:\WINDOWS\system32\drivers\rootmdm.sys 2004-08-04 12:00:00 5,888 ----a-w C:\WINDOWS\system32\drivers\dmload.sys 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\write.exe 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\wmi.dll 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\winver.exe 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\tapiperf.dll 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\softpub.dll 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\skdll.dll 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\security.dll 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\perfnw.dll 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\mll_qic.dll 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\kbdus.dll 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\kbduk.dll 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\kbdmaori.dll 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\kbdit142.dll 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\kbdit.dll 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\kbdir.dll 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\kbdgae.dll 2004-08-04 12:00:00 5,632 ----a-w C:\WINDOWS\system32\cisvc.exe 2004-08-04 12:00:00 5,632 ----a-r C:\WINDOWS\system32\kbdro.dll 2004-08-04 12:00:00 5,632 ----a-r C:\WINDOWS\system32\kbdpl1.dll 2004-08-04 12:00:00 5,632 ----a-r C:\WINDOWS\system32\kbdmon.dll 2004-08-04 12:00:00 5,632 ----a-r C:\WINDOWS\system32\kbdlt1.dll 2004-08-04 12:00:00 5,632 ----a-r C:\WINDOWS\system32\kbdlt.dll 2004-08-04 12:00:00 5,632 ----a-r C:\WINDOWS\system32\kbdkyr.dll 2004-08-04 12:00:00 5,632 ----a-r C:\WINDOWS\system32\kbdhu1.dll 2004-08-04 12:00:00 5,632 ----a-r C:\WINDOWS\system32\kbdhe319.dll 2004-08-04 12:00:00 5,632 ----a-r C:\WINDOWS\system32\kbdhe220.dll 2004-08-04 12:00:00 5,632 ----a-r C:\WINDOWS\system32\kbdhe.dll 2004-08-04 12:00:00 5,632 ----a-r C:\WINDOWS\system32\kbdazel.dll 2004-08-04 12:00:00 5,120 ----a-w C:\WINDOWS\system32\winnls.dll 2004-08-04 12:00:00 5,120 ----a-w C:\WINDOWS\system32\shell.dll 2004-08-04 12:00:00 5,120 ----a-w C:\WINDOWS\system32\sfc.dll 2004-08-04 12:00:00 5,120 ----a-w C:\WINDOWS\system32\lodctr.exe 2004-08-04 12:00:00 5,120 ----a-w C:\WINDOWS\system32\kbddv.dll 2004-08-04 12:00:00 5,120 ----a-w C:\WINDOWS\system32\dcomcnfg.exe 2004-08-04 12:00:00 5,120 ----a-w C:\WINDOWS\system32\bootvrfy.exe 2004-08-04 12:00:00 495,104 ----a-w C:\WINDOWS\system32\ntmsmgr.dll 2004-08-04 12:00:00 49,680 ----a-w C:\WINDOWS\twunk_16.exe 2004-08-04 12:00:00 49,664 ----a-w C:\WINDOWS\system32\rsmui.exe 2004-08-04 12:00:00 49,664 ----a-w C:\WINDOWS\system32\regapi.dll 2004-08-04 12:00:00 49,664 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys 2004-08-04 12:00:00 49,536 ----a-w C:\WINDOWS\system32\drivers\cdrom.sys 2004-08-04 12:00:00 49,211 ----a-w C:\WINDOWS\system32\usrvpa.dll 2004-08-04 12:00:00 49,211 ----a-w C:\WINDOWS\system32\usrsdpia.dll 2004-08-04 12:00:00 49,209 ----a-w C:\WINDOWS\system32\usrv80a.dll 2004-08-04 12:00:00 49,179 ----a-w C:\WINDOWS\system32\sqlwoa.dll 2004-08-04 12:00:00 49,152 ----a-w C:\WINDOWS\system32\powercfg.exe 2004-08-04 12:00:00 49,152 ----a-w C:\WINDOWS\system32\mprdim.dll 2004-08-04 12:00:00 49,152 ----a-w C:\WINDOWS\system32\cnbjmon.dll 2004-08-04 12:00:00 486 ----a-w C:\WINDOWS\system32\login.cmd 2004-08-04 12:00:00 48,976 ----a-w C:\WINDOWS\system32\jobexec.dll 2004-08-04 12:00:00 48,640 ----a-w C:\WINDOWS\system32\pnrpnsp.dll 2004-08-04 12:00:00 48,640 ----a-w C:\WINDOWS\system32\msxml3r.dll 2004-08-04 12:00:00 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll 2004-08-04 12:00:00 48,640 ----a-w C:\WINDOWS\system32\docprop2.dll 2004-08-04 12:00:00 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys 2004-08-04 12:00:00 48,128 ----a-w C:\WINDOWS\system32\msprivs.dll 2004-08-04 12:00:00 47,872 ----a-w C:\WINDOWS\system32\user.exe 2004-08-04 12:00:00 47,616 ----a-w C:\WINDOWS\system32\ssmypics.scr 2004-08-04 12:00:00 47,616 ----a-w C:\WINDOWS\system32\mprui.dll 2004-08-04 12:00:00 47,616 ----a-w C:\WINDOWS\system32\d3dxof.dll 2004-08-04 12:00:00 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll 2004-08-04 12:00:00 47,104 ----a-w C:\WINDOWS\system32\docprop.dll 2004-08-04 12:00:00 47,104 ----a-w C:\WINDOWS\system32\cmdl32.exe 2004-08-04 12:00:00 464,896 ----a-w C:\WINDOWS\system32\wiadefui.dll 2004-08-04 12:00:00 464,896 ----a-w C:\WINDOWS\system32\certmgr.dll 2004-08-04 12:00:00 46,592 ----a-w C:\WINDOWS\system32\tcpmonui.dll 2004-08-04 12:00:00 46,592 ----a-w C:\WINDOWS\system32\pmspl.dll 2004-08-04 12:00:00 46,592 ----a-w C:\WINDOWS\system32\drwtsn32.exe 2004-08-04 12:00:00 46,592 ----a-w C:\WINDOWS\system32\drivers\p3.sys 2004-08-04 12:00:00 46,258 ----a-w C:\WINDOWS\system32\mib.bin 2004-08-04 12:00:00 46,080 ----a-w C:\WINDOWS\system32\tcpmon.dll 2004-08-04 12:00:00 46,080 ----a-w C:\WINDOWS\system32\ipsec6.exe 2004-08-04 12:00:00 450,560 ----a-w C:\WINDOWS\system32\infosoft.dll 2004-08-04 12:00:00 45,568 ----a-w C:\WINDOWS\system32\safrslv.dll 2004-08-04 12:00:00 45,568 ----a-w C:\WINDOWS\system32\jgsd400.dll 2004-08-04 12:00:00 45,568 ----a-w C:\WINDOWS\system32\extrac32.exe 2004-08-04 12:00:00 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll 2004-08-04 12:00:00 45,116 ----a-w C:\WINDOWS\system32\usrvoica.dll 2004-08-04 12:00:00 45,083 ----a-w C:\WINDOWS\system32\dispex.dll 2004-08-04 12:00:00 45,056 ----a-w C:\WINDOWS\system32\ftp.exe 2004-08-04 12:00:00 442,368 ----a-w C:\WINDOWS\system32\sqlsrv32.dll 2004-08-04 12:00:00 440,320 ----a-w C:\WINDOWS\system32\shimgvw.dll 2004-08-04 12:00:00 44,544 ----a-w C:\WINDOWS\system32\tscupgrd.exe 2004-08-04 12:00:00 44,544 ----a-w C:\WINDOWS\system32\jgaw400.dll 2004-08-04 12:00:00 44,544 ----a-w C:\WINDOWS\system32\hticons.dll 2004-08-04 12:00:00 44,544 ----a-w C:\WINDOWS\system32\alg.exe 2004-08-04 12:00:00 44,032 ----a-w C:\WINDOWS\system32\twext.dll 2004-08-04 12:00:00 44,032 ----a-w C:\WINDOWS\system32\rtutils.dll 2004-08-04 12:00:00 44,032 ----a-w C:\WINDOWS\system32\dimap.dll 2004-08-04 12:00:00 437,248 ----a-w C:\WINDOWS\system32\xpob2res.dll 2004-08-04 12:00:00 437,248 ----a-w C:\WINDOWS\system32\ntmssvc.dll 2004-08-04 12:00:00 436,736 ----a-w C:\WINDOWS\system32\wiaacmgr.exe 2004-08-04 12:00:00 436,224 ----a-w C:\WINDOWS\system32\d3dim.dll 2004-08-04 12:00:00 435,712 ----a-w C:\WINDOWS\system32\shellstyle.dll 2004-08-04 12:00:00 430,592 ----a-w C:\WINDOWS\system32\vssapi.dll 2004-08-04 12:00:00 43,520 ----a-w C:\WINDOWS\system32\safrcdlg.dll 2004-08-04 12:00:00 43,520 ----a-w C:\WINDOWS\system32\racpldlg.dll 2004-08-04 12:00:00 43,520 ----a-w C:\WINDOWS\system32\pstorec.dll 2004-08-04 12:00:00 43,520 ----a-w C:\WINDOWS\system32\ntlanman.dll 2004-08-04 12:00:00 43,008 ----a-w C:\WINDOWS\system32\msports.dll 2004-08-04 12:00:00 429,056 ----a-w C:\WINDOWS\system32\samsrv.dll 2004-08-04 12:00:00 424,448 ----a-w C:\WINDOWS\system32\licdll.dll 2004-08-04 12:00:00 421,919 ----a-w C:\WINDOWS\system32\msrd2x40.dll 2004-08-04 12:00:00 420,864 ----a-w C:\WINDOWS\system32\ntvdm.exe 2004-08-04 12:00:00 42,809 ----a-w C:\WINDOWS\system32\key01.sys 2004-08-04 12:00:00 42,768 ----a-w C:\WINDOWS\system32\dpwsock.dll 2004-08-04 12:00:00 42,537 ----a-w C:\WINDOWS\system32\keyboard.sys 2004-08-04 12:00:00 42,496 ----a-w C:\WINDOWS\system32\wsnmp32.dll 2004-08-04 12:00:00 42,496 ----a-w C:\WINDOWS\system32\shmgrate.exe 2004-08-04 12:00:00 42,496 ----a-w C:\WINDOWS\system32\net.exe 2004-08-04 12:00:00 42,496 ----a-w C:\WINDOWS\system32\htui.dll 2004-08-04 12:00:00 42,496 ----a-w C:\WINDOWS\system32\audiosrv.dll 2004-08-04 12:00:00 42,240 ----a-w C:\WINDOWS\system32\drivers\mountmgr.sys 2004-08-04 12:00:00 416,768 ----a-w C:\WINDOWS\system32\setupdll.dll 2004-08-04 12:00:00 413,696 ------w C:\WINDOWS\system32\msvcp60.dll 2004-08-04 12:00:00 412,160 ----a-w C:\WINDOWS\system32\mstsc.exe 2004-08-04 12:00:00 41,984 ----a-w C:\WINDOWS\system32\osuninst.exe 2004-08-04 12:00:00 41,856 ----a-w C:\WINDOWS\system32\drivers\imapi.sys 2004-08-04 12:00:00 41,472 ----a-w C:\WINDOWS\system32\perfctrs.dll 2004-08-04 12:00:00 41,472 ----a-w C:\WINDOWS\system32\ntmsevt.dll 2004-08-04 12:00:00 41,472 ----a-w C:\WINDOWS\system32\iasads.dll 2004-08-04 12:00:00 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys 2004-08-04 12:00:00 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys 2004-08-04 12:00:00 41,232 ----a-w C:\WINDOWS\system32\msxml2r.dll 2004-08-04 12:00:00 41,088 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys 2004-08-04 12:00:00 41,019 ----a-w C:\WINDOWS\system32\usrsvpia.dll 2004-08-04 12:00:00 407,040 ----a-w C:\WINDOWS\system32\netlogon.dll 2004-08-04 12:00:00 406,528 ----a-w C:\WINDOWS\system32\usp10.dll 2004-08-04 12:00:00 40,960 ----a-w C:\WINDOWS\system32\webhits.dll 2004-08-04 12:00:00 40,960 ----a-w C:\WINDOWS\system32\ntmsapi.dll 2004-08-04 12:00:00 40,576 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys 2004-08-04 12:00:00 40,448 ----a-w C:\WINDOWS\system32\rshx32.dll 2004-08-04 12:00:00 40,448 ----a-w C:\WINDOWS\system32\cmutil.dll 2004-08-04 12:00:00 40,448 ----a-w C:\WINDOWS\system32\cmmon32.exe 2004-08-04 12:00:00 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys 2004-08-04 12:00:00 40,192 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys 2004-08-04 12:00:00 4,952 --sha-r C:\Bootfont.bin 2004-08-04 12:00:00 4,864 ----a-w C:\WINDOWS\system32\himem.sys 2004-08-04 12:00:00 4,736 ----a-w C:\WINDOWS\system32\drivers\usbd.sys 2004-08-04 12:00:00 4,656 ----a-w C:\WINDOWS\system32\ds16gt.dLL 2004-08-04 12:00:00 4,608 ----a-w C:\WINDOWS\system32\vjoy.dll 2004-08-04 12:00:00 4,608 ----a-w C:\WINDOWS\system32\regwiz.exe 2004-08-04 12:00:00 4,608 ----a-w C:\WINDOWS\system32\rdpcfgex.dll 2004-08-04 12:00:00 4,608 ----a-w C:\WINDOWS\system32\mssip32.dll 2004-08-04 12:00:00 4,608 ----a-w C:\WINDOWS\system32\msimg32.dll 2004-08-04 12:00:00 4,608 ----a-w C:\WINDOWS\system32\mqsvc.exe 2004-08-04 12:00:00 4,608 ----a-w C:\WINDOWS\system32\mchgrcoi.dll 2004-08-04 12:00:00 4,608 ----a-w C:\WINDOWS\system32\dllhst3g.exe 2004-08-04 12:00:00 4,608 ----a-w C:\WINDOWS\system32\bootok.exe 2004-08-04 12:00:00 4,569 ----a-w C:\WINDOWS\system32\secupd.dat 2004-08-04 12:00:00 4,352 ----a-w C:\WINDOWS\system32\drivers\wmilib.sys 2004-08-04 12:00:00 4,352 ----a-w C:\WINDOWS\system32\drivers\swenum.sys 2004-08-04 12:00:00 4,224 ----a-w C:\WINDOWS\system32\drivers\rdpcdd.sys 2004-08-04 12:00:00 4,224 ----a-w C:\WINDOWS\system32\drivers\mnmdd.sys 2004-08-04 12:00:00 4,224 ----a-w C:\WINDOWS\system32\drivers\beep.sys 2004-08-04 12:00:00 4,208 ----a-w C:\WINDOWS\system32\storage.dll 2004-08-04 12:00:00 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll 2004-08-04 12:00:00 4,096 ----a-w C:\WINDOWS\system32\unlodctr.exe 2004-08-04 12:00:00 4,096 ----a-w C:\WINDOWS\system32\nddeapir.exe 2004-08-04 12:00:00 4,096 ----a-w C:\WINDOWS\system32\mtxex.dll 2004-08-04 12:00:00 4,096 ----a-w C:\WINDOWS\system32\iprtprio.dll 2004-08-04 12:00:00 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll 2004-08-04 12:00:00 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe 2004-08-04 12:00:00 399,872 ----a-w C:\WINDOWS\system32\lmrt.dll 2004-08-04 12:00:00 399,360 ----a-w C:\WINDOWS\system32\regwizc.dll 2004-08-04 12:00:00 399,360 ----a-w C:\WINDOWS\system32\cmd.exe 2004-08-04 12:00:00 395,264 ----a-w C:\WINDOWS\system32\diactfrm.dll 2004-08-04 12:00:00 393,216 ----a-w C:\WINDOWS\system32\ssflwbox.scr 2004-08-04 12:00:00 390,144 ----a-w C:\WINDOWS\system32\themeui.dll 2004-08-04 12:00:00 39,936 ----a-w C:\WINDOWS\system32\ipxrtmgr.dll 2004-08-04 12:00:00 39,744 ----a-w C:\WINDOWS\system32\ole2.dll 2004-08-04 12:00:00 39,424 ----a-w C:\WINDOWS\system32\msobjs.dll 2004-08-04 12:00:00 39,424 ----a-w C:\WINDOWS\system32\grpconv.exe 2004-08-04 12:00:00 39,424 ----a-w C:\WINDOWS\system32\esentutl.exe 2004-08-04 12:00:00 39,424 ----a-w C:\WINDOWS\system32\drivers\processr.sys 2004-08-04 12:00:00 39,424 ----a-w C:\WINDOWS\system32\ddeml.dll 2004-08-04 12:00:00 39,424 ----a-w C:\WINDOWS\system32\cfgbkend.dll 2004-08-04 12:00:00 39,386 ----a-w C:\WINDOWS\system32\mem.exe 2004-08-04 12:00:00 39,178 ----a-w C:\WINDOWS\system32\perfd013.dat 2004-08-04 12:00:00 387,072 ----a-w C:\WINDOWS\system32\dhcpmon.dll 2004-08-04 12:00:00 386,048 ----a-w C:\WINDOWS\system32\ipsmsnap.dll 2004-08-04 12:00:00 386,048 ----a-w C:\WINDOWS\system32\fontext.dll 2004-08-04 12:00:00 385,536 ----a-w C:\WINDOWS\system32\qdvd.dll 2004-08-04 12:00:00 382,464 ----a-w C:\WINDOWS\system32\qmgr.dll 2004-08-04 12:00:00 380,957 ----a-w C:\WINDOWS\system32\expsrv.dll 2004-08-04 12:00:00 38,912 ----a-w C:\WINDOWS\system32\sens.dll 2004-08-04 12:00:00 38,912 ----a-w C:\WINDOWS\system32\dfrgsnap.dll 2004-08-04 12:00:00 38,016 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys 2004-08-04 12:00:00 379,392 ----a-w C:\WINDOWS\system32\wzcdlg.dll 2004-08-04 12:00:00 375,296 ----a-w C:\WINDOWS\system32\dpnet.dll 2004-08-04 12:00:00 37,888 ----a-w C:\WINDOWS\system32\syskey.exe 2004-08-04 12:00:00 37,888 ----a-w C:\WINDOWS\system32\netstat.exe 2004-08-04 12:00:00 37,376 ----a-w C:\WINDOWS\system32\typeperf.exe 2004-08-04 12:00:00 368,128 ----a-w C:\WINDOWS\system32\smlogcfg.dll 2004-08-04 12:00:00 367,616 ----a-w C:\WINDOWS\system32\dsound.dll 2004-08-04 12:00:00 362,496 ----a-w C:\WINDOWS\system32\jet500.dll 2004-08-04 12:00:00 36,921 ----a-w C:\WINDOWS\system32\imeshare.dll 2004-08-04 12:00:00 36,864 ----a-w C:\WINDOWS\system32\ntsdexts.dll 2004-08-04 12:00:00 36,864 ----a-w C:\WINDOWS\system32\mscpxl32.dLL 2004-08-04 12:00:00 36,352 ----a-w C:\WINDOWS\system32\umandlg.dll 2004-08-04 12:00:00 36,352 ----a-w C:\WINDOWS\system32\ncobjapi.dll 2004-08-04 12:00:00 36,352 ----a-w C:\WINDOWS\system32\narrhook.dll 2004-08-04 12:00:00 36,352 ----a-w C:\WINDOWS\system32\mssign32.dll 2004-08-04 12:00:00 36,352 ----a-w C:\WINDOWS\system32\drivers\disk.sys 2004-08-04 12:00:00 36,224 ----a-w C:\WINDOWS\system32\drivers\hidclass.sys 2004-08-04 12:00:00 359,936 ----a-w C:\WINDOWS\system32\wzcsvc.dll 2004-08-04 12:00:00 359,936 ----a-w C:\WINDOWS\system32\cards.dll 2004-08-04 12:00:00 358,976 ----a-w C:\WINDOWS\system32\msjetoledb40.dll 2004-08-04 12:00:00 358,912 ----a-w C:\WINDOWS\system32\termmgr.dll 2004-08-04 12:00:00 356,352 ----a-w C:\WINDOWS\system32\ipsecsnp.dll 2004-08-04 12:00:00 352,256 ----a-w C:\WINDOWS\system32\drivers\atmuni.sys 2004-08-04 12:00:00 351,232 ----a-w C:\WINDOWS\system32\winhttp.dll 2004-08-04 12:00:00 350,208 ----a-w C:\WINDOWS\system32\d3drm.dll 2004-08-04 12:00:00 35,915 ----a-w C:\WINDOWS\system32\prncnfg.vbs 2004-08-04 12:00:00 35,840 ----a-w C:\WINDOWS\system32\winchat.exe 2004-08-04 12:00:00 35,840 ----a-w C:\WINDOWS\system32\rcimlby.exe 2004-08-04 12:00:00 35,840 ----a-w C:\WINDOWS\system32\jgmd400.dll 2004-08-04 12:00:00 35,840 ----a-w C:\WINDOWS\system32\dmloader.dll 2004-08-04 12:00:00 35,648 ----a-w C:\WINDOWS\system32\ntio411.sys 2004-08-04 12:00:00 35,424 ----a-w C:\WINDOWS\system32\ntio412.sys 2004-08-04 12:00:00 35,328 ----a-w C:\WINDOWS\system32\pifmgr.dll 2004-08-04 12:00:00 35,328 ----a-w C:\WINDOWS\system32\pid.dll 2004-08-04 12:00:00 35,328 ----a-w C:\WINDOWS\system32\perfproc.dll 2004-08-04 12:00:00 35,328 ----a-w C:\WINDOWS\system32\mciqtz32.dll 2004-08-04 12:00:00 35,328 ----a-w C:\WINDOWS\system32\iologmsg.dll 2004-08-04 12:00:00 35,328 ----a-w C:\WINDOWS\system32\dpnhpast.dll 2004-08-04 12:00:00 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys 2004-08-04 12:00:00 35,072 ----a-w C:\WINDOWS\system32\drivers\fips.sys 2004-08-04 12:00:00 349,184 ----a-w C:\WINDOWS\system32\ippromon.dll 2004-08-04 12:00:00 349,184 ----a-w C:\WINDOWS\system32\cmdial32.dll 2004-08-04 12:00:00 348,189 ----a-w C:\WINDOWS\system32\msxbde40.dll 2004-08-04 12:00:00 348,189 ----a-w C:\WINDOWS\system32\mspbde40.dll 2004-08-04 12:00:00 347,648 ----a-w C:\WINDOWS\system32\tourstart.exe 2004-08-04 12:00:00 347,648 ----a-w C:\WINDOWS\system32\hnetcfg.dll 2004-08-04 12:00:00 346,112 ----a-w C:\WINDOWS\system32\confmsp.dll 2004-08-04 12:00:00 345,600 ----a-w C:\WINDOWS\system32\mspaint.exe 2004-08-04 12:00:00 344,064 ----a-w C:\WINDOWS\system32\filemgmt.dll 2004-08-04 12:00:00 343,040 ----a-w C:\WINDOWS\system32\msvcrt.dll 2004-08-04 12:00:00 343,040 ----a-w C:\WINDOWS\system32\localspl.dll 2004-08-04 12:00:00 340,480 ----a-w C:\WINDOWS\system32\zipfldr.dll 2004-08-04 12:00:00 34,816 ----a-w C:\WINDOWS\system32\ssdpapi.dll 2004-08-04 12:00:00 34,816 ----a-w C:\WINDOWS\system32\d3dpmesh.dll 2004-08-04 12:00:00 34,816 ----a-w C:\WINDOWS\system32\atmpvcno.dll 2004-08-04 12:00:00 34,816 ----a-w C:\WINDOWS\system32\asr_ldm.exe 2004-08-04 12:00:00 34,560 ----a-w C:\WINDOWS\system32\ntio804.sys 2004-08-04 12:00:00 34,560 ----a-w C:\WINDOWS\system32\ntio404.sys 2004-08-04 12:00:00 34,560 ----a-w C:\WINDOWS\system32\mnmdd.dll 2004-08-04 12:00:00 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys 2004-08-04 12:00:00 34,560 ----a-w C:\WINDOWS\system32\drivers\netbios.sys 2004-08-04 12:00:00 34,432 ----a-w C:\WINDOWS\system32\drivers\rawwan.sys 2004-08-04 12:00:00 34,304 ----a-w C:\WINDOWS\system32\pstorsvc.dll 2004-08-04 12:00:00 338,432 ----a-w C:\WINDOWS\system32\ir41_qcx.dll 2004-08-04 12:00:00 335,360 ----a-w C:\WINDOWS\system32\hnetwiz.dll 2004-08-04 12:00:00 334,848 ----a-w C:\WINDOWS\system32\cscui.dll 2004-08-04 12:00:00 332,800 ----a-w C:\WINDOWS\system32\netsetup.exe 2004-08-04 12:00:00 332,288 ----a-w C:\WINDOWS\system32\ipnathlp.dll 2004-08-04 12:00:00 330,752 ----a-w C:\WINDOWS\system32\dmconfig.dll 2004-08-04 12:00:00 33,920 ----a-w C:\WINDOWS\system32\ntio.sys 2004-08-04 12:00:00 33,792 ----a-w C:\WINDOWS\system32\vssadmin.exe 2004-08-04 12:00:00 33,792 ----a-w C:\WINDOWS\system32\rundll32.exe 2004-08-04 12:00:00 33,792 ----a-w C:\WINDOWS\system32\relog.exe 2004-08-04 12:00:00 33,792 ----a-w C:\WINDOWS\system32\regini.exe 2004-08-04 12:00:00 33,792 ----a-w C:\WINDOWS\system32\ping6.exe 2004-08-04 12:00:00 33,792 ----a-w C:\WINDOWS\system32\msgsvc.dll 2004-08-04 12:00:00 33,696 ----a-w C:\WINDOWS\system32\commdlg.dll 2004-08-04 12:00:00 33,280 ----a-w C:\WINDOWS\system32\inetmib1.dll 2004-08-04 12:00:00 33,280 ----a-w C:\WINDOWS\system32\eventcls.dll 2004-08-04 12:00:00 33,280 ----a-w C:\WINDOWS\system32\cryptdll.dll 2004-08-04 12:00:00 33,280 ----a-w C:\WINDOWS\system32\clipsrv.exe 2004-08-04 12:00:00 33,040 ----a-w C:\WINDOWS\system32\dplay.dll 2004-08-04 12:00:00 324,096 ----a-w C:\WINDOWS\system32\scesrv.dll 2004-08-04 12:00:00 323,641 ----a-w C:\WINDOWS\system32\usrdtea.dll 2004-08-04 12:00:00 32,896 ----a-w C:\WINDOWS\system32\drivers\ipfltdrv.sys 2004-08-04 12:00:00 32,768 ----a-w C:\WINDOWS\system32\wpnpinst.exe 2004-08-04 12:00:00 32,768 ----a-w C:\WINDOWS\system32\winipsec.dll 2004-08-04 12:00:00 32,768 ----a-w C:\WINDOWS\system32\sethc.exe 2004-08-04 12:00:00 32,768 ----a-w C:\WINDOWS\system32\odbcad32.exe 2004-08-04 12:00:00 32,768 ----a-w C:\WINDOWS\system32\mnmsrvc.exe 2004-08-04 12:00:00 32,768 ----a-w C:\WINDOWS\system32\isrdbg32.dll 2004-08-04 12:00:00 32,768 ----a-w C:\WINDOWS\system32\csrsrv.dll 2004-08-04 12:00:00 32,768 ----a-w C:\WINDOWS\system32\cnetcfg.dll 2004-08-04 12:00:00 32,768 ----a-w C:\WINDOWS\system32\asr_pfu.exe 2004-08-04 12:00:00 32,712 ----a-w C:\WINDOWS\system32\prnmngr.vbs 2004-08-04 12:00:00 32,512 ----a-w C:\WINDOWS\system32\drivers\nwlnkfwd.sys 2004-08-04 12:00:00 32,256 ----a-w C:\WINDOWS\system32\wupdmgr.exe 2004-08-04 12:00:00 32,256 ----a-w C:\WINDOWS\system32\wpabaln.exe 2004-08-04 12:00:00 32,256 ----a-w C:\WINDOWS\system32\tracert6.exe 2004-08-04 12:00:00 32,256 ----a-w C:\WINDOWS\system32\iashlpr.dll 2004-08-04 12:00:00 319,517 ----a-w C:\WINDOWS\system32\msexcl40.dll 2004-08-04 12:00:00 318,670 ----a-w C:\WINDOWS\system32\perfi013.dat 2004-08-04 12:00:00 316,416 ----a-w C:\WINDOWS\system32\untfs.dll 2004-08-04 12:00:00 315,423 ----a-w C:\WINDOWS\system32\msrd3x40.dll 2004-08-04 12:00:00 312,320 ----a-w C:\WINDOWS\system32\p2pgraph.dll 2004-08-04 12:00:00 31,744 ----a-w C:\WINDOWS\system32\rtipxmib.dll 2004-08-04 12:00:00 31,744 ----a-w C:\WINDOWS\system32\ntsd.exe 2004-08-04 12:00:00 31,360 ----a-w C:\WINDOWS\system32\drivers\atmepvc.sys 2004-08-04 12:00:00 31,232 ----a-w C:\WINDOWS\system32\traffic.dll 2004-08-04 12:00:00 31,232 ----a-w C:\WINDOWS\system32\sc.exe 2004-08-04 12:00:00 31,232 ----a-w C:\WINDOWS\system32\ddeshare.exe 2004-08-04 12:00:00 309,760 ----a-w C:\WINDOWS\system32\netui2.dll 2004-08-04 12:00:00 306,176 ----a-w C:\WINDOWS\system32\slbcsp.dll 2004-08-04 12:00:00 305,664 ----a-w C:\WINDOWS\system32\ulib.dll 2004-08-04 12:00:00 304,128 ----a-w C:\WINDOWS\system32\duser.dll 2004-08-04 12:00:00 303,616 ----a-w C:\WINDOWS\system32\wmstream.dll 2004-08-04 12:00:00 300,032 ----a-w C:\WINDOWS\system32\appmgr.dll 2004-08-04 12:00:00 30,848 ----a-w C:\WINDOWS\system32\drivers\npfs.sys 2004-08-04 12:00:00 30,749 ----a-w C:\WINDOWS\system32\vbajet32.dll 2004-08-04 12:00:00 30,720 ----a-w C:\WINDOWS\system32\xcopy.exe 2004-08-04 12:00:00 30,720 ----a-w C:\WINDOWS\system32\plustab.dll 2004-08-04 12:00:00 30,720 ----a-w C:\WINDOWS\system32\asr_fmt.exe 2004-08-04 12:00:00 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys 2004-08-04 12:00:00 30,208 ----a-w C:\WINDOWS\system32\mspatcha.dll 2004-08-04 12:00:00 30,208 ----a-w C:\WINDOWS\system32\lights.exe 2004-08-04 12:00:00 30,208 ----a-w C:\WINDOWS\system32\dplaysvr.exe 2004-08-04 12:00:00 30,208 ----a-w C:\WINDOWS\system32\bthserv.dll 2004-08-04 12:00:00 30,208 ----a-w C:\WINDOWS\system32\atmlib.dll 2004-08-04 12:00:00 30,160 ----a-w C:\WINDOWS\system32\compobj.dll 2004-08-04 12:00:00 3,732 ----a-w C:\WINDOWS\system32\pubprn.vbs 2004-08-04 12:00:00 3,584 ----a-w C:\WINDOWS\system32\riched32.dll 2004-08-04 12:00:00 3,584 ----a-w C:\WINDOWS\system32\regedt32.exe 2004-08-04 12:00:00 3,584 ----a-w C:\WINDOWS\system32\msafd.dll 2004-08-04 12:00:00 3,584 ----a-w C:\WINDOWS\system32\mll_hp.dll 2004-08-04 12:00:00 3,584 ----a-w C:\WINDOWS\system32\iprop.dll 2004-08-04 12:00:00 3,584 ----a-w C:\WINDOWS\system32\icmp.dll 2004-08-04 12:00:00 3,584 ----a-w C:\WINDOWS\system32\dpnlobby.dll 2004-08-04 12:00:00 3,584 ----a-w C:\WINDOWS\system32\dpnaddr.dll 2004-08-04 12:00:00 3,584 ----a-w C:\WINDOWS\system32\comcat.dll 2004-08-04 12:00:00 3,456 ----a-w C:\WINDOWS\system32\drivers\oprghdlr.sys 2004-08-04 12:00:00 3,352 ----a-w C:\WINDOWS\system32\redir.exe 2004-08-04 12:00:00 3,328 ----a-w C:\WINDOWS\system32\drivers\dxgthk.sys 2004-08-04 12:00:00 3,242 ----a-w C:\WINDOWS\system32\nw16.exe 2004-08-04 12:00:00 3,200 ----a-w C:\WINDOWS\system32\wowfax.dll 2004-08-04 12:00:00 3,072 ----a-w C:\WINDOWS\system32\systray.exe 2004-08-04 12:00:00 3,072 ----a-w C:\WINDOWS\system32\rnr20.dll 2004-08-04 12:00:00 3,072 ----a-w C:\WINDOWS\system32\fixmapi.exe 2004-08-04 12:00:00 297,472 ----a-w C:\WINDOWS\system32\termsrv.dll 2004-08-04 12:00:00 294,400 ----a-w C:\WINDOWS\system32\MSCTF.dll 2004-08-04 12:00:00 292,864 ----a-w C:\WINDOWS\system32\vssvc.exe 2004-08-04 12:00:00 290,816 ----a-w C:\WINDOWS\system32\msnsspc.dll 2004-08-04 12:00:00 29,752 ----a-w C:\WINDOWS\system32\prnport.vbs 2004-08-04 12:00:00 29,696 ----a-w C:\WINDOWS\system32\sendcmsg.dll 2004-08-04 12:00:00 29,696 ----a-w C:\WINDOWS\system32\safrdm.dll 2004-08-04 12:00:00 29,370 ----a-w C:\WINDOWS\system32\ntdos411.sys 2004-08-04 12:00:00 29,274 ----a-w C:\WINDOWS\system32\ntdos412.sys 2004-08-04 12:00:00 29,184 ----a-w C:\WINDOWS\system32\sdhcinst.dll 2004-08-04 12:00:00 29,146 ----a-w C:\WINDOWS\system32\ntdos804.sys 2004-08-04 12:00:00 29,146 ----a-w C:\WINDOWS\system32\ntdos404.sys 2004-08-04 12:00:00 29,056 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys 2004-08-04 12:00:00 287,744 ----a-w C:\WINDOWS\system32\objsel.dll 2004-08-04 12:00:00 287,744 ----a-w C:\WINDOWS\system32\devmgr.dll 2004-08-04 12:00:00 287,232 ----a-w C:\WINDOWS\winhlp32.exe 2004-08-04 12:00:00 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll 2004-08-04 12:00:00 285,184 ----a-w C:\WINDOWS\system32\pdh.dll 2004-08-04 12:00:00 285,184 ----a-w C:\WINDOWS\system32\glmf32.dll 2004-08-04 12:00:00 281,088 ----a-w C:\WINDOWS\system32\comdlg32.dll 2004-08-04 12:00:00 28,746 ----a-w C:\WINDOWS\system32\msrecr40.dll 2004-08-04 12:00:00 28,719 ----a-w C:\WINDOWS\system32\jsnl.dll 2004-08-04 12:00:00 28,672 ----a-w C:\WINDOWS\system32\wshcon.dll 2004-08-04 12:00:00 28,672 ----a-w C:\WINDOWS\system32\rsfsaps.dll 2004-08-04 12:00:00 28,672 ----a-w C:\WINDOWS\system32\nmmkcert.dll 2004-08-04 12:00:00 28,672 ----a-w C:\WINDOWS\system32\msxmlr.dll 2004-08-04 12:00:00 28,672 ----a-w C:\WINDOWS\system32\findstr.exe 2004-08-04 12:00:00 28,672 ----a-w C:\WINDOWS\system32\dmband.dll 2004-08-04 12:00:00 28,672 ----a-w C:\WINDOWS\system32\dfsshlex.dll 2004-08-04 12:00:00 28,672 ----a-w C:\WINDOWS\system32\dbnmpntw.dll 2004-08-04 12:00:00 28,672 ----a-w C:\WINDOWS\system32\batmeter.dll 2004-08-04 12:00:00 28,626 ----a-w C:\WINDOWS\system32\perfd009.dat 2004-08-04 12:00:00 28,224 ----a-w C:\WINDOWS\system32\drwatson.exe 2004-08-04 12:00:00 28,160 ----a-w C:\WINDOWS\system32\shscrap.dll 2004-08-04 12:00:00 279,040 ----a-w C:\WINDOWS\system32\qdv.dll 2004-08-04 12:00:00 278,559 ----a-w C:\WINDOWS\system32\odbcjt32.dll 2004-08-04 12:00:00 278,528 ----a-w C:\WINDOWS\system32\mstask.dll 2004-08-04 12:00:00 278,528 ----a-w C:\WINDOWS\system32\inetcfg.dll 2004-08-04 12:00:00 274,944 ----a-w C:\WINDOWS\system32\neth.dll 2004-08-04 12:00:00 273,920 ----a-w C:\WINDOWS\system32\dmdlgs.dll 2004-08-04 12:00:00 272,128 ----a-w C:\WINDOWS\system32\perfi009.dat 2004-08-04 12:00:00 270,848 ----a-w C:\WINDOWS\system32\sbe.dll 2004-08-04 12:00:00 27,928 ----a-w C:\WINDOWS\system32\ntdos.sys 2004-08-04 12:00:00 27,648 ----a-w C:\WINDOWS\system32\profmap.dll 2004-08-04 12:00:00 27,648 ----a-w C:\WINDOWS\system32\conime.exe 2004-08-04 12:00:00 27,648 ----a-w C:\WINDOWS\system32\ccfgnt.dll 2004-08-04 12:00:00 27,392 ----a-w C:\WINDOWS\system32\drivers\fdc.sys 2004-08-04 12:00:00 27,200 ----a-r C:\WINDOWS\system32\ctl3dv2.dll 2004-08-04 12:00:00 27,136 ----a-w C:\WINDOWS\system32\rsvpmsg.dll 2004-08-04 12:00:00 27,136 ----a-w C:\WINDOWS\system32\perfdisk.dll 2004-08-04 12:00:00 27,136 ----a-w C:\WINDOWS\system32\efsadu.dll 2004-08-04 12:00:00 27,136 ----a-w C:\WINDOWS\system32\ddrawex.dll 2004-08-04 12:00:00 27,136 ----a-w C:\WINDOWS\system32\ctl3d32.dll 2004-08-04 12:00:00 27,097 ----a-w C:\WINDOWS\system32\country.sys 2004-08-04 12:00:00 267,264 ----a-w C:\WINDOWS\system32\oakley.dll 2004-08-04 12:00:00 266,240 ----a-w C:\WINDOWS\system32\ddraw.dll 2004-08-04 12:00:00 264,704 ----a-w C:\WINDOWS\system32\wow32.dll 2004-08-04 12:00:00 263,680 ----a-w C:\WINDOWS\system32\adsnt.dll 2004-08-04 12:00:00 262,528 ----a-w C:\WINDOWS\system32\drivers\cinemst2.sys 2004-08-04 12:00:00 260,096 ----a-w C:\WINDOWS\system32\tracerpt.exe 2004-08-04 12:00:00 26,624 ----a-w C:\WINDOWS\system32\scredir.dll 2004-08-04 12:00:00 26,624 ----a-w C:\WINDOWS\system32\cnvfat.dll 2004-08-04 12:00:00 26,224 ----a-w C:\WINDOWS\system32\odbc16gt.dll 2004-08-04 12:00:00 26,112 ----a-w C:\WINDOWS\system32\vdmdbg.dll 2004-08-04 12:00:00 26,112 ----a-w C:\WINDOWS\system32\utildll.dll 2004-08-04 12:00:00 26,112 ----a-w C:\WINDOWS\system32\skeys.exe 2004-08-04 12:00:00 26,112 ----a-w C:\WINDOWS\system32\perfos.dll 2004-08-04 12:00:00 26,112 ----a-w C:\WINDOWS\system32\ntdsbcli.dll 2004-08-04 12:00:00 26,112 ----a-w C:\WINDOWS\system32\lnkstub.exe 2004-08-04 12:00:00 26,112 ----a-w C:\WINDOWS\system32\graftabl.com 2004-08-04 12:00:00 26,112 ----a-w C:\WINDOWS\system32\at.exe 2004-08-04 12:00:00 26,112 ----a-w C:\WINDOWS\system32\adptif.dll 2004-08-04 12:00:00 258,077 ----a-w C:\WINDOWS\system32\mstext40.dll 2004-08-04 12:00:00 257,072 ----a-w C:\WINDOWS\winhelp.exe 2004-08-04 12:00:00 253,952 ----a-w C:\WINDOWS\system32\msvcrt20.dll 2004-08-04 12:00:00 253,440 ----a-w C:\WINDOWS\system32\compatUI.dll 2004-08-04 12:00:00 252,928 ----a-w C:\WINDOWS\system32\msoeacct.dll 2004-08-04 12:00:00 252,928 ----a-w C:\WINDOWS\system32\iassdo.dll 2004-08-04 12:00:00 251,904 ----a-w C:\WINDOWS\system32\msieftp.dll 2004-08-04 12:00:00 250,368 ----a-w C:\WINDOWS\system32\newdev.dll 2004-08-04 12:00:00 25,706 ----a-w C:\WINDOWS\system32\prndrvr.vbs 2004-08-04 12:00:00 25,600 ----a-w C:\WINDOWS\twunk_32.exe 2004-08-04 12:00:00 25,600 ----a-w C:\WINDOWS\system32\udhisapi.dll 2004-08-04 12:00:00 25,600 ----a-w C:\WINDOWS\system32\slayerxp.dll 2004-08-04 12:00:00 25,600 ----a-w C:\WINDOWS\system32\routemon.exe 2004-08-04 12:00:00 25,600 ----a-w C:\WINDOWS\system32\msvidc32.dll 2004-08-04 12:00:00 25,600 ----a-w C:\WINDOWS\system32\mslbui.dll 2004-08-04 12:00:00 25,600 ----a-w C:\WINDOWS\system32\format.com 2004-08-04 12:00:00 25,600 ----a-w C:\WINDOWS\system32\comaddin.dll 2004-08-04 12:00:00 25,600 ----a-w C:\WINDOWS\system32\aaaamon.dll 2004-08-04 12:00:00 25,472 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys 2004-08-04 12:00:00 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys 2004-08-04 12:00:00 25,088 ----a-w C:\WINDOWS\system32\sort.exe 2004-08-04 12:00:00 25,088 ----a-w C:\WINDOWS\system32\shfolder.dll 2004-08-04 12:00:00 25,088 ----a-w C:\WINDOWS\system32\mtxlegih.dll 2004-08-04 12:00:00 25,088 ----a-w C:\WINDOWS\system32\defrag.exe 2004-08-04 12:00:00 25,088 ----a-w C:\WINDOWS\system32\davclnt.dll 2004-08-04 12:00:00 249,856 ----a-w C:\WINDOWS\system32\odbc32.dll 2004-08-04 12:00:00 247,296 ----a-w C:\WINDOWS\system32\mswsock.dll 2004-08-04 12:00:00 245,760 ----a-w C:\WINDOWS\system32\netui1.dll 2004-08-04 12:00:00 241,693 ----a-w C:\WINDOWS\system32\msjtes40.dll 2004-08-04 12:00:00 241,152 ----a-w C:\WINDOWS\system32\srrstr.dll 2004-08-04 12:00:00 240,128 ----a-w C:\WINDOWS\system32\dsquery.dll 2004-08-04 12:00:00 24,960 ----a-w C:\WINDOWS\system32\drivers\hidparse.sys 2004-08-04 12:00:00 24,661 ----a-w C:\WINDOWS\system32\spxcoins.dll 2004-08-04 12:00:00 24,626 ----a-w C:\WINDOWS\system32\scrrnnl.dll 2004-08-04 12:00:00 24,624 ----a-w C:\WINDOWS\system32\vbsnl.dll 2004-08-04 12:00:00 24,624 ----a-w C:\WINDOWS\system32\sconl.dll 2004-08-04 12:00:00 24,603 ----a-w C:\WINDOWS\system32\sqlwid.dll 2004-08-04 12:00:00 24,576 ----a-w C:\WINDOWS\system32\wsock32.dll 2004-08-04 12:00:00 24,576 ----a-w C:\WINDOWS\system32\userinit.exe 2004-08-04 12:00:00 24,576 ----a-w C:\WINDOWS\system32\rsmsink.exe 2004-08-04 12:00:00 24,576 ----a-w C:\WINDOWS\system32\odbcbcp.dll 2004-08-04 12:00:00 24,576 ----a-w C:\WINDOWS\system32\msorc32r.dll 2004-08-04 12:00:00 24,576 ----a-w C:\WINDOWS\system32\httpapi.dll 2004-08-04 12:00:00 24,576 ----a-w C:\WINDOWS\system32\gdi.exe 2004-08-04 12:00:00 24,576 ----a-w C:\WINDOWS\system32\dbmsrpcn.dll 2004-08-04 12:00:00 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll 2004-08-04 12:00:00 24,064 ----a-w C:\WINDOWS\system32\olesvr.dll 2004-08-04 12:00:00 24,064 ----a-w C:\WINDOWS\system32\ipxroute.exe 2004-08-04 12:00:00 24,064 ----a-w C:\WINDOWS\system32\dpmodemx.dll 2004-08-04 12:00:00 24,064 ----a-w C:\WINDOWS\system32\dmserver.dll 2004-08-04 12:00:00 239,616 ----a-w C:\WINDOWS\system32\upnpui.dll 2004-08-04 12:00:00 236,544 ----a-w C:\WINDOWS\system32\rasapi32.dll 2004-08-04 12:00:00 233,984 ----a-w C:\WINDOWS\system32\netevent.dll 2004-08-04 12:00:00 233,472 ----a-w C:\WINDOWS\system32\avtapi.dll 2004-08-04 12:00:00 230,400 ----a-w C:\WINDOWS\system32\compstui.dll 2004-08-04 12:00:00 23,936 ----a-w C:\WINDOWS\system32\drivers\usbcamd2.sys 2004-08-04 12:00:00 23,808 ----a-w C:\WINDOWS\system32\drivers\usbcamd.sys 2004-08-04 12:00:00 23,552 ----a-w C:\WINDOWS\system32\sfmapi.dll 2004-08-04 12:00:00 23,552 ----a-w C:\WINDOWS\system32\rasrad.dll 2004-08-04 12:00:00 23,552 ----a-w C:\WINDOWS\system32\mciwave.dll 2004-08-04 12:00:00 23,552 ----a-w C:\WINDOWS\system32\iasacct.dll 2004-08-04 12:00:00 23,552 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys 2004-08-04 12:00:00 23,040 ----a-w C:\WINDOWS\system32\setup.exe 2004-08-04 12:00:00 23,040 ----a-w C:\WINDOWS\system32\qwinsta.exe 2004-08-04 12:00:00 23,040 ----a-w C:\WINDOWS\system32\psapi.dll 2004-08-04 12:00:00 23,040 ----a-w C:\WINDOWS\system32\mciseq.dll 2004-08-04 12:00:00 23,040 ----a-w C:\WINDOWS\system32\ersvc.dll 2004-08-04 12:00:00 229,888 ----a-w C:\WINDOWS\system32\dplayx.dll 2004-08-04 12:00:00 225,792 ----a-w C:\WINDOWS\system32\localsec.dll 2004-08-04 12:00:00 225,280 ----a-w C:\WINDOWS\system32\mqoa.dll 2004-08-04 12:00:00 225,280 ----a-w C:\WINDOWS\system32\dmadmin.exe 2004-08-04 12:00:00 221,184 ----a-w C:\WINDOWS\system32\wmpns.dll 2004-08-04 12:00:00 220,672 ----a-w C:\WINDOWS\system32\logon.scr 2004-08-04 12:00:00 22,528 ----a-w C:\WINDOWS\system32\rasmxs.dll 2004-08-04 12:00:00 22,528 ----a-w C:\WINDOWS\system32\pathping.exe 2004-08-04 12:00:00 22,528 ----a-w C:\WINDOWS\system32\nbtstat.exe 2004-08-04 12:00:00 22,528 ----a-w C:\WINDOWS\system32\mfcsubs.dll 2004-08-04 12:00:00 22,016 ----a-w C:\WINDOWS\system32\w32topl.dll 2004-08-04 12:00:00 22,016 ----a-w C:\WINDOWS\system32\rpcns4.dll 2004-08-04 12:00:00 22,016 ----a-w C:\WINDOWS\system32\rcp.exe 2004-08-04 12:00:00 22,016 ----a-w C:\WINDOWS\system32\olesvr32.dll 2004-08-04 12:00:00 22,016 ----a-w C:\WINDOWS\system32\msg.exe 2004-08-04 12:00:00 22,016 ----a-w C:\WINDOWS\system32\mpnotify.exe 2004-08-04 12:00:00 22,016 ----a-w C:\WINDOWS\system32\lpk.dll 2004-08-04 12:00:00 219,136 ----a-w C:\WINDOWS\system32\uxtheme.dll 2004-08-04 12:00:00 218,003 ----a-w C:\WINDOWS\system32\dssec.dat 2004-08-04 12:00:00 216,064 ----a-w C:\WINDOWS\system32\osk.exe 2004-08-04 12:00:00 216,064 ----a-w C:\WINDOWS\system32\moricons.dll 2004-08-04 12:00:00 213,023 ----a-w C:\WINDOWS\system32\msltus40.dll 2004-08-04 12:00:00 212,480 ----a-w C:\WINDOWS\system32\dpvoice.dll 2004-08-04 12:00:00 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys 2004-08-04 12:00:00 21,691 ----a-w C:\WINDOWS\system32\prnjobs.vbs 2004-08-04 12:00:00 21,504 ----a-w C:\WINDOWS\system32\sclgntfy.dll 2004-08-04 12:00:00 21,504 ----a-w C:\WINDOWS\system32\route.exe 2004-08-04 12:00:00 21,504 ----a-w C:\WINDOWS\system32\ipxrip.dll 2004-08-04 12:00:00 21,504 ----a-w C:\WINDOWS\system32\fontview.exe 2004-08-04 12:00:00 21,504 ----a-w C:\WINDOWS\system32\feclient.dll 2004-08-04 12:00:00 21,504 ----a-w C:\WINDOWS\system32\dpvacm.dll 2004-08-04 12:00:00 21,376 ----a-w C:\WINDOWS\system32\drivers\tsbvcap.sys 2004-08-04 12:00:00 209,408 ----a-w C:\WINDOWS\system32\drivers\update.sys 2004-08-04 12:00:00 208,896 ----a-w C:\WINDOWS\system32\wavemsp.dll 2004-08-04 12:00:00 208,896 ----a-w C:\WINDOWS\system32\mobsync.dll 2004-08-04 12:00:00 206,336 ----a-w C:\WINDOWS\system32\rasppp.dll 2004-08-04 12:00:00 204,800 ----a-w C:\WINDOWS\system32\mswebdvd.dll 2004-08-04 12:00:00 200,704 ----a-w C:\WINDOWS\system32\dmdskmgr.dll 2004-08-04 12:00:00 200,192 ----a-w C:\WINDOWS\system32\ir50_qc.dll 2004-08-04 12:00:00 200,192 ----a-w C:\WINDOWS\system32\gptext.dll 2004-08-04 12:00:00 20,992 ----a-w C:\WINDOWS\system32\ssmarque.scr 2004-08-04 12:00:00 20,992 ----a-w C:\WINDOWS\system32\shutdown.exe 2004-08-04 12:00:00 20,992 ----a-w C:\WINDOWS\system32\ipxwan.dll 2004-08-04 12:00:00 20,992 ----a-w C:\WINDOWS\system32\hid.dll 2004-08-04 12:00:00 20,992 ----a-w C:\WINDOWS\system32\drivers\vga.sys 2004-08-04 12:00:00 20,992 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys 2004-08-04 12:00:00 20,992 ----a-w C:\WINDOWS\system32\bthci.dll 2004-08-04 12:00:00 20,970 ----a-w C:\WINDOWS\system32\debug.exe 2004-08-04 12:00:00 20,535 ----a-w C:\WINDOWS\system32\vfpodbc.dll 2004-08-04 12:00:00 20,511 ----a-w C:\WINDOWS\system32\odtext32.dll 2004-08-04 12:00:00 20,511 ----a-w C:\WINDOWS\system32\oddbse32.dll 2004-08-04 12:00:00 20,510 ----a-w C:\WINDOWS\system32\odpdx32.dll 2004-08-04 12:00:00 20,510 ----a-w C:\WINDOWS\system32\odfox32.dll 2004-08-04 12:00:00 20,510 ----a-w C:\WINDOWS\system32\odexl32.dll 2004-08-04 12:00:00 20,480 ----a-w C:\WINDOWS\system32\winstrm.dll 2004-08-04 12:00:00 20,480 ----a-w C:\WINDOWS\system32\qprocess.exe 2004-08-04 12:00:00 20,480 ----a-w C:\WINDOWS\system32\nwcfg.dll 2004-08-04 12:00:00 20,480 ----a-w C:\WINDOWS\system32\mtxdm.dll 2004-08-04 12:00:00 20,480 ----a-w C:\WINDOWS\system32\encapi.dll 2004-08-04 12:00:00 20,480 ----a-w C:\WINDOWS\system32\drivers\flpydisk.sys 2004-08-04 12:00:00 20,480 ----a-w C:\WINDOWS\system32\cliconfg.exe 2004-08-04 12:00:00 2,962,432 ----a-w C:\WINDOWS\system32\xpsp2res.dll 2004-08-04 12:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\null.sys 2004-08-04 12:00:00 2,864 ----a-w C:\WINDOWS\system32\winsock.dll 2004-08-04 12:00:00 2,736 ----a-w C:\WINDOWS\system32\wowdeb.exe 2004-08-04 12:00:00 2,560 ----a-w C:\WINDOWS\system32\lz32.dll 2004-08-04 12:00:00 2,113,536 ----a-w C:\WINDOWS\system32\dxdiagn.dll 2004-08-04 12:00:00 2,112 ----a-w C:\WINDOWS\system32\winspool.exe 2004-08-04 12:00:00 199,168 ----a-w C:\WINDOWS\system32\ir32_32.dll 2004-08-04 12:00:00 197,632 ----a-w C:\WINDOWS\system32\certcli.dll 2004-08-04 12:00:00 196,096 ----a-w C:\WINDOWS\system32\xpsp1res.dll 2004-08-04 12:00:00 195,584 ----a-w C:\WINDOWS\system32\msutb.dll 2004-08-04 12:00:00 195,072 ----a-w C:\WINDOWS\system32\syncui.dll 2004-08-04 12:00:00 194,560 ----a-w C:\WINDOWS\system32\eudcedit.exe 2004-08-04 12:00:00 194,048 ----a-w C:\WINDOWS\system32\activeds.dll 2004-08-04 12:00:00 193,024 ----a-w C:\WINDOWS\system32\fsquirt.exe 2004-08-04 12:00:00 192,512 ----a-w C:\WINDOWS\system32\qcap.dll 2004-08-04 12:00:00 192,000 ----a-w C:\WINDOWS\system32\schedsvc.dll 2004-08-04 12:00:00 19,968 ----a-w C:\WINDOWS\system32\wshtcpip.dll 2004-08-04 12:00:00 19,968 ----a-w C:\WINDOWS\system32\ws2help.dll 2004-08-04 12:00:00 19,968 ----a-w C:\WINDOWS\system32\ssbezier.scr 2004-08-04 12:00:00 19,968 ----a-w C:\WINDOWS\system32\rdpsnd.dll 2004-08-04 12:00:00 19,968 ----a-w C:\WINDOWS\system32\mqbkup.exe 2004-08-04 12:00:00 19,968 ----a-w C:\WINDOWS\system32\arp.exe 2004-08-04 12:00:00 19,806 ----a-w C:\WINDOWS\system32\graphics.com 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\system32\wmiprop.dll 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\system32\vwipxspx.dll 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\system32\tcpsvcs.exe 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\system32\oleaccrc.dll 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\system32\nddenb32.dll 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\system32\mode.com 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\system32\dswave.dll 2004-08-04 12:00:00 19,456 ----a-w C:\WINDOWS\system32\dmocx.dll 2004-08-04 12:00:00 19,200 ----a-w C:\WINDOWS\system32\tapi.dll 2004-08-04 12:00:00 19,088 ----a-w C:\WINDOWS\system32\sysedit.exe 2004-08-04 12:00:00 19,072 ----a-w C:\WINDOWS\system32\drivers\msfs.sys 2004-08-04 12:00:00 188,928 ----a-w C:\WINDOWS\system32\cmprops.dll 2004-08-04 12:00:00 188,544 ----a-w C:\WINDOWS\system32\drivers\acpi.sys 2004-08-04 12:00:00 187,392 ----a-w C:\WINDOWS\system32\accwiz.exe 2004-08-04 12:00:00 186,880 ----a-w C:\WINDOWS\system32\mqtrig.dll 2004-08-04 12:00:00 186,880 ----a-w C:\WINDOWS\system32\dinput8.dll 2004-08-04 12:00:00 186,368 ----a-w C:\WINDOWS\system32\encdec.dll 2004-08-04 12:00:00 186,368 ----a-w C:\WINDOWS\system32\els.dll 2004-08-04 12:00:00 185,344 ----a-w C:\WINDOWS\system32\netmsg.dll 2004-08-04 12:00:00 184,832 ----a-w C:\WINDOWS\system32\scecli.dll 2004-08-04 12:00:00 184,320 ----a-w C:\WINDOWS\system32\ipsecsvc.dll 2004-08-04 12:00:00 183,808 ----a-w C:\WINDOWS\system32\ir50_qcx.dll 2004-08-04 12:00:00 183,296 ----a-w C:\WINDOWS\system32\snmpsnap.dll 2004-08-04 12:00:00 182,912 ----a-w C:\WINDOWS\system32\drivers\ndis.sys 2004-08-04 12:00:00 181,760 ----a-w C:\WINDOWS\system32\tapi32.dll 2004-08-04 12:00:00 181,760 ----a-w C:\WINDOWS\system32\dsdmo.dll 2004-08-04 12:00:00 181,248 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys 2004-08-04 12:00:00 181,248 ----a-w C:\WINDOWS\system32\dmime.dll 2004-08-04 12:00:00 180,800 ----a-w C:\WINDOWS\system32\sqlunirl.dll 2004-08-04 12:00:00 180,224 ----a-w C:\WINDOWS\system32\dwwin.exe 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\vmmreg32.dll 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\system32\version.dll 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\system32\ssmyst.scr 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\system32\snmpapi.dll 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\system32\seclogon.dll 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\system32\secedit.exe 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\system32\rsmps.dll 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\system32\qmgrprxy.dll 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\system32\ping.exe 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\system32\mimefilt.dll 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\system32\midimap.dll 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\system32\diskperf.exe 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\system32\deskperf.dll 2004-08-04 12:00:00 18,944 ----a-w C:\WINDOWS\system32\cacls.exe 2004-08-04 12:00:00 18,688 ----a-w C:\WINDOWS\system32\drivers\partmgr.sys 2004-08-04 12:00:00 18,688 ----a-w C:\WINDOWS\system32\drivers\cdaudio.sys 2004-08-04 12:00:00 18,560 ----a-w C:\WINDOWS\system32\drivers\tdi.sys 2004-08-04 12:00:00 18,432 ----a-w C:\WINDOWS\system32\wtsapi32.dll 2004-08-04 12:00:00 18,432 ----a-w C:\WINDOWS\system32\win.com 2004-08-04 12:00:00 18,432 ----a-w C:\WINDOWS\system32\ups.exe 2004-08-04 12:00:00 18,432 ----a-w C:\WINDOWS\system32\prflbmsg.dll 2004-08-04 12:00:00 18,432 ----a-w C:\WINDOWS\system32\dpnsvr.exe 2004-08-04 12:00:00 18,432 ----a-w C:\WINDOWS\system32\dmintf.dll 2004-08-04 12:00:00 18,432 ----a-w C:\WINDOWS\system32\compact.exe 2004-08-04 12:00:00 18,176 ----a-w C:\WINDOWS\system32\vga64k.dll 2004-08-04 12:00:00 179,712 ----a-w C:\WINDOWS\system32\ntmsdba.dll 2004-08-04 12:00:00 179,200 ----a-w C:\WINDOWS\system32\winmm.dll 2004-08-04 12:00:00 177,856 ----a-w C:\WINDOWS\system32\typelib.dll 2004-08-04 12:00:00 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll 2004-08-04 12:00:00 176,640 ----a-w C:\WINDOWS\system32\wintrust.dll 2004-08-04 12:00:00 176,640 ----a-w C:\WINDOWS\system32\ftsrch.dll 2004-08-04 12:00:00 176,159 ----a-w C:\WINDOWS\system32\msjint40.dll 2004-08-04 12:00:00 176,157 ----a-w C:\WINDOWS\system32\dgrpsetu.dll 2004-08-04 12:00:00 175,736 ----a-w C:\WINDOWS\system32\xenroll.dll 2004-08-04 12:00:00 175,616 ----a-w C:\WINDOWS\system32\w32time.dll 2004-08-04 12:00:00 175,616 ----a-w C:\WINDOWS\system32\appmgmts.dll 2004-08-04 12:00:00 175,616 ----a-w C:\WINDOWS\system32\adsldp.dll 2004-08-04 12:00:00 172,544 ----a-w C:\WINDOWS\system32\wldap32.dll 2004-08-04 12:00:00 172,032 ----a-w C:\WINDOWS\system32\photowiz.dll 2004-08-04 12:00:00 171,008 ----a-w C:\WINDOWS\system32\sccsccp.dll 2004-08-04 12:00:00 170,496 ----a-w C:\WINDOWS\system32\srsvc.dll 2004-08-04 12:00:00 17,920 ----a-w C:\WINDOWS\system32\ureg.dll 2004-08-04 12:00:00 17,920 ----a-w C:\WINDOWS\system32\tsshutdn.exe 2004-08-04 12:00:00 17,920 ----a-w C:\WINDOWS\system32\nddeapi.dll 2004-08-04 12:00:00 17,920 ----a-w C:\WINDOWS\system32\mmfutil.dll 2004-08-04 12:00:00 17,920 ----a-w C:\WINDOWS\system32\iaspolcy.dll 2004-08-04 12:00:00 17,920 ----a-w C:\WINDOWS\system32\dvdupgrd.exe 2004-08-04 12:00:00 17,792 ----a-w C:\WINDOWS\system32\drivers\ptilink.sys 2004-08-04 12:00:00 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys 2004-08-04 12:00:00 17,408 ----a-w C:\WINDOWS\system32\winshfhc.dll 2004-08-04 12:00:00 17,408 ----a-w C:\WINDOWS\system32\tftp.exe 2004-08-04 12:00:00 17,408 ----a-w C:\WINDOWS\system32\qappsrv.exe 2004-08-04 12:00:00 17,408 ----a-w C:\WINDOWS\system32\powrprof.dll 2004-08-04 12:00:00 17,408 ----a-w C:\WINDOWS\system32\perfnet.dll 2004-08-04 12:00:00 17,408 ----a-w C:\WINDOWS\system32\nwapi16.dll 2004-08-04 12:00:00 17,408 ----a-w C:\WINDOWS\system32\mcicda.dll 2004-08-04 12:00:00 17,408 ----a-w C:\WINDOWS\system32\esentprf.dll 2004-08-04 12:00:00 17,408 ----a-w C:\WINDOWS\system32\bidispl.dll 2004-08-04 12:00:00 17,408 ----a-w C:\WINDOWS\system32\alrsvc.dll 2004-08-04 12:00:00 169,984 ----a-w C:\WINDOWS\system32\sccbase.dll 2004-08-04 12:00:00 169,984 ----a-w C:\WINDOWS\system32\iprtrmgr.dll 2004-08-04 12:00:00 169,520 ----a-w C:\WINDOWS\system32\ole2disp.dll 2004-08-04 12:00:00 167,868 ----a-w C:\WINDOWS\system32\pagefileconfig.vbs 2004-08-04 12:00:00 167,424 ----a-w C:\WINDOWS\system32\diskpart.exe 2004-08-04 12:00:00 165,376 ----a-w C:\WINDOWS\system32\ciadmin.dll 2004-08-04 12:00:00 164,864 ----a-w C:\WINDOWS\system32\credui.dll 2004-08-04 12:00:00 164,352 ----a-w C:\WINDOWS\system32\dinput.dll 2004-08-04 12:00:00 163,328 ----a-w C:\WINDOWS\system32\oleacc.dll 2004-08-04 12:00:00 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys 2004-08-04 12:00:00 162,304 ----a-w C:\WINDOWS\system32\adsnds.dll 2004-08-04 12:00:00 16,896 ----a-w C:\WINDOWS\system32\winrnr.dll 2004-08-04 12:00:00 16,896 ----a-w C:\WINDOWS\system32\vss_ps.dll 2004-08-04 12:00:00 16,896 ----a-w C:\WINDOWS\system32\usbmon.dll 2004-08-04 12:00:00 16,896 ----a-w C:\WINDOWS\system32\upnpcont.exe 2004-08-04 12:00:00 16,896 ----a-w C:\WINDOWS\system32\runas.exe 2004-08-04 12:00:00 16,896 ----a-w C:\WINDOWS\system32\rassapi.dll 2004-08-04 12:00:00 16,896 ----a-w C:\WINDOWS\system32\msidntld.dll 2004-08-04 12:00:00 16,896 ----a-w C:\WINDOWS\system32\mqise.dll 2004-08-04 12:00:00 16,896 ----a-w C:\WINDOWS\system32\expand.exe 2004-08-04 12:00:00 16,896 ----a-w C:\WINDOWS\system32\deskmon.dll 2004-08-04 12:00:00 16,896 ----a-w C:\WINDOWS\system32\deskadp.dll 2004-08-04 12:00:00 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll 2004-08-04 12:00:00 16,512 ----a-w C:\WINDOWS\system32\drivers\raspti.sys 2004-08-04 12:00:00 16,384 ----a-w C:\WINDOWS\system32\tskill.exe 2004-08-04 12:00:00 16,384 ----a-w C:\WINDOWS\system32\rwinsta.exe 2004-08-04 12:00:00 16,384 ----a-w C:\WINDOWS\system32\odbc32gt.dll 2004-08-04 12:00:00 16,384 ----a-w C:\WINDOWS\system32\icfgnt5.dll 2004-08-04 12:00:00 16,384 ----a-w C:\WINDOWS\system32\fmifs.dll 2004-08-04 12:00:00 16,384 ----a-w C:\WINDOWS\system32\ds32gt.dll 2004-08-04 12:00:00 16,384 ----a-w C:\WINDOWS\system32\avmeter.dll 2004-08-04 12:00:00 16,000 ----a-w C:\WINDOWS\system32\drivers\usbintel.sys 2004-08-04 12:00:00 159,744 ----a-w C:\WINDOWS\system32\scrobj.dll 2004-08-04 12:00:00 159,232 ----a-w C:\WINDOWS\system32\sbeio.dll 2004-08-04 12:00:00 159,232 ----a-w C:\WINDOWS\system32\MSIMTF.dll 2004-08-04 12:00:00 157,696 ----a-w C:\WINDOWS\system32\paqsp.dll 2004-08-04 12:00:00 156,160 ----a-w C:\WINDOWS\system32\ipmontr.dll 2004-08-04 12:00:00 154,624 ----a-w C:\WINDOWS\system32\shmedia.dll 2004-08-04 12:00:00 154,112 ----a-w C:\WINDOWS\system32\keymgr.dll 2004-08-04 12:00:00 153,856 ----a-w C:\WINDOWS\system32\drivers\dmio.sys 2004-08-04 12:00:00 153,088 ----a-w C:\WINDOWS\regedit.exe 2004-08-04 12:00:00 153,008 ----a-w C:\WINDOWS\system32\ole2nls.dll 2004-08-04 12:00:00 152,576 ----a-w C:\WINDOWS\system32\rsaenh.dll 2004-08-04 12:00:00 152,064 ----a-w C:\WINDOWS\system32\datime.dll 2004-08-04 12:00:00 152,064 ----a-w C:\WINDOWS\system32\bootcfg.exe 2004-08-04 12:00:00 151,552 ----a-w C:\WINDOWS\system32\scrrun.dll 2004-08-04 12:00:00 151,552 ----a-w C:\WINDOWS\system32\msdart.dll 2004-08-04 12:00:00 150,016 ----a-w C:\WINDOWS\system32\imapi.exe 2004-08-04 12:00:00 15,984 ----a-w C:\WINDOWS\system32\prnqctl.vbs 2004-08-04 12:00:00 15,872 ----a-w C:\WINDOWS\TASKMAN.EXE 2004-08-04 12:00:00 15,872 ----a-w C:\WINDOWS\system32\w3ssl.dll 2004-08-04 12:00:00 15,872 ----a-w C:\WINDOWS\system32\taskman.exe 2004-08-04 12:00:00 15,872 ----a-w C:\WINDOWS\system32\sysinv.dll 2004-08-04 12:00:00 15,872 ----a-w C:\WINDOWS\system32\rsh.exe 2004-08-04 12:00:00 15,872 ----a-w C:\WINDOWS\system32\perfmon.exe 2004-08-04 12:00:00 15,872 ----a-w C:\WINDOWS\system32\more.com 2004-08-04 12:00:00 15,872 ----a-w C:\WINDOWS\system32\inetppui.dll 2004-08-04 12:00:00 15,872 ----a-w C:\WINDOWS\system32\dmremote.exe 2004-08-04 12:00:00 15,872 ----a-w C:\WINDOWS\system32\comp.exe 2004-08-04 12:00:00 15,872 ----a-w C:\WINDOWS\system32\cmcfg32.dll 2004-08-04 12:00:00 15,872 ----a-w C:\WINDOWS\system32\cdmodem.dll 2004-08-04 12:00:00 15,488 ----a-w C:\WINDOWS\system32\drivers\serenum.sys 2004-08-04 12:00:00 15,488 ----a-w C:\WINDOWS\system32\drivers\mssmbios.sys 2004-08-04 12:00:00 15,360 ----a-w C:\WINDOWS\system32\tsdiscon.exe 2004-08-04 12:00:00 15,360 ----a-w C:\WINDOWS\system32\tsd32.dll 2004-08-04 12:00:00 15,360 ----a-w C:\WINDOWS\system32\tscon.exe 2004-08-04 12:00:00 15,360 ----a-w C:\WINDOWS\system32\slbrccsp.dll 2004-08-04 12:00:00 15,360 ----a-w C:\WINDOWS\system32\shadow.exe 2004-08-04 12:00:00 15,360 ----a-w C:\WINDOWS\system32\pjlmon.dll 2004-08-04 12:00:00 15,360 ----a-w C:\WINDOWS\system32\pentnt.exe 2004-08-04 12:00:00 15,360 ----a-w C:\WINDOWS\system32\logoff.exe 2004-08-04 12:00:00 15,360 ----a-w C:\WINDOWS\system32\hnetmon.dll 2004-08-04 12:00:00 15,360 ----a-w C:\WINDOWS\system32\help.exe 2004-08-04 12:00:00 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe 2004-08-04 12:00:00 149,019 ----a-w C:\WINDOWS\system32\crtdll.dll 2004-08-04 12:00:00 147,968 ----a-w C:\WINDOWS\system32\rdchost.dll 2004-08-04 12:00:00 147,968 ----a-w C:\WINDOWS\system32\mdwmdmsp.dll 2004-08-04 12:00:00 147,968 ----a-w C:\WINDOWS\system32\dskquoui.dll 2004-08-04 12:00:00 147,456 ----a-w C:\WINDOWS\system32\odbctrac.dll 2004-08-04 12:00:00 147,456 ----a-w C:\WINDOWS\system32\initpki.dll 2004-08-04 12:00:00 147,456 ----a-w C:\WINDOWS\system32\comsnap.dll 2004-08-04 12:00:00 146,944 ----a-w C:\WINDOWS\system32\hotplug.dll 2004-08-04 12:00:00 145,920 ----a-w C:\WINDOWS\system32\modemui.dll 2004-08-04 12:00:00 145,408 ----a-w C:\WINDOWS\system32\wiavusd.dll 2004-08-04 12:00:00 145,408 ----a-w C:\WINDOWS\system32\ntshrui.dll 2004-08-04 12:00:00 145,408 ----a-w C:\WINDOWS\system32\dsprop.dll 2004-08-04 12:00:00 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2004-08-04 12:00:00 144,384 ----a-w C:\WINDOWS\system32\mobsync.exe 2004-08-04 12:00:00 144,384 ----a-w C:\WINDOWS\system32\imagehlp.dll 2004-08-04 12:00:00 144,384 ----a-w C:\WINDOWS\system32\capesnpn.dll 2004-08-04 12:00:00 143,360 ----a-w C:\WINDOWS\system32\rasmontr.dll 2004-08-04 12:00:00 143,360 ----a-w C:\WINDOWS\system32\msorcl32.dll 2004-08-04 12:00:00 143,360 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys 2004-08-04 12:00:00 143,360 ----a-w C:\WINDOWS\system32\adsldpc.dll 2004-08-04 12:00:00 142,848 ----a-w C:\WINDOWS\system32\netid.dll 2004-08-04 12:00:00 142,336 ----a-w C:\WINDOWS\system32\sessmgr.exe 2004-08-04 12:00:00 141,824 ----a-w C:\WINDOWS\system32\sfc_os.dll 2004-08-04 12:00:00 141,312 ----a-w C:\WINDOWS\system32\iasrecst.dll 2004-08-04 12:00:00 140,800 ----a-w C:\WINDOWS\system32\taskmgr.exe 2004-08-04 12:00:00 14,976 ----a-w C:\WINDOWS\system32\drivers\tape.sys 2004-08-04 12:00:00 14,850 ----a-w C:\WINDOWS\system32\kb16.com 2004-08-04 12:00:00 14,848 ----a-w C:\WINDOWS\system32\tcpmib.dll 2004-08-04 12:00:00 14,848 ----a-w C:\WINDOWS\system32\stimon.exe 2004-08-04 12:00:00 14,848 ----a-w C:\WINDOWS\system32\serwvdrv.dll 2004-08-04 12:00:00 14,848 ----a-w C:\WINDOWS\system32\serialui.dll 2004-08-04 12:00:00 14,848 ----a-w C:\WINDOWS\system32\rexec.exe 2004-08-04 12:00:00 14,848 ----a-w C:\WINDOWS\system32\ntlanui2.dll 2004-08-04 12:00:00 14,848 ----a-w C:\WINDOWS\system32\mgmtapi.dll 2004-08-04 12:00:00 14,848 ----a-w C:\WINDOWS\system32\mcastmib.dll 2004-08-04 12:00:00 14,848 ----a-w C:\WINDOWS\system32\fc.exe 2004-08-04 12:00:00 14,848 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys 2004-08-04 12:00:00 14,592 ----a-w C:\WINDOWS\system32\drivers\smclib.sys 2004-08-04 12:00:00 14,336 ----a-w C:\WINDOWS\system32\wship6.dll 2004-08-04 12:00:00 14,336 ----a-w C:\WINDOWS\system32\wowfaxui.dll 2004-08-04 12:00:00 14,336 ----a-w C:\WINDOWS\system32\svchost.exe 2004-08-04 12:00:00 14,336 ----a-w C:\WINDOWS\system32\ssstars.scr 2004-08-04 12:00:00 14,336 ----a-w C:\WINDOWS\system32\runonce.exe 2004-08-04 12:00:00 14,336 ----a-w C:\WINDOWS\system32\msdmo.dll 2004-08-04 12:00:00 14,336 ----a-w C:\WINDOWS\system32\drprov.dll 2004-08-04 12:00:00 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys 2004-08-04 12:00:00 14,336 ----a-w C:\WINDOWS\system32\cmpbk32.dll 2004-08-04 12:00:00 14,336 ----a-w C:\WINDOWS\system32\auditusr.exe 2004-08-04 12:00:00 14,208 ----a-w C:\WINDOWS\system32\drivers\diskdump.sys 2004-08-04 12:00:00 139,264 ----a-w C:\WINDOWS\system32\sndvol32.exe 2004-08-04 12:00:00 138,752 ----a-w C:\WINDOWS\system32\swprv.dll 2004-08-04 12:00:00 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2004-08-04 12:00:00 138,240 ----a-w C:\WINDOWS\system32\mqad.dll 2004-08-04 12:00:00 138,240 ----a-w C:\WINDOWS\system32\ifmon.dll 2004-08-04 12:00:00 137,216 ----a-w C:\WINDOWS\system32\sti_ci.dll 2004-08-04 12:00:00 137,216 ----a-w C:\WINDOWS\system32\dssenh.dll 2004-08-04 12:00:00 136,192 ----a-w C:\WINDOWS\system32\webvw.dll 2004-08-04 12:00:00 135,168 ----a-w C:\WINDOWS\system32\odbcconf.dll 2004-08-04 12:00:00 134,656 ----a-w C:\WINDOWS\system32\mssap.dll 2004-08-04 12:00:00 132,608 ----a-w C:\WINDOWS\system32\upnp.dll 2004-08-04 12:00:00 132,608 ----a-w C:\WINDOWS\system32\sndrec32.exe 2004-08-04 12:00:00 132,608 ----a-w C:\WINDOWS\system32\rsvp.exe 2004-08-04 12:00:00 132,096 ----a-w C:\WINDOWS\system32\acledit.dll 2004-08-04 12:00:00 130,560 ----a-w C:\WINDOWS\system32\dmdskres.dll 2004-08-04 12:00:00 130,048 ----a-w C:\WINDOWS\system32\sdpblb.dll 2004-08-04 12:00:00 13,952 ----a-w C:\WINDOWS\system32\drivers\cbidf2k.sys 2004-08-04 12:00:00 13,888 ----a-w C:\WINDOWS\system32\toolhelp.dll 2004-08-04 12:00:00 13,824 ----a-w C:\WINDOWS\system32\wscntfy.exe 2004-08-04 12:00:00 13,824 ----a-w C:\WINDOWS\system32\uniplat.dll 2004-08-04 12:00:00 13,824 ----a-w C:\WINDOWS\system32\sisbkup.dll 2004-08-04 12:00:00 13,824 ----a-w C:\WINDOWS\system32\sigtab.dll 2004-08-04 12:00:00 13,824 ----a-w C:\WINDOWS\system32\senscfg.dll 2004-08-04 12:00:00 13,824 ----a-w C:\WINDOWS\system32\savedump.exe 2004-08-04 12:00:00 13,824 ----a-w C:\WINDOWS\system32\rdsaddin.exe 2004-08-04 12:00:00 13,824 ----a-w C:\WINDOWS\system32\mrinfo.exe 2004-08-04 12:00:00 13,824 ----a-w C:\WINDOWS\system32\lmhsvc.dll 2004-08-04 12:00:00 13,824 ----a-w C:\WINDOWS\system32\convert.exe 2004-08-04 12:00:00 13,824 ----a-w C:\WINDOWS\system32\cmsetACL.dll 2004-08-04 12:00:00 13,824 ----a-w C:\WINDOWS\system32\atkctrs.dll 2004-08-04 12:00:00 13,312 ----a-w C:\WINDOWS\system32\win87em.dll 2004-08-04 12:00:00 13,312 ----a-w C:\WINDOWS\system32\verifier.dll 2004-08-04 12:00:00 13,312 ----a-w C:\WINDOWS\system32\umdmxfrm.dll 2004-08-04 12:00:00 13,312 ----a-w C:\WINDOWS\system32\tcmsetup.exe 2004-08-04 12:00:00 13,312 ----a-w C:\WINDOWS\system32\ntvdmd.dll 2004-08-04 12:00:00 13,312 ----a-w C:\WINDOWS\system32\msswch.dll 2004-08-04 12:00:00 13,312 ----a-w C:\WINDOWS\system32\lsass.exe 2004-08-04 12:00:00 13,312 ----a-w C:\WINDOWS\system32\irclass.dll 2004-08-04 12:00:00 129,536 ----a-w C:\WINDOWS\system32\xmlprov.dll 2004-08-04 12:00:00 129,536 ----a-w C:\WINDOWS\system32\msv1_0.dll 2004-08-04 12:00:00 129,024 ----a-w C:\WINDOWS\system32\nwscript.exe 2004-08-04 12:00:00 128,000 ----a-w C:\WINDOWS\system32\mshearts.exe 2004-08-04 12:00:00 126,976 ----a-w C:\WINDOWS\system32\msvideo.dll 2004-08-04 12:00:00 126,976 ----a-w C:\WINDOWS\system32\apphelp.dll 2004-08-04 12:00:00 125,952 ----a-w C:\WINDOWS\system32\schtasks.exe 2004-08-04 12:00:00 125,952 ----a-w C:\WINDOWS\system32\input.dll 2004-08-04 12:00:00 125,696 ----a-w C:\WINDOWS\system32\drivers\ftdisk.sys 2004-08-04 12:00:00 124,928 ----a-w C:\WINDOWS\system32\wiadss.dll 2004-08-04 12:00:00 124,928 ----a-w C:\WINDOWS\system32\net1.exe 2004-08-04 12:00:00 124,416 ----a-w C:\WINDOWS\system32\mplay32.exe 2004-08-04 12:00:00 123,904 ----a-w C:\WINDOWS\system32\dfrgui.dll 2004-08-04 12:00:00 123,392 ----a-w C:\WINDOWS\system32\mqrtdep.dll 2004-08-04 12:00:00 123,392 ----a-w C:\WINDOWS\system32\glu32.dll 2004-08-04 12:00:00 122,368 ----a-w C:\WINDOWS\system32\stobject.dll 2004-08-04 12:00:00 121,856 ----a-w C:\WINDOWS\system32\idq.dll 2004-08-04 12:00:00 121,856 ----a-w C:\WINDOWS\system32\gpresult.exe 2004-08-04 12:00:00 121,856 ----a-w C:\WINDOWS\system32\exts.dll 2004-08-04 12:00:00 121,344 ----a-w C:\WINDOWS\syst
  • En weer niet... Ik wacht je antwoord eerst wel af voordat ik de rest ook nog post, sorry :wink:
  • Heel lijstje. 1. Download [url=http://www.atribune.org/ccount/click.php?id=1]ATF cleaner[/url] (gemaakt door Atribune) Dubbelklik op ATF cleaner om het programma te starten. Op het tabblad "Main", plaats je een vinkje bij [b:2d6ccc3928]Select All[/b:2d6ccc3928]. Klik op de knop [b:2d6ccc3928]Empty Selected[/b:2d6ccc3928]. Het volgende doen als je ook FireFox als browser hebt: Klik op tabblad "Firefox", plaats een vinkje bij [b:2d6ccc3928]Select All[/b:2d6ccc3928]. Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No". (dit haalt het vinkje weer weg bij "Firefox saved passwords") Klik op de knop [b:2d6ccc3928]Empty Selected[/b:2d6ccc3928]. Het volgende doen als je ook Opera als browser hebt: Klik op tabblad "Opera", plaats een vinkje bij [b:2d6ccc3928]Select All[/b:2d6ccc3928]. Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No". Klik op de knop [b:2d6ccc3928]Empty Selected[/b:2d6ccc3928]. Ga naar het tabblad "Main" en klik op de knop [b:2d6ccc3928]Exit[/b:2d6ccc3928] om het programma af te sluiten. 2. Download [b:2d6ccc3928]Dr.Web CureIt[/b:2d6ccc3928] naar je bureaublad: [url=ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe]ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe[/url] 3. Start de computer in [url=http://users.pandora.be/marcvn/spyware/1378056.htm]veilige modus[/url]. 4. Dubbelklik [b:2d6ccc3928]drweb-cureit.exe[/b:2d6ccc3928] en sta het toe om de express scan te starten. Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt, klik de Yes to all knop bij de vraag 'cure it?'. Dit is enkel een korte scan. Eenmaal de korte scan is beeïndigd, Klik [b:2d6ccc3928]Options[/b:2d6ccc3928] > Change Settings Kies de "Scan"-tab en verwijder het vinkje bij "Heuristic analyse" Terug in het hoofdvenster kan je de drives selecteren die je wilt laten scannen. Selecteer hier alle drives. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen. Klik daarna de [b:2d6ccc3928]groene pijl[/b:2d6ccc3928] rechts om de scan te starten. Klik 'Yes to all' wanneer er gevraagd wordt om cure of move uit te voeren. Wanneer de scan gedaan is, kijk of je volgende icoontje kan aanklikken dat staat naast hetgeen gevonden werd: [img:2d6ccc3928]http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif[/img:2d6ccc3928] Indien wel, klik erop en daarna klik op het icoontje er net onder en kies: [b:2d6ccc3928]Move incurable[/b:2d6ccc3928] zoals je zal zien in volgende afbeelding: [img:2d6ccc3928]http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif[/img:2d6ccc3928] Dit zal de bestanden verplaatsen naar volgende map %userprofile%\DoctorWeb\quarantaine-folder indien het niet gedesinfecteerd kan worden. (dit in het geval dat we samples nodig hebben) Na bovenstaande te selecteren, in het menu bovenaan van Dr.Web CureIt, klik [b:2d6ccc3928]file[/b:2d6ccc3928] en kies [b:2d6ccc3928]save report list[/b:2d6ccc3928]. Bewaar de log op je bureaublad. Sluit daarna Dr.Web Cureit. 5. [b:2d6ccc3928]Herstart[/b:2d6ccc3928] je computer in normale modus!! Belangrijke stap, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen/verwijderen tijdens herstart. Na het herstarten, Kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post tesamen met een logje van Hijackthis
  • Done. Wat ik wel raar vond is dat DrWeb het update programma van McAfee aanmerkt als potentiële downloader, Mcupdmgr.exe. Na het opnieuw opstarten geeft McAfee dan ook meteen de melding dat ik niet meer beschermd ben. Aangezien ik dit ook niet veilig vind, ga ik zo dadelijk trachten McAfee te herstellen, en mocht het dan op weerstand stuiten van uw kant doe ik weer hetzelfde met DrWeb :roll: (Edit: Hoe doe ik dat overigens? * Edit2: Ah nevermind, dat is al gelukt ;) ) [b:57a0581b7e]log van HijackThis:[/b:57a0581b7e] Logfile of HijackThis v1.99.1 Scan saved at 21:02:35, on 24-5-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe C:\WINDOWS\V0230Mon.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\DOCUME~1\Ufuk\LOCALS~1\Temp\clclean.0001 C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\svchost.exe c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE C:\Documents and Settings\Ufuk\Bureaublad\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [mnu] C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe /S:T O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe O4 - HKLM\..\Run: [V0230Mon.exe] C:\WINDOWS\V0230Mon.exe O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [mnu] C:\Program Files\Orange\GLOBAL\Mnu\igomnu.exe /S:T O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by114w.bay114.mail.live.com/mail/resources/MsnPUpld.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe (file missing) O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [b:57a0581b7e]log van DrWeb:[/b:57a0581b7e] mcupdmgr.exe c:\program files\mcafee\msc Probably DLOADER.Trojan Incurable.Moved. VBAOL11.CHM\html/olobjAddressEntries.htm C:\Program Files\Microsoft Office\OFFICE11\1043\VBAOL11.CHM Modification of VBS.Petik VBAOL11.CHM C:\Program Files\Microsoft Office\OFFICE11\1043 Archive contains infected objects Moved. rcqyqmkj.dll.vir C:\QooBox\Quarantine\C\WINDOWS\system32 Trojan.Virtumod Deleted. A0062750.dll C:\System Volume Information\_restore{C6047249-B8FE-4F02-AAF1-9B17FBAA739B}\RP375 Trojan.Virtumod Deleted.
  • Voor Yep vundo besmetting bestaat een removal tool: [url]http://securityresponse.symantec.com/avcenter/FixVundo.exe[/url] Kun je die dan niet beter gebruiken?
  • [quote:471ddc679e="Tweaky"]Voor Yep vundo besmetting bestaat een removal tool: [url]http://securityresponse.symantec.com/avcenter/FixVundo.exe[/url] Kun je die dan niet beter gebruiken?[/quote:471ddc679e] Niet beter, want de combofix is beter omdat hij de bestanden unlocked(automatisch) en verwijderd. Combo laat nog meer zien en dat is ook handig, maar soms wissel ik wel eens af, die van symantec , :-? VIRTUMONDO_BEGONE Virtumundo Begone http://hicheckthis.dyndns.org/hjt/ncslist.php?lang=NL&view=118 --------------------- VUNDO VundoFix http://hicheckthis.dyndns.org/hjt/ncslist.php?lang=NL&view=103 ------------------------ en natuurlijk de combofix. die van symantec gebruik ik nooit.
  • Logje ziet er al weer terug schoon uit, hoe is het met je problemen?
  • De problemen zijn helemaal weg, bedankt voor de hulp ;) En voor in de toekomst, mocht ik weer last hebben van spyware, is het dan aan te raden om bijvoorbeeld Combofix te gebruiken in combinatie met Dr. Web? Of is Combofix alleen voor vundo besmettingen? Wat ik ook wel raar vind is dat een (toch hoog aangeschreven) programma als McAfee niet gewoon om kan gaan met dergelijke trojans.. Je zou toch denken dat die antivirusprogramma's daar speciaal voor geschreven worden.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.