Je rencontre un problème, j'ai installé un virus croyant à un logiciel et maintenant me voilà avec un fond d'écran bleu avec une case dans laquelle il est écrit : "Warning! Spyware detected on your computer!
Install an antivirus or spyware remover to clean your computer" Cela m'avait aussi installé Antivirus XP 2008 donc j'ai cru avoir réussi à me débarrasser, mais c'est le même virus je crois.

C'est un virus assez connu, malheureusement j'ai tenté pas mal de choses qui ont échoués, je m'en remets donc entièrement à vous.

Bonjour,

Télécharge Hijackthis (de Trend Micro) sur ton Bureau.

• Double clique sur HJTInstall.exe pour lancer l'installation.
• Clique sur Install.
• Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
• Accepte la licence en cliquant sur Yes.
• Clique sur Do a system scan and save a logfile.
• Poste ici le rapport généré.

Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log

Aide : Comment utiliser HijackThis.

Voilà le rapport (j'avais un peu anticipé ^^)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:09:24, on 11/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\S3trayp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Styler\Styler.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O3 - Toolbar: sqvgnrpx - {695AD9B9-B97E-4F91-8B6F-B1BD73937505} - C:\WINDOWS\sqvgnrpx.dll (file missing)
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [70d189ae] rundll32.exe "C:\WINDOWS\system32\xlcmxdbf.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: Styler.lnk = ?
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: Choisir comme avatar pour &Messenger - C:\Program Files\MSN Pictures Displayer\AddIEPicture.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://go.microsoft.com/fwlink/?linkid=39204
O21 - SSODL: fsrpknov - {DE5B4464-468D-40C2-AEFD-0C1EEA99998F} - C:\WINDOWS\fsrpknov.dll (file missing)
O21 - SSODL: fdxbameg - {8B18AFD9-A3F6-4A9D-B6BB-92C450E4BA79} - C:\WINDOWS\fdxbameg.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

--
End of file - 7583 bytes

Re,

Télécharge ComboFix (de sUBs) sur ton Bureau.

• Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
• Double clique sur ComboFix.exe.
• Accepte la licence en cliquant sur Oui.
• Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

Aide : Comment utiliser ComboFix.

Voici le rapport :

ComboFix 08-07-10.1 - Bast 2008-07-11 0:51:08.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.144 [GMT 2:00]
Endroit: C:\Documents and Settings\Bast\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Documents and Settings\Bast\Application Data\rhc5g5j0e3dp
C:\WINDOWS\erem.exe
C:\WINDOWS\gpefaowr.exe
C:\WINDOWS\system32\amfmwyvf.ini
C:\WINDOWS\system32\blphc1g5j0e3dp.scr
C:\WINDOWS\system32\fbdxmclx.ini
C:\WINDOWS\system32\fiPYyyay.ini
C:\WINDOWS\system32\fiPYyyay.ini2
C:\WINDOWS\system32\lphc1g5j0e3dp.exe
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\nnnOETmj.dll
C:\WINDOWS\system32\phc1g5j0e3dp.bmp
C:\WINDOWS\system32\rqRHxuTl.dll
C:\WINDOWS\system32\xlcmxdbf.dll

----- BITS: Possible sites infectés -----

hxxp://www.thenetworkcom.com
hxxp://www.thenmnetwork.com
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CLBDRIVER
-------\Service_clbdriver


((((((((((((((((((((((((((((( Fichiers créés 2008-06-10 to 2008-07-10 ))))))))))))))))))))))))))))))))))))
.

2008-07-11 00:39 . 2008-07-11 00:39 <REP> d-------- C:\Program Files\Avira
2008-07-11 00:39 . 2008-07-11 00:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-07-10 19:45 . 2008-07-10 19:45 116,352 --a------ C:\WINDOWS\system32\worybkvv.dll
2008-07-10 19:45 . 2008-07-10 19:45 116,352 --a------ C:\WINDOWS\system32\qylkjz.dll
2008-07-10 11:20 . 2008-07-10 11:20 86 --a------ C:\WINDOWS\wininit.ini
2008-07-10 10:46 . 2008-07-10 10:46 112,256 --a------ C:\WINDOWS\system32\majgjt.dll
2008-07-10 10:46 . 2008-07-10 10:46 112,256 --a------ C:\WINDOWS\system32\ekgpgrgv.dll
2008-07-10 10:43 . 2008-07-10 10:43 318,720 --a------ C:\WINDOWS\system32\yayyYPif.dll
2008-07-10 10:38 . 2001-08-28 16:00 4,224 --a------ C:\WINDOWS\system32\beep.sys
2008-07-08 22:05 . 2008-07-08 22:05 <REP> d-------- C:\Documents and Settings\Bast\Application Data\Samsung
2008-07-08 22:02 . 2006-05-03 22:53 174,592 --a------ C:\WINDOWS\system32\framedyn.dll
2008-07-08 22:00 . 2006-07-24 16:05 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys
2008-07-08 21:47 . 2008-07-08 21:47 <REP> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
2008-07-08 21:47 . 2008-07-08 21:47 <REP> d-------- C:\Program Files\Samsung
2008-07-08 21:47 . 2007-05-02 11:12 109,704 --a------ C:\WINDOWS\system32\drivers\ssm_mdm.sys
2008-07-08 21:47 . 2007-05-02 11:12 83,592 --a------ C:\WINDOWS\system32\drivers\ssm_bus.sys
2008-07-08 21:47 . 2007-05-02 11:12 15,112 --a------ C:\WINDOWS\system32\drivers\ssm_mdfl.sys
2008-07-08 21:47 . 2007-05-02 11:12 12,424 --a------ C:\WINDOWS\system32\drivers\ssm_whnt.sys
2008-07-08 21:47 . 2007-05-02 11:12 12,424 --a------ C:\WINDOWS\system32\drivers\ssm_wh.sys
2008-07-08 21:47 . 2007-05-02 11:12 12,424 --a------ C:\WINDOWS\system32\drivers\ssm_cmnt.sys
2008-07-08 21:47 . 2007-05-02 11:12 12,424 --a------ C:\WINDOWS\system32\drivers\ssm_cm.sys
2008-07-08 21:47 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-07-03 23:30 . 2008-07-09 15:14 <REP> d-------- C:\Program Files\Full Tilt Poker
2008-06-27 08:47 . 2008-06-27 08:47 <REP> d-------- C:\Logs
2008-06-26 12:27 . 2008-06-27 10:34 <REP> d-------- C:\Program Files\World of Warcraft
2008-06-26 12:27 . 2008-06-26 12:27 <REP> d-------- C:\Program Files\Fichiers communs\Blizzard Entertainment
2008-06-26 11:14 . 2008-06-26 11:14 230 --a------ C:\config.xml
2008-06-12 19:05 . 2008-06-12 19:05 <REP> d-------- C:\Program Files\Dr. Robotnik's Mean Bean Machine

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-10 23:05 163,712 ----a-w C:\WINDOWS\system32\drivers\vidstub.sys
2008-07-10 19:55 --------- d-----w C:\Documents and Settings\Bast\Application Data\DNA
2008-07-10 19:47 --------- d-----w C:\Documents and Settings\Bast\Application Data\OpenOffice.org2
2008-07-10 19:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-07-10 18:52 --------- d-s---w C:\Program Files\CodeBlocks
2008-07-10 18:51 --------- d-----w C:\Program Files\eMule
2008-07-10 18:06 3,498 ----a-w C:\WINDOWS\system32\tmp.reg
2008-07-10 09:45 --------- d-----w C:\Program Files\EA SPORTS
2008-07-10 09:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-10 08:53 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-07-10 08:26 --------- d-----w C:\Documents and Settings\Bast\Application Data\LimeWire
2008-07-08 19:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-08 13:06 --------- d-----w C:\Documents and Settings\Bast\Application Data\temp
2008-06-26 15:47 --------- d-s---w C:\Program Files\Skyline
2008-06-26 15:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skyline
2008-06-26 15:44 --------- d-s---w C:\Program Files\PokerStars
2008-06-26 15:38 --------- d-s---w C:\Program Files\Little Fighter 2.5 - v2.0
2008-06-08 23:08 357 ----a-w C:\Documents and Settings\Bast\.cb_layout.bin
2008-06-06 15:24 --------- d-s---w C:\Program Files\Google
2008-06-04 16:48 --------- d-----w C:\Documents and Settings\Bast\Application Data\TaoUSign
2008-05-22 20:15 --------- d--h--r C:\Documents and Settings\Bast\Application Data\SecuROM
2008-05-22 20:14 --------- d-----w C:\Program Files\Electronic Arts
2008-05-22 19:45 --------- d-s---w C:\Program Files\Windows Live
2008-05-19 17:22 --------- d-s---w C:\Program Files\Fichiers communs\Real
2008-05-19 17:22 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-05-17 13:40 --------- d-----w C:\Program Files\Microsoft Research
2008-05-17 11:35 --------- d-----w C:\Program Files\Freecorder
2008-05-17 11:29 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-02-09 13:02 83 --sha-w C:\Program Files\Desktop.ini
2008-02-09 13:01 129 --sha-w C:\Program Files\Fichiers communs\Desktop.ini
2007-02-12 16:16 32 ----a-r C:\Documents and Settings\All Users\hash.dat
2006-04-23 10:35 13,824 --sha-w C:\WINDOWS\MSN Messenger\Secur32.dll
.

------- Sigcheck -------

2002-08-29 13:45 603136 cbc50d46257c4a75644230507b488050 C:\WINDOWS\$NtServicePackUninstall$\wininet.dll
2007-04-18 14:32 697344 aeff166f0813521d4fe60b6efc6895f4 C:\WINDOWS\ServicePackFiles\i386\wininet.dll
2007-06-26 16:12 663040 889269134af28b2142f47a337ca3a1cd C:\WINDOWS\system32\wininet.dll
2007-06-26 16:12 663040 889269134af28b2142f47a337ca3a1cd C:\WINDOWS\system32\dllcache\wininet.dll

2005-03-02 20:13 2059008 5311776074b6c13f983dc75baeac9c0c C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
2002-08-29 14:17 1951488 4560381fa3425b16f5df1a0de4814de7 C:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe
2004-08-19 16:04 2058880 f252fae094c54572ece38a039f2103c4 C:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe
2006-12-19 20:22 2059648 06015d137b02542f07d5cd7b144df942 C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
2004-08-19 16:04 2058880 f252fae094c54572ece38a039f2103c4 C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe
2006-12-19 20:22 2059648 06015d137b02542f07d5cd7b144df942 C:\WINDOWS\system32\ntkrnlpa.exe
2006-12-19 20:22 2059648 06015d137b02542f07d5cd7b144df942 C:\WINDOWS\system32\dllcache\ntkrnlpa.exe

2004-08-19 16:09 978432 c2e06cb7cfb5dbd8767ddd5e2e18cf71 C:\WINDOWS\explorer.exe
2002-08-29 13:45 1008128 82fe0d400cb1ac937234467b927b867a C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
2004-08-19 16:09 978432 c2e06cb7cfb5dbd8767ddd5e2e18cf71 C:\WINDOWS\ServicePackFiles\i386\explorer.exe
.
((((((((((((((((((((((((((((( snapshot_2007-12-31_ 0.36.26,71 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-06-13 09:57:32 2,678 -c----w C:\WINDOWS\$NtServicePackUninstall$\57vxrlz1.dat
+ 2002-08-29 12:18:54 1,740 -c----w C:\WINDOWS\$NtServicePackUninstall$\dcache.bin
+ 2006-06-13 09:57:33 2,678 -c----w C:\WINDOWS\$NtServicePackUninstall$\djtzvtvh.dat
+ 2002-08-28 23:32:34 2,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\drmkaud.sys
+ 2006-06-13 09:57:30 2,678 -c----w C:\WINDOWS\$NtServicePackUninstall$\inxj35rx.dat
+ 2002-08-29 11:45:20 184,320 -c----w C:\WINDOWS\$NtServicePackUninstall$\msh261.drv
+ 2002-08-29 12:17:04 286,720 -c----w C:\WINDOWS\$NtServicePackUninstall$\msh263.drv
+ 2006-06-13 09:57:30 2,678 -c----w C:\WINDOWS\$NtServicePackUninstall$\pz9j3rtv.dat
+ 2001-08-23 15:47:52 22,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\wdmaud.drv
+ 2002-08-29 11:45:20 132,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\winspool.drv
+ 2006-06-13 09:57:30 2,678 -c----w C:\WINDOWS\$NtServicePackUninstall$\yndfdfdf.dat
+ 2005-10-12 23:12:26 213,216 -c----w C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe
+ 2005-10-12 23:12:33 371,424 -c----w C:\WINDOWS\$NtUninstallKB926239$\spuninst\updspapi.dll
+ 2006-09-25 16:58:48 221,488 -c----w C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe
+ 2006-09-25 16:58:48 379,184 -c----w C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\updspapi.dll
+ 2005-01-28 13:22:12 486,912 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\audiodev.dll
+ 2005-12-07 05:05:42 290,816 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\blackbox.dll
+ 2005-01-28 06:53:20 164,864 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\cewmdm.dll
+ 2005-12-07 05:05:52 505,344 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\drmv2clt.dll
+ 2005-01-28 06:53:16 6,656 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\laprxy.dll
+ 2005-01-27 23:21:46 96,768 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\logagent.exe
+ 2004-08-19 14:09:32 310,272 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mp43dmod.dll
+ 2004-08-19 14:09:32 384,512 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mp4sdmod.dll
+ 2004-08-19 14:09:32 240,640 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mpg4dmod.dll
+ 2005-01-28 06:53:22 142,336 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\msnetobj.dll
+ 2005-01-28 06:53:20 25,088 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mspmsnsv.dll
+ 2005-01-28 06:53:20 173,568 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mspmsp.dll
+ 2005-01-28 11:32:44 364,784 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\msscp.dll
+ 2005-01-28 13:22:12 316,416 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\mswmdm.dll
+ 2005-01-28 06:53:22 221,184 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\qasf.dll
+ 2006-05-16 17:11:54 213,216 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe
+ 2006-05-16 17:11:54 371,424 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\updspapi.dll
+ 2006-11-02 10:46:52 13,312 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\wpdinstallutil.dll
+ 2005-01-27 23:36:04 47,104 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\uwdf.exe
+ 2005-01-27 23:35:58 15,872 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wdfapi.dll
+ 2005-01-27 23:36:00 38,912 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wdfmgr.exe
+ 2005-01-28 11:32:44 396,528 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmadmod.dll
+ 2005-01-28 06:53:18 716,288 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmadmoe.dll
+ 2005-01-28 06:53:16 224,768 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmasf.dll
+ 2005-01-28 06:53:20 28,160 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdmlog.dll
+ 2005-01-28 06:53:20 33,792 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdmps.dll
+ 2005-01-28 06:53:50 335,872 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdrmdev.dll
+ 2005-01-28 06:53:54 290,816 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmdrmnet.dll
+ 2005-01-28 06:53:16 150,016 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmidx.dll
+ 2005-01-28 06:53:16 1,027,072 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmnetmgr.dll
+ 2005-01-28 11:32:56 774,904 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmsdmod.dll
+ 2005-01-28 06:53:18 1,119,744 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmsdmoe2.dll
+ 2005-01-28 13:22:12 827,392 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmsetsdk.exe
+ 2005-01-28 11:32:44 413,944 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmspdmod.dll
+ 2005-01-28 06:53:18 940,544 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmspdmoe.dll
+ 2005-01-28 11:32:56 1,218,808 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvadvd.dll
+ 2005-01-28 06:53:20 1,512,448 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvadve.dll
+ 2005-01-28 11:32:58 2,370,296 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvcore.dll
+ 2005-01-28 11:32:58 895,736 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvdmod.dll
+ 2005-01-28 06:53:18 1,003,008 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvdmoe2.dll
+ 2005-01-27 23:36:28 38,912 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpd_ci.dll
+ 2005-01-27 23:36:20 61,952 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdconns.dll
+ 2005-01-27 23:36:24 114,176 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtp.dll
+ 2005-01-27 23:36:22 66,560 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtpus.dll
+ 2005-01-27 23:36:28 331,264 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdsp.dll
+ 2005-01-27 23:36:24 18,944 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdusb.sys
+ 2006-09-16 00:05:22 221,488 -c----w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe
+ 2006-09-16 00:05:22 379,184 -c----w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\updspapi.dll
+ 2006-09-28 18:01:52 58,368 -c----w C:\WINDOWS\$NtUninstallWudf01000$\spuninst\WudfCustom.dll
+ 2006-10-04 14:05:26 39,424 ------w C:\WINDOWS\AppPatch\acadproc.dll
+ 2008-02-20 10:09:05 110,592 ----a-w C:\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll
+ 2008-02-20 10:09:01 65,536 ----a-w C:\WINDOWS\assembly\GAC\dao\10.0.4504.0__31bf3856ad364e35\DAO.DLL
+ 2008-02-20 10:09:08 4,608 ----a-w C:\WINDOWS\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
+ 2008-04-04 16:17:15 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-04-04 16:17:15 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-04-04 16:17:15 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-04-04 16:17:06 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-04 16:17:09 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-04 16:17:09 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-04 16:17:10 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-04 16:17:10 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-04 16:17:11 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-04 16:17:11 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-04 16:17:12 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-04 16:17:13 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-04 16:17:16 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-04-04 16:17:16 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-04-04 16:17:17 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-04-04 16:17:17 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-04-04 16:17:17 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-04-04 16:17:14 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-02-20 10:09:04 8,007,680 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
+ 2008-02-20 10:06:09 80,696 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll
+ 2008-02-20 10:07:54 1,612,592 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Access.dll
+ 2008-02-20 10:07:54 1,276,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2008-02-20 10:07:55 150,320 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2008-02-20 10:07:56 920,376 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll
+ 2008-02-20 10:07:56 35,648 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2008-02-20 10:07:56 248,632 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-02-20 10:07:56 232,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Publisher.dll
+ 2008-02-20 10:07:55 20,280 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
+ 2008-02-20 10:07:57 781,104 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2008-02-20 10:09:03 13,312 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
+ 2008-02-20 10:07:55 371,496 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
+ 2008-02-20 10:07:56 64,288 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2008-02-20 10:09:03 229,376 ----a-w C:\WINDOWS\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL
+ 2008-02-20 10:09:05 4,096 ----a-w C:\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
+ 2008-02-20 10:07:55 416,544 ----a-w C:\WINDOWS\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2008-02-20 10:06:04 12,104 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Access\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Access.dll
+ 2008-02-20 10:06:11 12,096 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
+ 2008-02-20 10:08:18 12,096 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
+ 2008-02-20 10:08:36 12,104 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.dll
+ 2008-02-20 10:08:33 12,632 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2008-02-20 10:08:36 12,112 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
+ 2008-02-20 10:08:44 12,104 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll
+ 2008-02-20 10:08:20 12,104 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
+ 2008-02-20 10:08:51 12,096 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
+ 2008-02-20 10:08:24 12,080 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2008-02-20 10:08:24 11,544 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
+ 2008-02-20 10:09:03 16,384 ----a-w C:\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
+ 2008-07-10 23:03:18 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2007-11-20 15:04:32 1,523,536 ----a-w C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
- 2007-03-13 09:57:10 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2000-08-31 06:00:00 89,504 ----a-w C:\WINDOWS\fdsv.exe
+ 2000-08-31 06:00:00 80,412 ----a-w C:\WINDOWS\grep.exe
+ 2008-04-20 19:13:47 27,136 ----a-r C:\WINDOWS\Installer\{02DFF6B1-1654-411C-8D7B-FD6052EF016F}\AppleSoftwareUpdateIco.exe
+ 2008-02-08 21:00:58 26,694 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\ARPPRODUCTICON.exe
+ 2008-02-08 21:00:58 26,694 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-02-08 21:00:58 26,694 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-02-08 21:00:58 65,536 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\NewShortcut1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-02-08 21:00:58 65,536 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\NewShortcut2_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-02-08 21:00:58 26,694 ----a-r C:\WINDOWS\Installer\{1E04F83B-2AB9-4301-9EF7-E86307F79C72}\UNINST_Uninstall_G_3DE5E7D47B88403CA3FD2017A8240C5B.exe
+ 2008-04-20 19:52:35 102,400 ----a-r C:\WINDOWS\Installer\{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}\iTunesIco.exe
+ 2008-03-22 20:19:42 140,262 ----a-r C:\WINDOWS\Installer\{6F06A42D-525C-49ED-8622-E16790956CD8}\_6FEFF9B68218417F98F549.exe
+ 2007-10-14 20:19:07 2,238 ----a-r C:\WINDOWS\Installer\{7784A172-61F1-445E-8368-601607E0DD22}\_4ae13d6c.exe
+ 2007-10-14 20:19:07 1,518 ----a-r C:\WINDOWS\Installer\{7784A172-61F1-445E-8368-601607E0DD22}\_69525f90.exe
+ 2008-02-20 10:00:08 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-040C-0000-0000000FF1CE}\misc.exe
+ 2008-02-20 10:11:54 1,165,584 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-02-20 10:11:55 20,240 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-02-20 10:11:55 217,864 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe
+ 2008-02-20 10:11:55 18,704 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-02-20 10:11:56 35,088 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-02-20 10:11:55 845,584 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-02-20 10:11:55 922,384 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-02-20 10:11:55 272,648 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-02-20 10:11:56 888,080 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-02-20 10:11:55 1,172,240 ----a-r C:\WINDOWS\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-02-15 23:36:56 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A81200000003}\SC_Reader.exe
+ 2008-05-22 20:14:52 7,598 ----a-r C:\WINDOWS\Installer\{EF7E931D-DC84-471B-8DB6-A83358095474}\ARPPRODUCTICON.exe
+ 2008-05-22 20:14:52 7,598 ----a-r C:\WINDOWS\Installer\{EF7E931D-DC84-471B-8DB6-A83358095474}\ead_desktop_shortcut_F557710133CC471182353A95BCD49DB0.exe
+ 2008-05-22 20:14:52 7,598 ----a-r C:\WINDOWS\Installer\{EF7E931D-DC84-471B-8DB6-A83358095474}\ead_startmenu_shortc_F557710133CC471182353A95BCD49DB0.exe
+ 2008-05-17 13:41:05 174,298 ----a-r C:\WINDOWS\Installer\{F9C80FE8-DB25-4EE5-AE6D-4332FB0E8B83}\_1055212E066366693F3E39.exe
+ 2008-05-17 13:41:04 174,298 ----a-r C:\WINDOWS\Installer\{F9C80FE8-DB25-4EE5-AE6D-4332FB0E8B83}\_21F3885A18D238E15AAE81.exe
+ 2008-05-17 13:41:05 174,298 ----a-r C:\WINDOWS\Installer\{F9C80FE8-DB25-4EE5-AE6D-4332FB0E8B83}\_6055DC69DCF791C52711C1.exe
+ 2008-05-17 13:41:04 174,298 ----a-r C:\WINDOWS\Installer\{F9C80FE8-DB25-4EE5-AE6D-4332FB0E8B83}\_6FEFF9B68218417F98F549.exe
+ 2008-05-17 13:41:05 174,298 ----a-r C:\WINDOWS\Installer\{F9C80FE8-DB25-4EE5-AE6D-4332FB0E8B83}\_934312A2105DE40686D86A.exe
+ 2008-05-17 13:41:04 174,298 ----a-r C:\WINDOWS\Installer\{F9C80FE8-DB25-4EE5-AE6D-4332FB0E8B83}\_D707CE1C009F1381803C2C.exe
+ 2006-11-04 11:55:59 2,678 -c--a-w C:\WINDOWS\java\Packages\Data\4SEAXVDZ.DAT
+ 2006-11-04 11:55:58 2,678 -c--a-w C:\WINDOWS\java\Packages\Data\6EN3LB9R.DAT
+ 2006-11-04 11:55:57 2,678 -c--a-w C:\WINDOWS\java\Packages\Data\7LVBJH7Z.DAT
+ 2006-11-04 11:55:58 2,678 -c--a-w C:\WINDOWS\java\Packages\Data\J7B5VZBB.DAT
+ 2006-11-04 11:56:05 2,678 -c--a-w C:\WINDOWS\java\Packages\Data\T7NLR13P.DAT
+ 2005-03-18 14:23:10 53,248 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2005-03-18 14:23:10 12,800 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
+ 2005-03-18 14:23:14 473,600 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
+ 2004-09-29 10:38:58 2,676,224 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-03-18 14:23:10 145,920 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
+ 2005-03-18 14:23:10 159,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
+ 2005-03-18 14:23:14 364,544 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
+ 2005-03-18 14:23:12 178,176 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
+ 2005-03-18 14:23:14 223,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
+ 2004-12-01 13:53:06 2,846,720 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-02-05 17:32:54 563,712 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-03-18 15:23:14 567,296 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-05-26 13:15:56 576,000 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-07-22 15:21:34 577,024 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-09-28 12:11:52 577,536 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-12-05 15:20:50 577,536 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll
+ 2006-02-03 05:40:48 578,560 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll
+ 2006-03-31 09:27:50 578,560 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll
- 2007-07-01 10:09:48 3,453 -c--a-w C:\WINDOWS\mozver.dat
+ 2008-02-18 20:44:35 4,087 -c--a-w C:\WINDOWS\mozver.dat
+ 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
+ 2006-06-13 12:23:10 2,724 ----a-w C:\WINDOWS\PCHealth\HelpCtr\PackageStore\SkuStore.bin
+ 2000-08-31 06:00:00 98,816 ----a-w C:\WINDOWS\sed.exe
+ 2004-08-19 14:23:26 1,788 -c----w C:\WINDOWS\ServicePackFiles\i386\dcache.bin
+ 2004-08-03 21:07:58 2,944 ------w C:\WINDOWS\ServicePackFiles\i386\drmkaud.sys
+ 2004-08-19 14:10:10 188,416 ------w C:\WINDOWS\ServicePackFiles\i386\msh261.drv
+ 2004-08-19 14:10:10 294,912 ------w C:\WINDOWS\ServicePackFiles\i386\msh263.drv
+ 2004-08-19 14:10:10 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\wdmaud.drv
+ 2004-08-19 14:10:10 146,944 ------w C:\WINDOWS\ServicePackFiles\i386\winspool.drv
+ 2000-08-31 06:00:00 161,792 ----a-w C:\WINDOWS\swreg.exe
+ 2000-08-31 06:00:00 136,704 ----a-w C:\WINDOWS\swsc.exe
+ 2000-08-31 06:00:00 212,480 ----a-w C:\WINDOWS\swxcacls.exe
+ 2001-08-28 14:00:00 2,000 -c--a-w C:\WINDOWS\system\KEYBOARD.DRV
+ 2001-08-28 14:00:00 73,680 -c--a-w C:\WINDOWS\system\MCIAVI.DRV
+ 2001-08-28 14:00:00 25,280 -c--a-w C:\WINDOWS\system\MCISEQ.DRV
+ 2001-08-28 14:00:00 28,160 ----a-w C:\WINDOWS\system\MCIWAVE.DRV
+ 2001-08-28 14:00:00 2,032 -c--a-w C:\WINDOWS\system\MOUSE.DRV
+ 2001-08-28 14:00:00 1,744 -c--a-w C:\WINDOWS\system\SOUND.DRV
+ 2001-08-28 14:00:00 3,360 -c--a-w C:\WINDOWS\system\SYSTEM.DRV
+ 2001-08-28 14:00:00 4,096 ----a-w C:\WINDOWS\system\TIMER.DRV
+ 2001-08-28 14:00:00 2,176 -c--a-w C:\WINDOWS\system\VGA.DRV
+ 2001-08-28 14:00:00 13,600 ----a-w C:\WINDOWS\system\WFWNET.DRV
+ 2004-08-19 14:10:10 146,944 ----a-w C:\WINDOWS\system\winspool.drv
- 2007-12-04 13:04:28 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
+ 2008-05-15 23:24:43 1,152,888 ----a-w C:\WINDOWS\system32\aswBoot.exe
- 2005-01-28 13:22:12 486,912 ----a-w C:\WINDOWS\system32\Audiodev.dll
+ 2006-10-18 20:47:08 276,992 ----a-w C:\WINDOWS\system32\audiodev.dll
- 2007-12-04 12:54:04 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
+ 2008-05-15 23:12:36 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
- 2005-12-07 05:05:42 290,816 ----a-w C:\WINDOWS\system32\blackbox.dll
+ 2006-10-18 20:47:10 542,720 ----a-w C:\WINDOWS\system32\blackbox.dll
- 2005-01-28 06:53:20 164,864 ----a-w C:\WINDOWS\system32\cewmdm.dll
+ 2006-10-18 20:47:10 229,376 ----a-w C:\WINDOWS\system32\cewmdm.dll
+ 2008-04-04 16:29:15 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
+ 2001-08-28 14:00:00 10,544 ----a-w C:\WINDOWS\system32\comm.drv
+ 2005-02-05 17:45:26 2,222,800 ----a-w C:\WINDOWS\system32\d3dx9_24.dll
+ 2005-03-18 15:19:58 2,337,488 ----a-w C:\WINDOWS\system32\d3dx9_25.dll
+ 2005-05-26 13:34:52 2,297,552 ----a-w C:\WINDOWS\system32\d3dx9_26.dll
+ 2005-07-22 17:59:04 2,319,568 ----a-w C:\WINDOWS\system32\d3dx9_27.dll
+ 2006-02-03 06:43:16 2,332,368 ----a-w C:\WINDOWS\system32\d3dx9_29.dll
+ 2006-09-28 14:05:20 2,414,360 ----a-w C:\WINDOWS\system32\d3dx9_31.dll
+ 2006-11-29 11:06:18 3,426,072 ----a-w C:\WINDOWS\system32\d3dx9_32.dll
+ 2004-08-19 14:23:26 1,788 -c--a-w C:\WINDOWS\system32\dcache.bin
- 2005-12-07 05:05:42 290,816 -c--a-w C:\WINDOWS\system32\dllcache\blackbox.dll
+ 2006-10-18 20:47:10 542,720 -c--a-w C:\WINDOWS\system32\dllcache\blackbox.dll
- 2005-01-28 06:53:20 164,864 -c--a-w C:\WINDOWS\system32\dllcache\cewmdm.dll
+ 2006-10-18 20:47:10 229,376 -c--a-w C:\WINDOWS\system32\dllcache\cewmdm.dll
- 2005-12-07 05:05:52 505,344 -c--a-w C:\WINDOWS\system32\dllcache\drmv2clt.dll
+ 2006-10-18 20:47:10 991,744 -c--a-w C:\WINDOWS\system32\dllcache\drmv2clt.dll
+ 2001-08-28 14:00:00 2,000 -c--a-w C:\WINDOWS\system32\dllcache\keyboard.drv
- 2005-01-28 06:53:16 6,656 -c--a-w C:\WINDOWS\system32\dllcache\laprxy.dll
+ 2006-10-18 20:47:14 11,264 -c--a-w C:\WINDOWS\system32\dllcache\LAPRXY.dll
- 2005-01-27 23:21:46 96,768 -c--a-w C:\WINDOWS\system32\dllcache\logagent.exe
+ 2006-10-18 19:03:58 100,864 -c--a-w C:\WINDOWS\system32\dllcache\logagent.exe
+ 2001-08-28 14:00:00 2,560 -c--a-w C:\WINDOWS\system32\dllcache\lz32.dll
+ 2001-08-28 14:00:00 73,680 -c--a-w C:\WINDOWS\system32\dllcache\mciavi.drv
+ 2001-08-28 14:00:00 25,280 -c--a-w C:\WINDOWS\system32\dllcache\mciseq.drv
+ 2001-08-28 14:00:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\mciwave.drv
+ 2001-08-28 14:00:00 2,032 -c--a-w C:\WINDOWS\system32\dllcache\mouse.drv
- 2005-01-28 06:53:22 142,336 -c--a-w C:\WINDOWS\system32\dllcache\msnetobj.dll
+ 2006-10-18 20:47:16 179,712 -c--a-w C:\WINDOWS\system32\dllcache\msnetobj.dll
- 2005-01-28 06:53:20 25,088 -c--a-w C:\WINDOWS\system32\dllcache\mspmsnsv.dll
+ 2006-10-18 20:47:16 27,136 -c--a-w C:\WINDOWS\system32\dllcache\mspmsnsv.dll
- 2005-01-28 06:53:20 173,568 -c--a-w C:\WINDOWS\system32\dllcache\mspmsp.dll
+ 2006-10-18 20:47:16 175,616 -c--a-w C:\WINDOWS\system32\dllcache\mspmsp.dll
- 2005-01-28 11:32:44 364,784 -c--a-w C:\WINDOWS\system32\dllcache\msscp.dll
+ 2006-10-18 20:47:16 414,208 -c--a-w C:\WINDOWS\system32\dllcache\msscp.dll
- 2005-01-28 13:22:12 316,416 -c--a-w C:\WINDOWS\system32\dllcache\mswmdm.dll
+ 2006-10-18 20:47:16 321,536 -c--a-w C:\WINDOWS\system32\dllcache\mswmdm.dll
+ 2001-08-28 14:00:00 2,944 -c--a-w C:\WINDOWS\system32\dllcache\null.sys
- 2005-01-28 06:53:22 221,184 -c--a-w C:\WINDOWS\system32\dllcache\qasf.dll
+ 2006-10-18 20:47:18 211,456 -c--a-w C:\WINDOWS\system32\dllcache\qasf.dll
+ 2001-08-28 14:00:00 1,744 -c--a-w C:\WINDOWS\system32\dllcache\sound.drv
+ 2001-08-28 14:00:00 3,360 -c--a-w C:\WINDOWS\system32\dllcache\system.drv
+ 2001-08-28 14:00:00 4,096 -c--a-w C:\WINDOWS\system32\dllcache\timer.drv
+ 2001-08-28 14:00:00 2,176 -c--a-w C:\WINDOWS\system32\dllcache\vga.drv
+ 2001-08-28 14:00:00 13,600 -c--a-w C:\WINDOWS\system32\dllcache\wfwnet.drv
+ 2001-08-28 14:00:00 2,864 -c--a-w C:\WINDOWS\system32\dllcache\winsock.dll
+ 2001-08-28 14:00:00 2,112 -c--a-w C:\WINDOWS\system32\dllcache\winspool.exe
- 2005-01-28 11:32:44 396,528 -c--a-w C:\WINDOWS\system32\dllcache\wmadmod.dll
+ 2006-10-18 20:47:18 757,248 -c--a-w C:\WINDOWS\system32\dllcache\wmadmod.dll
- 2005-01-28 06:53:18 716,288 -c--a-w C:\WINDOWS\system32\dllcache\wmadmoe.dll
+ 2006-10-18 20:47:18 1,117,696 -c--a-w C:\WINDOWS\system32\dllcache\WMADMOE.dll
- 2005-01-28 06:53:16 224,768 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2006-10-18 20:47:18 222,208 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
- 2005-01-28 06:53:20 28,160 -c--a-w C:\WINDOWS\system32\dllcache\wmdmlog.dll
+ 2006-10-18 20:47:18 33,792 -c--a-w C:\WINDOWS\system32\dllcache\wmdmlog.dll
- 2005-01-28 06:53:20 33,792 -c--a-w C:\WINDOWS\system32\dllcache\wmdmps.dll
+ 2006-10-18 20:47:18 37,376 -c--a-w C:\WINDOWS\system32\dllcache\wmdmps.dll
- 2005-01-28 06:53:16 150,016 -c--a-w C:\WINDOWS\system32\dllcache\wmidx.dll
+ 2006-10-18 20:47:20 157,184 -c--a-w C:\WINDOWS\system32\dllcache\wmidx.dll
- 2005-01-28 06:53:16 1,027,072 -c--a-w C:\WINDOWS\system32\dllcache\wmnetmgr.dll
+ 2006-10-18 20:47:20 937,984 -c--a-w C:\WINDOWS\system32\dllcache\WMNetMgr.dll
- 2005-01-28 11:32:56 774,904 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll
- 2005-01-28 06:53:18 1,119,744 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll
- 2005-01-28 11:32:44 413,944 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmod.dll
+ 2006-10-18 20:47:22 603,648 -c--a-w C:\WINDOWS\system32\dllcache\WMSPDMOD.dll
- 2005-01-28 06:53:18 940,544 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmoe.dll
+ 2006-10-18 20:47:22 1,329,152 -c--a-w C:\WINDOWS\system32\dllcache\WMSPDMOE.dll
- 2005-01-28 11:32:58 2,370,296 ----a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
+ 2006-10-18 20:47:22 2,450,944 -c--a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
- 2005-01-28 11:32:58 895,736 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll
- 2005-01-28 06:53:18 1,003,008 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll
+ 2001-08-28 14:00:00 2,736 -c--a-w C:\WINDOWS\system32\dllcache\wowdeb.exe
- 2007-12-04 14:49:02 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
+ 2008-05-15 23:13:26 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
+ 2008-05-15 23:16:06 20,560 ----a-w C:\WINDOWS\system32\drivers\aswFsBlk.sys
- 2007-12-04 14:56:02 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
+ 2008-01-17 15:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
- 2007-12-04 14:55:46 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
+ 2008-05-15 23:18:33 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
- 2007-12-04 14:53:39 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
+ 2008-05-15 23:15:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
+ 2008-05-15 23:20:32 78,416 ----a-w C:\WINDOWS\system32\drivers\aswSP.sys
- 2007-12-04 14:51:52 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
+ 2008-05-15 23:14:11 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
+ 2008-01-21 16:12:56 41,792 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
+ 2008-01-21 16:11:28 22,336 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2008-03-04 11:28:53 79,424 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
+ 2004-08-03 21:07:58 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
- 2006-09-19 14:44:04 15,664 ----a-w C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
+ 2008-01-29 10:01:28 16,168 ----a-w C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
- 2007-05-22 18:26:57 26,056 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
+ 2008-01-11 18:25:30 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
+ 2001-08-28 14:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\null.sys
+ 2007-03-01 08:34:22 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
+ 2006-10-18 20:47:22 671,232 ------w C:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll
- 2005-01-27 23:36:24 18,944 ----a-w C:\WINDOWS\system32\drivers\wpdusb.sys
+ 2006-10-18 19:00:00 38,528 ----a-w C:\WINDOWS\system32\drivers\wpdusb.sys
+ 2006-09-28 17:55:50 77,568 ------w C:\WINDOWS\system32\drivers\WudfPf.sys
+ 2006-09-28 18:00:34 82,944 ------w C:\WINDOWS\system32\drivers\WudfRd.sys
+ 2006-10-18 19:00:46 249,856 ------w C:\WINDOWS\system32\drmupgds.exe
- 2005-12-07 05:05:52 505,344 ----a-w C:\WINDOWS\system32\drmv2clt.dll
+ 2006-10-18 20:47:10 991,744 ----a-w C:\WINDOWS\system32\drmv2clt.dll
- 2007-10-31 13:09:14 30,464 -c--a-w C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571\usbaapl.sys
+ 2008-02-18 09:16:24 30,464 -c--a-w C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571\usbaapl.sys
+ 2006-10-26 13:10:08 1,190,688 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2006-10-26 13:10:06 33,088 ----a-w C:\WINDOWS\system32\FM20ENU.DLL
+ 2006-10-26 13:42:36 36,160 ----a-w C:\WINDOWS\system32\FM20FRA.DLL
- 2007-12-06 19:54:47 215,264 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-02-21 08:57:09 351,384 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2007-09-11 16:11:03 47,336 ----a-w C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
+ 2008-02-20 10:32:47 90,704 ----a-w C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
- 2006-10-03 18:47:52 109,360 -c--a-w C:\WINDOWS\system32\GEARAspi.dll
+ 2008-01-29 10:02:30 107,368 ----a-w C:\WINDOWS\system32\GEARAspi.dll
+ 2006-10-26 12:45:04 207,360 ----a-w C:\WINDOWS\system32\INKED.DLL
- 2007-09-24 20:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-02-22 00:23:35 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2007-09-24 20:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-02-22 00:23:39 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2007-09-24 21:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-02-22 01:33:32 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2001-08-28 14:00:00 2,000 ----a-w C:\WINDOWS\system32\keyboard.drv
+ 2001-08-28 14:00:00 224,448 ----a-w C:\WINDOWS\system32\lanman.drv
- 2005-01-28 06:53:16 6,656 ----a-w C:\WINDOWS\system32\laprxy.dll
+ 2006-10-18 20:47:14 11,264 ----a-w C:\WINDOWS\system32\LAPRXY.dll
- 2007-04-23 00:15:18 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
+ 2008-02-21 02:05:34 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
- 2005-01-27 23:21:46 96,768 ----a-w C:\WINDOWS\system32\logagent.exe
+ 2006-10-18 19:03:58 100,864 ----a-w C:\WINDOWS\system32\logagent.exe
- 2004-08-19 14:10:08 3,128,320 ----a-w C:\WINDOWS\system32\logon.scr
+ 2004-08-19 14:10:08 221,696 ----a-w C:\WINDOWS\system32\logon.scr
- 2004-08-19 14:09:56 5,650,944 ----a-w C:\WINDOWS\system32\logonui.exe
+ 2004-08-19 14:09:56 515,584 ----a-w C:\WINDOWS\system32\logonui.exe
+ 2001-08-28 14:00:00 2,560 ----a-w C:\WINDOWS\system32\lz32.dll
- 2007-08-07 16:20:44 182,248 ----a-w C:\WINDOWS\system32\Macromed\Director\SwDir.dll
+ 2008-01-07 10:26:46 181,672 ----a-w C:\WINDOWS\system32\Macromed\Director\SwDir.dll
+ 2007-11-21 00:04:14 218,496 ----a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe
- 2007-06-11 20:34:34 2,115,816 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2007-11-21 00:52:38 2,884,992 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
- 2007-06-11 20:34:40 190,696 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2007-11-21 00:52:40 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-01-10 21:31:06 74,649 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
- 2007-08-24 12:59:56 45,218 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-03-01 20:13:50 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
- 2007-08-07 12:35:56 585,728 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
+ 2008-01-03 17:19:34 581,632 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
- 2007-08-07 12:19:40 1,490,944 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\dirapi.dll
+ 2008-01-03 17:01:46 1,490,944 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\dirapi.dll
- 2007-08-07 12:36:32 24,576 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2008-01-03 17:20:14 24,576 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll
- 2007-08-07 15:52:32 1,113,600 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gi.dll
+ 2008-01-03 17:39:06 1,113,600 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gi.dll
- 2007-08-07 12:08:48 52,288 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gtapi.dll
+ 2008-01-03 16:46:46 52,288 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\gtapi.dll
- 2007-08-07 12:17:24 606,208 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\iml32.dll
+ 2008-01-03 16:59:14 606,208 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\iml32.dll
- 2007-08-07 12:35:22 339,968 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll
+ 2008-01-03 17:18:56 339,968 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll
- 2007-08-07 12:35:32 483,328 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll
+ 2008-01-03 17:19:06 475,136 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll
- 2007-08-07 12:28:38 180,224 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll
+ 2008-01-03 17:11:48 180,224 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll
+ 2008-01-07 10:26:28 390,568 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwHelper_1030024.exe
- 2007-08-07 12:37:56 77,824 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe
+ 2008-01-03 17:22:06 77,824 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe
- 2007-08-07 12:35:18 86,016 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\SwMenu.dll
+ 2008-01-03 17:18:50 86,016 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\SwMenu.dll
- 2007-08-07 12:37:58 98,304 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2008-01-03 17:22:08 98,304 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
- 2007-08-07 12:08:46 50,808 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SYMCCHECKER.DLL
+ 2008-01-03 16:46:44 50,808 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SYMCCHECKER.DLL
+ 2001-08-28 14:00:00 73,680 ----a-w C:\WINDOWS\system32\mciavi.drv
+ 2001-08-28 14:00:00 25,280 ----a-w C:\WINDOWS\system32\mciseq.drv
+ 2001-08-28 14:00:00 28,160 ----a-w C:\WINDOWS\system32\mciwave.drv
+ 2006-10-18 20:47:14 212,992 ------w C:\WINDOWS\system32\MFPLAT.dll
+ 2001-08-28 14:00:00 2,032 ----a-w C:\WINDOWS\system32\mouse.drv
+ 2006-10-18 20:47:14 259,072 ------w C:\WINDOWS\system32\MP43DECD.dll
- 2004-08-19 14:09:32 310,272 ------w C:\WINDOWS\system32\mp43dmod.dll
+ 2006-10-18 20:47:14 4,096 ------w C:\WINDOWS\system32\MP43DMOD.dll
+ 2006-10-18 20:47:14 317,440 ------w C:\WINDOWS\system32\MP4SDECD.dll
- 2004-08-19 14:09:32 384,512 ------w C:\WINDOWS\system32\mp4sdmod.dll
+ 2006-10-18 20:47:14 4,096 ------w C:\WINDOWS\system32\MP4SDMOD.dll
+ 2006-10-18 20:47:14 259,072 ------w C:\WINDOWS\system32\MPG4DECD.dll
- 2004-08-19 14:09:32 240,640 ----a-w C:\WI