Axephilic wrote:For this file: C:\Windows\System32\S3Funkey.exe, please copy and paste all of the results until the end of the page.
----------------
Antivirus Version Last Update Result
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Secure - - Suspicious:W32/TargetSoft.a!Gemini
Fortinet - - -
GData - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - -
Norman - - -
Panda - - -
PCTools - - -
Prevx1 - - -
Rising - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
TrendMicro - - -
VBA32 - - -
ViRobot - - -
VirusBuster - - -
Webwasher-Gateway - - -
Additional information
MD5: 4a0d39683494650f560136f7407f5822
SHA1: aaf47979fa50bf865c082f53a8dbecdef96e5906
SHA256: 7452ea3d5fc722019376d9685ad8dcd812be6c4f3f41c133f916892a81b69ee5
SHA512: 9ef07b08f3ac9bfdf8bc78c7e8c565f71127d054555ebcd31587a8b3daaee1719abdba56aa1522ad5134f3571e44e0ab0af68812b151cb4c113e1358347e1adf
ComboFix 09-03-29.02 - James 2009-03-29 23:57:27.2 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.2494.1740 [GMT 1:00]
Running from: c:\users\James\Desktop\ComboFix.exe
Command switches used :: c:\users\James\Desktop\CFScript.txt
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated)
FW: ESET Personal firewall *enabled*
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Vuze
c:\program files\Vuze\.install4j\_shfoldr.dll
c:\program files\Vuze\.install4j\autoUninstall.0
c:\program files\Vuze\.install4j\files.log
c:\program files\Vuze\.install4j\i4j_extf_0_5p83tu.utf8
c:\program files\Vuze\.install4j\i4j_extf_1_5p83tu_1q2vg51.png
c:\program files\Vuze\.install4j\i4j_extf_10_5p83tu_15u5iv8.png
c:\program files\Vuze\.install4j\i4j_extf_11_5p83tu_1hztszn.png
c:\program files\Vuze\.install4j\i4j_extf_12_5p83tu.exe
c:\program files\Vuze\.install4j\i4j_extf_13_5p83tu_z1x7tn.png
c:\program files\Vuze\.install4j\i4j_extf_2_5p83tu_1rjd818.png
c:\program files\Vuze\.install4j\i4j_extf_3_5p83tu_qin5kk.png
c:\program files\Vuze\.install4j\i4j_extf_4_5p83tu_xza4ha.png
c:\program files\Vuze\.install4j\i4j_extf_5_5p83tu_19c5po3.png
c:\program files\Vuze\.install4j\i4j_extf_6_5p83tu_bm8amj.ico
c:\program files\Vuze\.install4j\i4j_extf_7_5p83tu.exe
c:\program files\Vuze\.install4j\i4j_extf_8_5p83tu.dll
c:\program files\Vuze\.install4j\i4j_extf_9_5p83tu.xpi
c:\program files\Vuze\.install4j\i4jdel.exe
c:\program files\Vuze\.install4j\i4jinst.dll
c:\program files\Vuze\.install4j\i4jparams.conf
c:\program files\Vuze\.install4j\i4jruntime.jar
c:\program files\Vuze\.install4j\inst_jre.cfg
c:\program files\Vuze\.install4j\install.prop
c:\program files\Vuze\.install4j\installation.log
c:\program files\Vuze\.install4j\MessagesDefault
c:\program files\Vuze\.install4j\response.varfile
c:\program files\Vuze\.install4j\unicows.dll
c:\program files\Vuze\.install4j\user.jar
c:\program files\Vuze\aereg.dll
c:\program files\Vuze\Azureus.exe
c:\program files\Vuze\Azureus.exe.manifest
c:\program files\Vuze\Azureus.properties
c:\program files\Vuze\Azureus2.jar
c:\program files\Vuze\AzureusUpdater.exe
c:\program files\Vuze\GPL.txt
c:\program files\Vuze\installer.log
c:\program files\Vuze\msvcr71.dll
c:\program files\Vuze\plugins\azemp\azemp_2.1.01.jar
c:\program files\Vuze\plugins\azemp\azmplay.exe
c:\program files\Vuze\plugins\azemp\azureus.sig
c:\program files\Vuze\plugins\azemp\cp1250-a.raw
c:\program files\Vuze\plugins\azemp\cp1250-b.raw
c:\program files\Vuze\plugins\azemp\font.desc
c:\program files\Vuze\plugins\azemp\osd-mplayer-a.raw
c:\program files\Vuze\plugins\azemp\osd-mplayer-b.raw
c:\program files\Vuze\plugins\azemp\plugin.properties
c:\program files\Vuze\plugins\azplugins\azplugins_2.1.6.jar
c:\program files\Vuze\plugins\azrating\azrating_1.3.1.jar
c:\program files\Vuze\plugins\azupdater\azupdaterpatcher_1.8.8.jar
c:\program files\Vuze\plugins\azupdater\azureus.sig
c:\program files\Vuze\plugins\azupdater\plugin.properties
c:\program files\Vuze\plugins\azupdater\Updater.jar
c:\program files\Vuze\plugins\azupnpav\azupnpav_0.2.5.jar
c:\program files\Vuze\plugins\azupnpav\azureus.sig
c:\program files\Vuze\plugins\azupnpav\plugin.properties
c:\program files\Vuze\swt.jar
c:\program files\Vuze\uninstall.exe
c:\program files\Vuze\Vuze.ico
c:\programdata\Azureus
c:\programdata\Azureus\azCID.txt
C:\test.txt
c:\users\James\AppData\Roaming\Azureus
c:\users\James\AppData\Roaming\Azureus\.certs
c:\users\James\AppData\Roaming\Azureus\.keystore
c:\users\James\AppData\Roaming\Azureus\.lock
c:\users\James\AppData\Roaming\Azureus\active\2E43A757A84EEE3970CABC49AE791F9E6D7F9585.dat
c:\users\James\AppData\Roaming\Azureus\active\2E43A757A84EEE3970CABC49AE791F9E6D7F9585.dat.bak
c:\users\James\AppData\Roaming\Azureus\active\A9154D9A1FD1B877C8575E7C79FA681595FB7BD1.dat
c:\users\James\AppData\Roaming\Azureus\active\A9154D9A1FD1B877C8575E7C79FA681595FB7BD1.dat.bak
c:\users\James\AppData\Roaming\Azureus\active\AD4AF3D1DFA553B505BCF0160DE1792E5B049C19.dat
c:\users\James\AppData\Roaming\Azureus\active\AD4AF3D1DFA553B505BCF0160DE1792E5B049C19.dat.bak
c:\users\James\AppData\Roaming\Azureus\active\BF7AFF73B83AA84337AF13C4A6023221EE6E2116.dat
c:\users\James\AppData\Roaming\Azureus\active\BF7AFF73B83AA84337AF13C4A6023221EE6E2116.dat.bak
c:\users\James\AppData\Roaming\Azureus\active\cache.dat
c:\users\James\AppData\Roaming\Azureus\azureus.config
c:\users\James\AppData\Roaming\Azureus\azureus.config.bak
c:\users\James\AppData\Roaming\Azureus\azureus.statistics
c:\users\James\AppData\Roaming\Azureus\azureus.statistics.bak
c:\users\James\AppData\Roaming\Azureus\banips.config
c:\users\James\AppData\Roaming\Azureus\cnetworks.config
c:\users\James\AppData\Roaming\Azureus\dht\addresses.dat
c:\users\James\AppData\Roaming\Azureus\dht\contacts.dat
c:\users\James\AppData\Roaming\Azureus\dht\diverse.dat
c:\users\James\AppData\Roaming\Azureus\dht\general.dat
c:\users\James\AppData\Roaming\Azureus\dht\version.dat
c:\users\James\AppData\Roaming\Azureus\downloads.config
c:\users\James\AppData\Roaming\Azureus\downloads.config.bak
c:\users\James\AppData\Roaming\Azureus\filters.config
c:\users\James\AppData\Roaming\Azureus\friends.config
c:\users\James\AppData\Roaming\Azureus\friends.config.bak
c:\users\James\AppData\Roaming\Azureus\ipfilter.cache
c:\users\James\AppData\Roaming\Azureus\logs\Friends_1.log
c:\users\James\AppData\Roaming\Azureus\logs\thread_2.log
c:\users\James\AppData\Roaming\Azureus\logs\v3.Friends_2.log
c:\users\James\AppData\Roaming\Azureus\metasearch.config
c:\users\James\AppData\Roaming\Azureus\metasearch.config.bak
c:\users\James\AppData\Roaming\Azureus\net\pm_13285.dat
c:\users\James\AppData\Roaming\Azureus\net\pm_default.dat
c:\users\James\AppData\Roaming\Azureus\sidebarauto.config
c:\users\James\AppData\Roaming\Azureus\sidebarauto.config.bak
c:\users\James\AppData\Roaming\Azureus\subs\
07ABDD32A54D704B48FE.vuze
c:\users\James\AppData\Roaming\Azureus\subs\24B8E9AC78200A71D3DA.vuze
c:\users\James\AppData\Roaming\Azureus\subs\A1BE3EBC43A88A574BB4.vuze
c:\users\James\AppData\Roaming\Azureus\subs\EF0B9C6DCE240E6A2029.vuze
c:\users\James\AppData\Roaming\Azureus\subscriptions.config
c:\users\James\AppData\Roaming\Azureus\subscriptions.config.bak
c:\users\James\AppData\Roaming\Azureus\tables.config
c:\users\James\AppData\Roaming\Azureus\tables.config.bak
c:\users\James\AppData\Roaming\Azureus\timingstats.dat
c:\users\James\AppData\Roaming\Azureus\tmp\AZU2408151925702517023.tmp
c:\users\James\AppData\Roaming\Azureus\tmp\AZU5495669784856412468.tmp
c:\users\James\AppData\Roaming\Azureus\tmp\AZU5658727455777686171.tmp
c:\users\James\AppData\Roaming\Azureus\tmp\AZU614417209208862867.tmp
c:\users\James\AppData\Roaming\Azureus\tmp\AZU6715622205982025920.tmp
c:\users\James\AppData\Roaming\Azureus\tmp\AZU7000941709804148719.tmp
c:\users\James\AppData\Roaming\Azureus\tmp\AZU7337110902102555298.tmp
c:\users\James\AppData\Roaming\Azureus\tmp\AZU8039128255926504992.tmp
c:\users\James\AppData\Roaming\Azureus\tmp\AZU8474953956746299715.tmp
c:\users\James\AppData\Roaming\Azureus\tmp\AZU8630131553960124240.tmp
c:\users\James\AppData\Roaming\Azureus\tmp\AZU922928046609471993.tmp
c:\users\James\AppData\Roaming\Azureus\tmp\AZU95304732687239305.tmp
c:\users\James\AppData\Roaming\Azureus\torrents\[isoHunt] Death - Live in L.A by Vladdrakulya.torrent
c:\users\James\AppData\Roaming\Azureus\torrents\+-Demonoid.com-+_Killswitch_Engage_LIVE_at_the_Rock_AM_Ring_2007_5378546.8438.torrent
c:\users\James\AppData\Roaming\Azureus\torrents\Killswitch Engage - (Set This) World Ablaze - Full DVD-[rarbg.com].torrent
c:\users\James\AppData\Roaming\Azureus\torrents\System_Of_A_Down___Live_Big_Day_Out_2002_torrent.torrent
c:\users\James\AppData\Roaming\Azureus\tracker.config
c:\users\James\AppData\Roaming\Azureus\tracker.config.bak
c:\users\James\AppData\Roaming\Azureus\unsentdata.config
c:\users\James\AppData\Roaming\Azureus\unsentdata.config.bak
c:\users\James\AppData\Roaming\Azureus\v3.Friends.dat
c:\users\James\AppData\Roaming\Azureus\v3.Friends.dat.bak
c:\users\James\AppData\Roaming\Azureus\VuzeActivities.config
c:\windows\vmreg32.dll
.
((((((((((((((((((((((((( Files Created from 2009-02-28 to 2009-03-29 )))))))))))))))))))))))))))))))
.
2009-03-29 22:12 . 2009-03-29 22:12 <DIR> d-------- c:\program files\MSXML 4.0
2009-03-29 21:58 . 2009-03-29 21:58 <DIR> d-------- c:\program files\CCleaner
2009-03-29 12:50 . 2009-03-29 12:50 65 --a------ c:\windows\FISHUI.INI
2009-03-29 12:19 . 2009-03-29 12:47 <DIR> d-------- c:\users\James\AppData\Roaming\DataCast
2009-03-29 12:18 . 2009-03-29 12:18 <DIR> d-------- c:\program files\Samsung
2009-03-27 16:55 . 2009-03-27 16:56 <DIR> d-------- C:\rsit
2009-03-27 14:48 . 2009-03-27 14:48 <DIR> d-------- c:\program files\Citrix
2009-03-27 14:48 . 2008-09-30 17:04 42,792 --a------ c:\windows\System32\gotomon.dll
2009-03-26 21:30 . 2009-03-29 23:31 <DIR> d-------- c:\program files\Messenger Plus! Live
2009-03-21 04:38 . 2009-03-21 08:02 <DIR> d-------- c:\users\James\AppData\Roaming\Any Video Converter
2009-03-21 04:38 . 2009-03-21 04:39 <DIR> d-------- c:\program files\Any Video Converter
2009-03-20 01:51 . 2009-03-20 01:51 81,920 --a------ c:\users\James\AppData\Roaming\ezpinst.exe
2009-03-17 01:47 . 2009-03-17 01:47 <DIR> d-------- c:\users\Mishy Moo\AppData\Roaming\DivX
2009-03-15 18:19 . 2009-03-15 18:19 <DIR> d-------- c:\users\James\AppData\Roaming\AdobeUM
2009-03-14 06:59 . 2009-03-14 06:59 <DIR> d-------- c:\program files\VIA
2009-03-14 06:59 . 2007-09-20 11:43 331,184 --------- c:\windows\System32\difxapi.dll
2009-03-14 06:58 . 2008-12-16 16:48 21,144 --a------ c:\windows\System32\drivers\xfilt.sys
2009-03-14 06:58 . 2008-12-16 16:47 13,976 --a------ c:\windows\System32\drivers\videX32.sys
2009-03-14 06:56 . 2009-03-14 06:56 <DIR> d-------- c:\program files\Realtek
2009-03-14 06:56 . 2008-10-29 17:29 43,520 --a------ c:\windows\System32\drivers\Rtnicxp.sys
2009-03-14 06:49 . 2007-05-22 17:54 1,769,472 --a------ c:\windows\System32\VTROM.bin
2009-03-14 06:47 . 2009-03-14 06:48 <DIR> d--h----- c:\program files\Temp
2009-03-13 01:22 . 2009-03-13 01:22 <DIR> d-------- c:\users\James\AppData\Roaming\GetRightToGo
2009-03-12 01:54 . 2009-03-12 01:54 <DIR> d-------- c:\users\All Users\SymplisIT
2009-03-12 01:54 . 2009-03-12 01:54 <DIR> d-------- c:\programdata\SymplisIT
2009-03-12 01:53 . 2009-03-14 06:32 <DIR> d-------- C:\Driver Backups
2009-03-12 01:49 . 2009-03-12 01:49 <DIR> d-------- c:\program files\SymplisIT
2009-03-12 01:48 . 2009-03-12 01:48 <DIR> d-------- c:\windows\Downloaded Installations
2009-03-12 01:26 . 2009-03-12 01:26 <DIR> d-------- c:\users\All Users\PC Drivers HeadQuarters
2009-03-12 01:26 . 2009-03-12 01:26 <DIR> d-------- c:\programdata\PC Drivers HeadQuarters
2009-03-11 12:02 . 2008-11-27 05:43 268,288 --a------ c:\windows\System32\schannel.dll
2009-03-11 12:01 . 2009-02-09 04:10 2,033,152 --a------ c:\windows\System32\win32k.sys
2009-03-08 04:41 . 2009-03-08 04:41 <DIR> d-------- c:\windows\Icon_Patcher
2009-03-08 04:39 . 2009-03-08 04:39 <DIR> d-------- c:\program files\Common Files\Stardock
2009-03-03 20:22 . 2009-03-03 20:22 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-03-03 03:15 . 2008-12-16 04:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2009-03-03 03:15 . 2008-12-16 06:31 7,680 --a------ c:\windows\System32\spwmp.dll
2009-03-03 03:15 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\msdxm.ocx
2009-03-03 03:15 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\dxmasf.dll
2009-03-03 02:48 . 2009-03-03 02:48 <DIR> d-------- c:\program files\Adobe Media Player
2009-03-03 02:44 . 2009-03-03 02:44 <DIR> d-------- c:\program files\Common Files\Adobe AIR
2009-03-03 00:59 . 2009-03-14 07:07 50 --a------ c:\windows\MegaManager.INI
2009-03-02 19:19 . 2009-03-02 19:19 603,904 --a------ c:\windows\System32\TUProgSt.exe
2009-03-02 19:19 . 2009-03-02 19:19 360,192 --a------ c:\windows\System32\TuneUpDefragService.exe
2009-03-02 19:19 . 2008-12-11 13:31 27,904 --a------ c:\windows\System32\uxtuneup.dll
2009-03-02 19:19 . 2008-12-11 13:31 17,152 --a------ c:\windows\System32\authuitu.dll
2009-03-02 17:48 . 2009-03-12 02:56 <DIR> d-------- c:\program files\uTorrent Turbo Booster
2009-03-01 08:58 . 2009-03-01 08:58 <DIR> d-------- c:\users\Jacqueline\AppData\Roaming\ESET
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-29 20:52 --------- d-----w c:\program files\AviSynth 2.5
2009-03-29 20:43 --------- d-----w c:\program files\Xilisoft
2009-03-29 20:42 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-29 20:42 --------- d-----w c:\programdata\eBay
2009-03-29 20:33 --------- d-----w c:\users\James\AppData\Roaming\Skype
2009-03-29 19:44 --------- d-----w c:\programdata\Google Updater
2009-03-29 16:29 --------- d-----w c:\users\James\AppData\Roaming\skypePM
2009-03-29 11:16 348,160 ----a-w c:\windows\System32\msvcr71.dll
2009-03-27 13:48 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-26 17:44 --------- d-----w c:\users\James\AppData\Roaming\uTorrent
2009-03-20 00:52 --------- d-----w c:\users\James\AppData\Roaming\Vso
2009-03-20 00:51 47,360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2009-03-20 00:51 47,360 ----a-w c:\users\James\AppData\Roaming\pcouffin.sys
2009-03-14 18:55 --------- d-----w c:\users\James\AppData\Roaming\dvdcss
2009-03-14 05:52 --------- d-----w c:\program files\S3
2009-03-14 05:47 319,456 ----a-w c:\windows\DIFxAPI.dll
2009-03-11 20:13 --------- d-----w c:\users\James\AppData\Roaming\LimeWire
2009-03-11 17:43 --------- d-----w c:\programdata\Microsoft Help
2009-03-11 17:27 --------- d-----w c:\program files\Windows Mail
2009-03-08 13:11 --------- d-----w c:\users\James\AppData\Roaming\gtk-2.0
2009-03-03 01:50 --------- d-----w c:\program files\Common Files\Adobe
2009-03-03 00:40 174 --sha-w c:\program files\desktop.ini
2009-03-02 18:19 --------- d-----w c:\program files\TuneUp Utilities 2009
2009-02-28 21:43 --------- d-----w c:\users\Mishy Moo\AppData\Roaming\ESET
2009-02-28 20:42 --------- d-----w c:\program files\XviD
2009-02-28 20:29 --------- d-----w c:\users\James\AppData\Roaming\ESET
2009-02-28 20:26 --------- d-----w c:\programdata\ESET
2009-02-28 20:26 --------- d-----w c:\program files\ESET
2009-02-28 20:09 --------- d-----w c:\program files\Real
2009-02-28 20:09 --------- d-----w c:\program files\Common Files\xing shared
2009-02-28 20:09 --------- d-----w c:\program files\Common Files\Real
2009-02-22 08:25 --------- d-----w c:\program files\Windows Live
2009-02-22 08:25 --------- d-----w c:\program files\Microsoft
2009-02-22 08:24 --------- d-----w c:\program files\Microsoft Sync Framework
2009-02-22 08:21 --------- d-----w c:\program files\Windows Live SkyDrive
2009-02-22 03:23 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2009-02-21 16:28 --------- d-----w c:\programdata\Norton
2009-02-21 14:30 --------- d-----w c:\users\James\AppData\Roaming\Malwarebytes
2009-02-21 14:29 --------- d-----w c:\programdata\Malwarebytes
2009-02-21 14:29 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-20 00:52 --------- d-----w c:\program files\Trend Micro
2009-02-20 00:33 --------- d-----w c:\programdata\Symantec
2009-02-20 00:27 --------- d-----w c:\programdata\NortonInstaller
2009-02-19 19:31 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-19 16:52 410,984 ----a-w c:\windows\System32\deploytk.dll
2009-02-19 16:52 --------- d-----w c:\program files\Java
2009-02-19 15:14 --------- d-----w c:\users\James\AppData\Roaming\DMCache
2009-02-19 03:02 --------- d-----w c:\programdata\DVD Shrink
2009-02-19 02:53 --------- d-----w c:\users\James\AppData\Roaming\HandBrake
2009-02-17 05:14 --------- d-----w c:\users\James\AppData\Roaming\Megaupload
2009-02-17 05:09 --------- d-----w c:\programdata\Megaupload
2009-02-17 05:09 --------- d-----w c:\programdata\EmailNotifier
2009-02-17 05:08 --------- d-----w c:\program files\Megaupload
2009-02-17 02:14 --------- d-----w c:\program files\RealArcade
2009-02-16 15:40 --------- d-----w c:\users\James\AppData\Roaming\Xilisoft Corporation
2009-02-14 11:49 --------- d-----w c:\program files\GIMP-2.0
2009-02-11 16:48 --------- d-----w c:\programdata\FLEXnet
2009-02-11 10:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 10:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-02-11 09:00 --------- d-----w c:\users\James\AppData\Roaming\TuneUp Software
2009-02-11 08:59 --------- d-sh--w c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-02-11 08:59 --------- d-----w c:\programdata\TuneUp Software
2009-02-11 08:58 --------- d-----w c:\program files\Google
2009-02-11 08:54 --------- d-----w c:\program files\PC Tune-Up
2009-02-11 08:11 --------- d-----w c:\program files\Common Files\Macrovision Shared
2009-02-09 14:12 --------- d-----w c:\programdata\TEMP
2009-02-06 19:03 307,576 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 18:52 49,504 ----a-w c:\windows\System32\sirenacm.dll
2009-02-06 18:08 55,280 ----a-w c:\windows\system32\drivers\fssfltr.sys
2009-02-06 15:03 --------- d-----w c:\users\Jacqueline\AppData\Roaming\AdobeUM
2009-02-05 23:52 --------- d-----w c:\users\Mishy Moo\AppData\Roaming\Skype
2009-02-05 13:37 49,152 ----a-r c:\windows\System32\inetwh32.dll
2009-02-05 13:37 1,044,480 ----a-r c:\windows\System32\roboex32.dll
2009-02-03 20:29 --------- d-----w c:\users\Jacqueline\AppData\Roaming\DivX
2009-02-02 22:11 --------- d-----w c:\users\James\AppData\Roaming\DivX
2009-02-02 22:10 --------- d-----w c:\program files\DivX
2009-02-02 22:09 --------- d-----w c:\program files\Common Files\PX Storage Engine
2009-02-01 16:33 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-02-01 16:03 --------- d-----w c:\program files\MSBuild
2009-02-01 16:03 --------- d-----w c:\program files\Microsoft Works
2009-02-01 16:02 --------- d-----w c:\program files\Microsoft.NET
2009-02-01 15:59 --------- d-----w c:\program files\Microsoft Visual Studio 8
2009-02-01 02:15 --------- d-----w c:\program files\Common Files\logishrd
2009-02-01 02:13 --------- d-----w c:\programdata\Logishrd
2009-02-01 02:13 --------- d-----w c:\program files\Logitech
2009-02-01 01:45 --------- d-----w c:\program files\Windows Sidebar
2009-02-01 01:45 --------- d-----w c:\program files\Windows Photo Gallery
2009-02-01 01:45 --------- d-----w c:\program files\Windows Defender
2009-02-01 01:45 --------- d-----w c:\program files\Windows Collaboration
2009-02-01 01:45 --------- d-----w c:\program files\Windows Calendar
2009-02-01 01:31 82,432 ----a-w c:\windows\System32\axaltocm.dll
2009-02-01 01:31 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2009-02-01 01:17 --------- d-----w c:\users\James\AppData\Roaming\Apple Computer
2009-02-01 01:16 --------- d-----w c:\programdata\Apple Computer
2009-02-01 01:16 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-02-01 01:16 --------- d-----w c:\program files\iTunes
2009-02-01 01:16 --------- d-----w c:\program files\iPod
2009-02-01 01:16 --------- d-----w c:\program files\Common Files\Apple
2009-02-01 01:15 --------- d-----w c:\program files\Bonjour
2009-02-01 01:14 --------- d-----w c:\program files\QuickTime
.
((((((((((((((((((((((((((((( SnapShot@2009-02-21_21.53.47.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-10-02 19:57:52 184,191 ----a-w c:\windows\ApplyTheme.exe
- 2009-02-01 16:02:54 248,632 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2009-02-22 03:18:03 250,928 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
- 2009-02-01 16:02:54 781,104 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2009-02-22 03:10:39 783,744 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
- 2009-02-01 16:03:44 118,112 ----a-w c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
+ 2009-02-22 03:11:10 120,408 ----a-w c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
- 2009-02-01 16:03:44 609,104 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll
+ 2009-02-22 03:11:10 611,392 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll
+ 2009-03-12 00:27:15 265,728 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\18080b703544e6038e184d7d6a31b932\DriversHQ.DriverDetective.Client.Communication.ni.dll
+ 2009-03-12 00:27:12 3,295,744 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\8c2ad76af59fb9b4b67908bd41f03929\DriversHQ.DriverDetective.Client.ni.exe
+ 2009-03-12 00:27:17 227,840 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\910f0eb01d5a904339c535d25c144b9d\DriversHQ.DriverDetective.Common.ni.dll
+ 2009-03-12 00:27:27 46,080 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\b108d18e492693c8c8c9318082c0c4e7\DriversHQ.DriverDetective.Client.DirectX.ni.dll
+ 2009-03-12 00:27:21 57,856 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\f8e82904c34db2e65f0fe694302d6aa5\DriversHQ.DriverDetective.ExceptionLogging.ni.dll
+ 2009-03-12 00:27:23 230,400 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\e3644d330a67bbeebbf49060edc11c27\Microsoft.ApplicationBlocks.Updater.ni.dll
+ 2009-03-12 00:27:25 304,128 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\52d9f06436583a3f48df5c629d072d96\Microsoft.Practices.ObjectBuilder.ni.dll
+ 2009-03-12 00:27:26 148,480 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\7e63ae27393c3cb39a7684373ebc825f\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll
+ 2009-03-12 00:27:24 309,248 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\a8c9d74290413ebf5632c68277a7fac7\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll
+ 2009-02-22 09:59:09 145,920 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\b6c3541e8a9df4ddbd720eb4c4dfd5e8\WindowsLive.Client.ni.dll
+ 2009-02-22 09:59:06 118,784 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\
01ac4b7ff5021dad8a2a4ca560e4b2d7\WindowsLive.Writer.Extensibility.ni.dll
+ 2009-02-22 09:58:57 843,776 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\
0521176f85dd52cee07fb05917197f4f\WindowsLive.Writer.Controls.ni.dll
+ 2009-02-22 09:59:07 99,840 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1b63823a5b3ae8aa81cb94997db390ab\WindowsLive.Writer.Api.ni.dll
+ 2009-02-22 09:59:03 428,032 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\1c76889f6da313c75b11eaf60461c82e\WindowsLive.Writer.Localization.ni.dll
+ 2009-02-22 09:59:10 594,944 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\20fb431e55c3f27ad51498fe55d37ae4\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2009-02-22 09:58:55 6,392,832 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2a806fa96e3330a853ef9834dffdebf4\WindowsLive.Writer.PostEditor.ni.dll
+ 2009-02-22 09:59:04 258,048 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2e9d7206e575145912ce8aa61b211d77\WindowsLive.Writer.Mshtml.ni.dll
+ 2009-02-22 09:59:08 851,968 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\3c0571b569bad5e54a9932c8a898107e\WindowsLive.Writer.BlogClient.ni.dll
+ 2009-02-22 09:59:12 119,296 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\423d86baaaa446228fc3205bd0671318\WindowsLive.Writer.FileDestinations.ni.dll
+ 2009-02-22 09:59:02 152,064 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\56771dc2fe172f871091c71ac3a561c2\WindowsLive.Writer.HtmlParser.ni.dll
+ 2009-02-22 09:59:12 117,760 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7db7da9911abb2aa8a4e94ef744e7586\WindowsLive.Writer.Instrumentation.ni.dll
+ 2009-02-22 09:59:00 319,488 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\84e8e405b3075006fb93c866af02c63c\WindowsLive.Writer.Interop.ni.dll
+ 2009-02-22 09:59:01 313,856 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8a6fcbec105088d656a22542a0af3327\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2009-02-22 09:59:11 322,048 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\93193886e8077ef3c8de1ea5f0edd7f8\WindowsLive.Writer.SpellChecker.ni.dll
+ 2009-02-22 09:58:59 2,002,432 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\99870d72535ce9a8c53ac80236c675c4\WindowsLive.Writer.CoreServices.ni.dll
+ 2009-02-22 09:59:03 108,544 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b58392b9d39e8daf17f3bd78ab1147d0\WindowsLive.Writer.Passport.ni.dll
+ 2009-02-22 09:59:05 1,105,920 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ce1b4192a4cf7472f1755e3aaee3aef3\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2009-02-22 09:59:02 334,848 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\db7a09cf44aa9b0d0e57ddee3762ab1a\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2009-02-22 09:59:01 174,080 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dff83a93cfce38247be2ac2e0a8785a9\WindowsLive.Writer.BrowserControl.ni.dll
+ 2009-02-22 09:59:14 627,712 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\a362ea14c0fe23d4f2aea8ec021f0d3e\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2009-02-22 09:58:47 47,616 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\f0940934a3aa33b7671f416206a76c03\WindowsLiveWriter.ni.exe
+ 2009-03-12 00:27:22 119,296 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\XPBurnComponent\14970b7d0ba02022eeae50e3ff78c941\XPBurnComponent.ni.dll
- 2005-10-20 20:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
+ 2004-09-12 15:10:42 5,160 ---ha-r c:\windows\Icon_Patcher\.ReplacerTemp\Special.cmd
+ 2004-09-12 15:10:42 5,456 ---ha-r c:\windows\Icon_Patcher\.ReplacerTemp\Zap.exe
+ 2005-02-02 22:30:32 8,636 ----a-w c:\windows\Icon_Patcher\modifype.exe
+ 2004-09-12 11:10:42 11,578 ----a-w c:\windows\Icon_Patcher\Replacer.cmd
+ 2005-12-18 19:57:54 881,664 ----a-w c:\windows\Icon_Patcher\tools\ResHacker.exe
- 2009-02-21 21:38:13 51,200 ----a-w c:\windows\inf\infpub.dat
+ 2009-03-26 17:31:11 51,200 ----a-w c:\windows\inf\infpub.dat
- 2009-02-21 21:38:13 86,016 ----a-w c:\windows\inf\infstor.dat
+ 2009-03-26 17:31:09 86,016 ----a-w c:\windows\inf\infstor.dat
- 2009-02-21 21:38:12 86,016 ----a-w c:\windows\inf\infstrng.dat
+ 2009-03-26 17:31:11 143,360 ----a-w c:\windows\inf\infstrng.dat
+ 2006-10-27 15:00:10 576,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACACEDAO.DLL
+ 2006-10-26 21:18:12 162,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACCWIZ.DLL
+ 2006-10-27 15:00:12 1,751,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACECORE.DLL
+ 2006-10-27 15:00:10 576,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEDAO.DLL
+ 2006-10-27 15:00:06 47,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEERR.DLL
+ 2006-10-27 15:00:08 191,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEES.DLL
+ 2006-10-26 20:13:34 338,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEEXCH.DLL
+ 2006-10-26 20:13:44 629,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEEXCL.DLL
+ 2006-10-26 20:13:28 207,736 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACELTS.DLL
+ 2006-10-26 20:13:32 279,352 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEODBC.DLL
+ 2006-10-26 20:13:08 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEODDBS.DLL
+ 2006-10-26 20:13:08 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEODEXL.DLL
+ 2006-10-26 20:13:08 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEODPDX.DLL
+ 2006-10-26 20:13:12 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEODTXT.DLL
+ 2006-10-27 15:00:06 387,960 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEOLEDB.DLL
+ 2006-10-26 20:13:38 392,048 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEPDE.DLL
+ 2006-10-26 20:13:30 260,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACER2X.DLL
+ 2006-10-26 20:13:32 289,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACER3X.DLL
+ 2006-10-26 20:13:20 56,120 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACERCLR.DLL
+ 2006-10-26 20:13:38 551,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEREP.DLL
+ 2006-10-26 20:13:30 224,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACETXT.DLL
+ 2006-10-27 15:40:34 208,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEWSS.DLL
+ 2006-10-26 20:13:34 371,568 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ACEXBE.DLL
+ 2006-10-27 15:41:04 399,640 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\CDLMSO.DLL
+ 2006-10-26 19:59:24 205,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\CLVIEW.EXE
+ 2006-10-26 21:30:42 65,312 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\COLLIMP.DLL
+ 2006-10-27 15:16:36 133,936 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\CONTAB32.DLL
+ 2006-10-26 20:12:52 189,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\CONTACTPICKER.DLL
+ 2006-10-26 20:55:32 87,344 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\DLGSETP.DLL
+ 2006-10-27 00:48:08 234,784 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\DRAT.EXE
+ 2006-10-27 15:07:36 17,891,112 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\EXCEL.EXE
+ 2006-10-26 14:10:08 1,190,688 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\FM20.DLL
+ 2006-10-26 14:04:58 75,576 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\FORM.DLL
+ 2006-10-26 19:21:24 1,682,232 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\FPSRVUTL.DLL
+ 2006-10-27 15:09:36 983,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\FPWEC.DLL
+ 2006-10-26 20:02:12 2,526,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GRAPH.EXE
+ 2006-10-27 15:37:44 338,216 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVE.EXE
+ 2006-10-27 15:38:02 6,191,400 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEACCOUNTMGR.DLL
+ 2006-10-27 15:37:44 284,448 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEAUDIO.DLL
+ 2006-10-27 00:47:54 65,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEAUDITSERVICE.EXE
+ 2006-10-27 15:37:40 34,088 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEAUTOPROXY.DLL
+ 2006-10-27 15:37:44 300,336 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVECALENDARTOOL.DLL
+ 2006-10-27 00:47:44 33,568 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVECLEAN.EXE
+ 2006-10-27 15:37:56 2,689,336 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMONCOMPONENTS.DLL
+ 2006-10-27 15:38:00 3,508,544 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMUNICATIONSSERVICES.DLL
+ 2006-10-27 15:37:40 117,584 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMUNICATIONSSTATUSANDCONTROL.DLL
+ 2006-10-27 15:37:50 768,304 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVECOMPONENTMGR.DLL
+ 2006-10-27 15:37:52 1,359,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVECRYPTO.DLL
+ 2006-10-27 00:48:24 377,136 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEDATAVIEWERTOOL.DLL
+ 2006-10-27 15:37:58 3,071,288 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEDOCUMENTSHARETOOL.DLL
+ 2006-10-27 15:37:44 284,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEFETCHSERVICES.DLL
+ 2006-10-27 00:48:00 197,920 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEGAMES.DLL
+ 2006-10-27 00:48:18 317,736 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEMIGRATOR.EXE
+ 2006-10-27 00:48:40 1,555,232 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEMISC.DLL
+ 2006-10-27 00:47:42 31,016 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEMONITOR.EXE
+ 2006-10-27 00:47:40 22,808 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVENEW.DLL
+ 2006-10-27 00:48:02 224,048 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEPROJECTTOOLSET.DLL
+ 2006-10-27 15:38:04 7,053,096 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVERESOURCE.DLL
+ 2006-10-27 00:48:42 2,210,608 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVESHELLEXTENSIONS.DLL
+ 2006-10-27 00:48:18 363,304 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVESKETCHTOOL.DLL
+ 2006-10-27 00:47:40 16,688 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVESTDURLLAUNCHER.EXE
+ 2006-10-27 15:37:56 2,738,472 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVESTORAGEMGR.DLL
+ 2006-10-27 15:37:38 35,112 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVESYSTEMMODE.DLL
+ 2006-10-27 00:48:02 222,512 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVESYSTEMSERVICES.DLL
+ 2006-10-27 15:37:50 1,163,048 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVETEXTTOOLS.DLL
+ 2006-10-27 15:38:00 4,746,536 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVETRANSCEIVER.DLL
+ 2006-10-27 15:37:54 1,396,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEUIFRAMEWORK.DLL
+ 2006-10-27 00:48:34 955,680 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEUTIL.DLL
+ 2006-10-27 15:37:40 268,080 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBBROWSERTOOL2.DLL
+ 2006-10-27 00:48:26 572,216 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBPLATFORMSERVICES.DLL
+ 2006-10-27 15:37:48 631,080 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBSERVICES.DLL
+ 2006-10-26 20:12:52 173,328 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\IEAWSDC.DLL
+ 2006-10-26 20:55:38 138,024 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\IMPMAIL.DLL
+ 2006-10-27 15:10:08 1,439,032 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\INFOPATH.EXE
+ 2006-10-27 15:10:10 5,456,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\IPDESIGN.DLL
+ 2006-10-27 15:10:10 5,281,592 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\IPEDITOR.DLL
+ 2006-10-26 21:42:00 176,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\IPOLK.DLL
+ 2009-02-01 16:03:44 609,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\IPOMHOST.DLL
+ 2009-02-01 16:03:44 118,112 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\IPOMINT.DLL
+ 2006-10-26 19:55:10 828,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MEDCAT.DLL
+ 2006-10-26 20:55:48 340,248 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MIMEDIR.DLL
+ 2006-10-27 15:04:08 497,504 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MORPH9.DLL
+ 2006-10-27 15:01:34 10,371,880 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSACCESS.EXE
+ 2006-10-26 21:18:06 66,880 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSAEXP30.DLL
+ 2006-10-26 13:58:14 117,552 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSCONV97.DLL
+ 2006-10-27 15:26:40 16,870,712 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSO.DLL
+ 2006-10-27 14:59:06 161,080 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSOCF.DLL
+ 2006-10-26 19:48:12 14,664 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSOCFU.DLL
+ 2006-10-26 20:12:58 428,816 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSODCW.DLL
+ 2006-10-26 21:13:36 26,936 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSOEURO.DLL
+ 2006-10-26 20:00:08 6,635,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSORES.DLL
+ 2006-10-26 13:56:36 436,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSORUN.DLL
+ 2006-10-27 15:04:10 9,581,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSPUB.EXE
+ 2006-10-26 19:50:04 672,024 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSQRY32.EXE
+ 2006-10-26 13:56:40 505,136 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSSOAP30.DLL
+ 2006-10-26 19:55:12 832,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSTORDB.EXE
+ 2006-10-26 19:55:06 538,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\MSTORES.DLL
+ 2006-10-26 20:12:30 65,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\NAME.DLL
+ 2006-10-27 15:14:34 14,151,456 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OART.DLL
+ 2006-10-26 20:42:36 8,423,224 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OARTCONV.DLL
+ 2006-10-26 20:06:54 232,816 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ODEPLOY.EXE
+ 2006-10-26 20:14:06 7,033,152 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OFFOWC.DLL
+ 2006-10-27 15:18:36 1,658,152 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OGL.DLL
+ 2006-10-26 20:00:08 274,744 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OIS.EXE
+ 2006-10-26 20:00:12 998,208 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OISAPP.DLL
+ 2006-10-26 20:00:10 285,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OISGRAPH.DLL
+ 2006-10-27 15:16:46 2,939,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OLMAPI32.DLL
+ 2006-10-26 20:34:12 660,792 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OMSMAIN.DLL
+ 2006-10-26 20:34:10 192,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OMSXP32.DLL
+ 2006-10-26 20:32:42 604,000 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONBTTNIE.DLL
+ 2006-10-27 15:39:36 687,432 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONBTTNOL.DLL
+ 2006-10-27 15:03:04 1,018,664 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONENOTE.EXE
+ 2006-10-26 20:24:54 98,632 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONENOTEM.EXE
+ 2006-10-26 20:24:50 72,504 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONFILTER.DLL
+ 2006-10-26 20:24:58 1,165,112 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONLIBS.DLL
+ 2006-10-27 15:03:06 6,579,512 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONMAIN.DLL
+ 2006-10-26 20:23:00 782,720 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\ONSYNCPC.DLL
+ 2006-10-26 20:07:04 6,536,992 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OSETUP.DLL
+ 2006-09-15 16:25:18 3,611,416 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OUTLFLTR.DAT
+ 2006-07-26 18:53:56 459,080 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL
+ 2006-10-27 15:16:44 594,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OUTLMIME.DLL
+ 2006-10-27 15:16:48 12,813,096 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OUTLOOK.EXE
+ 2006-10-27 15:16:40 176,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OUTLPH.DLL
+ 2006-10-27 15:16:36 46,864 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\OUTLRPC.DLL
+ 2006-10-26 21:30:44 482,088 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PORTCONN.DLL
+ 2006-10-27 15:04:06 465,200 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\POWERPNT.EXE
+ 2006-10-27 15:04:06 7,980,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PPCORE.DLL
+ 2009-02-01 16:02:54 248,632 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PPTPIA.DLL
+ 2006-10-26 19:52:10 2,012,480 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PPTVIEW.EXE
+ 2006-10-26 20:09:36 136,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PRTF9.DLL
+ 2006-10-26 14:05:00 77,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PSOM.DLL
+ 2006-10-26 20:55:54 413,472 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PSTPRX32.DLL
+ 2006-10-27 15:04:06 624,456 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PTXT9.DLL
+ 2006-10-26 20:09:44 590,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\PUBCONV.DLL
+ 2006-10-26 21:13:38 38,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\REFEDIT.DLL
+ 2006-10-26 21:42:12 744,808 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\REGFORM.EXE
+ 2006-10-26 14:04:44 19,784 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\REVERSE.DLL
+ 2006-10-26 20:55:44 263,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\SCNPST32.DLL
+ 2006-10-26 20:55:44 272,744 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\SCNPST64.DLL
+ 2006-10-26 20:13:00 503,624 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\SELFCERT.EXE
+ 2006-10-26 20:06:58 439,600 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\SETUP.EXE
+ 2006-10-26 21:18:16 502,608 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\SOA.DLL
+ 2006-07-28 15:21:58 277,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\SSGEN.DLL
+ 2006-10-27 14:57:08 2,330,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\STSLIST.DLL
+ 2006-10-26 14:04:48 29,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\THOCRAPI.DLL
+ 2006-10-26 14:05:04 126,784 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\TWCUTCHR.DLL
+ 2006-10-26 14:05:02 86,840 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\TWCUTLIN.DLL
+ 2006-10-26 14:04:56 58,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\TWLAY32.DLL
+ 2006-10-26 14:04:48 27,456 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\TWORIENT.DLL
+ 2006-10-26 14:04:54 51,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\TWRECE.DLL
+ 2006-10-26 14:04:44 19,784 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\TWRECS.DLL
+ 2006-10-26 14:04:58 76,624 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\TWSTRUCT.DLL
+ 2006-09-30 00:42:56 2,583,344 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\VBE6.DLL
+ 2006-10-26 23:00:12 1,841,984 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\VVIEWDWG.DLL
+ 2006-10-26 22:58:38 3,732,792 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\VVIEWER.DLL
+ 2006-10-27 15:23:04 347,432 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\WINWORD.EXE
+ 2009-02-01 16:02:54 781,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\WORDPIA.DLL
+ 2006-10-27 15:11:38 4,235,560 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\WRD12CNV.DLL
+ 2006-10-27 15:11:36 21,264 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\WRD12EXE.EXE
+ 2006-10-27 15:23:08 17,483,560 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\WWLIB.DLL
+ 2006-10-26 14:05:08 1,181,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\XIMAGE3B.DLL
+ 2006-10-26 21:13:08 14,674,216 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\XL12CNV.EXE
+ 2006-10-26 21:17:08 11,072 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\XLCALL32.DLL
+ 2006-10-26 14:05:08 530,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.4518\XPAGE3C.DLL
+ 2007-10-05 20:37:38 17,927,192 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\EXCEL.EXE
+ 2007-08-28 23:38:10 500,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\MORPH9.DLL
+ 2007-09-14 21:45:58 16,901,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\MSO.DLL
+ 2007-08-28 23:38:46 9,584,512 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\MSPUB.EXE
+ 2007-08-29 00:19:24 1,654,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\OGL.DLL
+ 2007-08-28 23:06:16 467,840 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\POWERPNT.EXE
+ 2007-08-28 23:06:44 7,990,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\PPCORE.DLL
+ 2009-02-22 03:11:54 251,272 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\PPTPIA.DLL
+ 2007-08-24 03:43:28 138,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\PRTF9.DLL
+ 2007-08-28 23:39:14 625,560 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\PTXT9.DLL
+ 2007-08-24 03:43:36 593,296 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\PUBCONV.DLL
+ 2007-08-28 23:16:00 350,064 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\WINWORD.EXE
+ 2007-09-06 17:56:32 17,490,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\WWLIB.DLL
+ 2007-10-02 20:00:06 14,708,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\XL12CNV.EXE
+ 2007-08-24 05:14:14 13,712 ----a-r c:\windows\Installer\$PatchCache$\Managed\
00002109030000000000000000F01FEC\12.0.6215\XLCALL32.DLL
+ 2008-11-12 16:44:18 17,152 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\authuitu_x86.dll
+ 2008-11-20 16:28:16 163,584 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\DiskDoctor.exe
+ 2008-11-20 16:28:16 463,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\DiskExplorer.exe
+ 2008-11-20 16:28:18 221,952 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\DriveDefrag.exe
+ 2008-11-12 16:44:08 25,856 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\DseShExtx86.dll
+ 2008-11-20 16:28:48 593,152 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\OneClick.exe
+ 2008-11-20 16:28:50 42,752 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\OneClickStarter.exe
+ 2008-11-20 16:28:50 38,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\PMLauncher.exe
+ 2008-11-20 16:28:52 397,568 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\ProcessManager.exe
+ 2008-11-20 16:28:12 272,952 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\ProductInfo.dat
+ 2008-11-20 16:28:54 504,576 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegistryCleaner.exe
+ 2008-11-20 16:28:54 160,000 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegistryDefrag.exe
+ 2008-11-20 16:28:56 16,640 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegistryDefragHelper.exe
+ 2008-11-20 16:28:56 327,936 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegistryEditor.exe
+ 2008-11-20 16:28:58 85,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RegWiz.exe
+ 2008-11-20 16:29:00 166,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RepairWizard.exe
+ 2008-11-20 16:29:00 197,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\RescueCenter.exe
+ 2008-11-12 16:44:20 27,392 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SDShelEx86.dll
+ 2008-11-20 16:29:02 227,072 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\ShortcutCleaner.exe
+ 2008-11-20 16:29:14 173,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\Shredder.exe
+ 2008-11-20 16:30:12 921,344 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SilentUpdater.exe
+ 2008-11-20 16:30:14 1,182,464 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SpeedOptimizer.exe
+ 2008-11-20 16:30:28 352,000 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\StartUpManager.exe
+ 2008-11-20 16:30:28 129,280 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SystemControl.exe
+ 2008-11-20 16:30:30 341,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\SystemInformation.exe
+ 2008-11-12 16:44:12 887,552 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\TUDefragService.dll
+ 2008-11-20 16:30:32 57,600 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\TUInstallHelper.exe
+ 2008-11-20 16:30:32 15,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\TUMessages.exe
+ 2008-11-20 16:30:34 11,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\tux64thk.exe
+ 2008-11-20 16:30:34 238,336 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\Undelete.exe
+ 2008-11-20 16:30:36 280,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\UninstallManager.exe
+ 2008-11-20 16:30:38 218,880 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\UpdateWizard.exe
+ 2008-11-12 16:44:18 27,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\uxtuneupx86.dll
+ 2008-11-20 16:30:38 915,712 ----a-r c:\windows\Installer\$PatchCache$\Managed\86092A55EC2FC65419848C9678E93275\8.0.1100\WinStyler.exe
- 2009-01-28 15:03:06 80,395 ----a-r c:\windows\Installer\{0AAA9C97-74D4-47CE-B089-0B147EF3553C}\MsblIco.Exe
+ 2009-02-22 08:21:32 80,395 ----a-r c:\windows\Installer\{0AAA9C97-74D4-47CE-B089-0B147EF3553C}\MsblIco.Exe
+ 2009-02-22 08:24:20 132,096 ----a-r c:\windows\Installer\{3C52E7DA-C431-4239-B66B-1BF703D5B194}\WLXPhotoGalleryIcon.exe
+ 2009-02-28 20:29:37 10,134 ----a-r c:\windows\Installer\{4CEBE5E6-D1FD-4BDF-8C9C-29A9A3CC2B7C}\callmsi.exe
+ 2009-02-28 20:29:37 140,544 ----a-r c:\windows\Installer\{4CEBE5E6-D1FD-4BDF-8C9C-29A9A3CC2B7C}\egui.exe
+ 2009-02-22 08:22:00 58,945 ----a-r c:\windows\Installer\{63C1109E-D977-49ED-BCE3-D00D0BF187D6}\wlmail.exe
+ 2009-03-29 21:12:11 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2009-02-01 16:11:03 1,165,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-03-11 17:25:09 1,165,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2009-02-01 16:11:04 20,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-03-11 17:25:10 20,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2009-02-01 16:11:03 159,504 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2009-03-11 17:25:09 159,504 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2009-02-01 16:11:03 184,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-03-11 17:25:09 184,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2009-02-01 16:11:04 217,864 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2009-03-11 17:25:10 217,864 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2009-02-01 16:11:04 18,704 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-03-11 17:25:10 18,704 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-02-01 16:11:04 35,088 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-03-11 17:25:10 35,088 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-02-01 16:11:04 845,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-03-11 17:25:09 845,584 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2009-02-01 16:11:04 922,384 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-03-11 17:25:09 922,384 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2009-02-01 16:11:04 272,648 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2009-03-11 17:25:10 272,648 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2009-02-01 16:11:04 888,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-03-11 17:25:10 888,080 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-02-01 16:11:03 1,172,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-03-11 17:25:09 1,172,240 ----a-r c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-02-01 15:57:59 217,864 ----a-r c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2009-02-22 03:30:20 217,864 ----a-r c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2009-03-29 11:18:35 9,662 ----a-r c:\windows\Installer\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\ARPPRODUCTICON.exe
+ 2009-03-29 11:19:22 16,136 ----a-w c:\windows\Installer\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\emodio.dat
+ 2009-02-22 08:20:50 62,304 ----a-r c:\windows\Installer\{F6BD194C-4190-4D73-B1B1-C48C99921BFE}\IconWlc.exe
- 2000-08-31 08:00:00 29,696 ----a-w c:\windows\NIRCMD.exe
+ 2000-08-31 07:00:00 29,696 ----a-w c:\windows\NIRCMD.exe
+ 2006-09-10 11:44:20 49,152 ----a-w c:\windows\reico.exe
+ 2008-12-12 21:17:20 352,768 ----a-w c:\windows\Resources\Themes\Aero Diamond\Shell\NormalColor\shellstyle.dll
+ 2006-12-04 13:22:40 587,264 ----a-w c:\windows\Resources\Themes\Vista_Anthracite\Shell\NormalColor\Shellstyle.dll
+ 2009-03-29 22:27:58 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-03-29 22:27:58 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-02-21 21:41:38 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-03-29 22:31:51 143,360 ----a-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-03-22 01:18:28 16,384 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-03-22 01:18:28 32,768 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-02 11:51:56 2,573,131 -c--a-w c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing\tokens.dat
+ 2009-03-03 02:26:10 2,573,131 -c--a-w c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing\tokens.dat
+ 2009-03-22 01:18:28 16,384 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-03-22 01:18:28 245,760 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-02-21 21:52:53 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-03-29 23:01:29 262,144 ----a-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2000-08-31 08:00:00 161,792 ----a-w c:\windows\SWREG.exe
+ 2000-08-31 07:00:00 161,792 ----a-w c:\windows\SWREG.exe
- 2009-02-20 07:43:32 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-03-29 22:28:02 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-20 07:43:32 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-29 22:28:02 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-20 07:43:32 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-03-29 22:28:02 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-03-21 21:42:51 245,760 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-02-21 21:44:35 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2009-03-29 22:56:53 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat
+ 2006-11-29 13:06:18 3,426,072 ----a-w c:\windows\System32\d3dx9_32.dll
+ 2008-08-14 07:57:42 74,720 ----a-w c:\windows\System32\drivers\adfs.sys
+ 2008-10-24 20:45:32 39,944 ----a-w c:\windows\System32\drivers\eamon.sys
+ 2008-10-24 20:46:24 53,256 ----a-w c:\windows\System32\drivers\easdrv.sys
+ 2008-10-24 20:53:20 73,224 ----a-w c:\windows\System32\drivers\epfw.sys
+ 2008-10-24 20:53:24 31,240 ----a-w c:\windows\System32\drivers\epfwndis.sys
+ 2008-10-24 20:53:26 54,280 ----a-w c:\windows\System32\drivers\epfwtdi.sys
+ 2007-04-24 09:33:34 83,336 ----a-w c:\windows\System32\drivers\s125bus.sys
+ 2007-04-24 09:33:38 12,424 ----a-w c:\windows\System32\drivers\s125cm.sys
+ 2007-04-24 09:33:38 12,424 ----a-w c:\windows\System32\drivers\s125cmnt.sys
+ 2007-04-24 09:33:42 15,112 ----a-w c:\windows\System32\drivers\s125mdfl.sys
+ 2007-04-24 09:33:44 108,680 ----a-w c:\windows\System32\drivers\s125mdm.sys
+ 2007-04-24 09:33:46 98,696 ----a-w c:\windows\System32\drivers\s125obex.sys
+ 2007-04-24 09:33:48 12,424 ----a-w c:\windows\System32\drivers\s125wh.sys
+ 2007-04-24 09:33:48 12,424 ----a-w c:\windows\System32\drivers\s125whnt.sys
+ 2008-10-10 16:11:32 164,352 ----a-w c:\windows\System32\drivers\ucb_lh32.sys
+ 2008-01-19 07:37:09 664,576 ----a-w c:\windows\System32\drivers\UMDF\WpdMtpDr.dll
- 2006-12-09 03:43:44 809,984 ----a-w c:\windows\System32\drivers\VTGKModeDX32.sys
+ 2008-10-17 10:01:26 809,472 ----a-w c:\windows\System32\drivers\VTGKModeDX32.sys
+ 2008-01-19 06:04:19 39,936 ----a-w c:\windows\System32\drivers\WpdUsb.sys
+ 2008-10-24 20:53:24 31,240 ----a-w c:\windows\System32\DriverStore\FileRepository\epfwndis.inf_310c6965\epfwndis.sys
+ 2008-07-21 13:08:40 9,728 ----a-w c:\windows\System32\DriverStore\FileRepository\netrtoem.inf_1cc25bea\RtNicProp32.dll
+ 2008-10-29 16:29:54 43,520 ----a-w c:\windows\System32\DriverStore\FileRepository\netrtoem.inf_1cc25bea\Rtnicxp.sys
+ 2008-03-03 15:59:58 446,464 ----a-w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\S3Cfg3d.dll
+ 2008-08-29 09:55:06 199,680 ----a-w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\S3Clone.dll
+ 2008-10-10 18:58:38 733,184 ----a-w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\S3Disply.dll
+ 2008-03-05 17:12:24 102,400 ----a-w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\S3Funkey.exe
+ 2008-05-28 13:20:36 528,384 ----a-w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\S3Gamma2.dll
+ 2008-05-28 13:32:00 352,256 ----a-w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\S3Info2.dll
+ 2008-07-30 17:53:36 393,216 ----a-w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\S3iset32.dll
+ 2008-07-30 17:53:42 299,008 ----a-w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\S3minset.exe
+ 2008-03-03 15:44:32 602,112 ----a-w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\S3ovrlay.dll
+ 2008-07-08 18:48:16 204,800 ----a-w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\s3trayp.exe
+ 2008-10-10 16:11:32 164,352 ----a-w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\ucb_lh32.sys
+ 2008-10-17 10:01:26 809,472 ----a-w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\VTGKModeDX32.sys
+ 2008-10-17 10:02:42 4,466,688 ----a-w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\VTGOGL32.DLL
+ 2008-10-17 10:02:36 3,546,624 ----a-w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\VTGUModeDX32.dll
+ 2007-05-22 16:54:46 1,769,472 ------w c:\windows\System32\DriverStore\FileRepository\p900lh.inf_36a7bd8a\VTROM.bin
+ 2009-03-20 00:51:21 47,360 ----a-w c:\windows\System32\DriverStore\FileRepository\pcouffin.inf_128c8a99\pcouffin.sys
+ 2007-04-24 09:33:34 83,336 ----a-w c:\windows\System32\DriverStore\FileRepository\s125bus.inf_3a80fb8c\i386\s125bus.sys
+ 2007-04-24 09:33:48 12,424 ----a-w c:\windows\System32\DriverStore\FileRepository\s125bus.inf_3a80fb8c\i386\s125whnt.sys
+ 2007-04-24 09:33:38 12,424 ----a-w c:\windows\System32\DriverStore\FileRepository\s125mdm2.inf_14c9bc82\i386\s125cmnt.sys
+ 2007-04-24 09:33:42 15,112 ----a-w c:\windows\System32\DriverStore\FileRepository\s125mdm2.inf_14c9bc82\i386\s125mdfl.sys
+ 2007-04-24 09:33:44 108,680 ----a-w c:\windows\System32\DriverStore\FileRepository\s125mdm2.inf_14c9bc82\i386\s125mdm.sys
+ 2007-04-24 09:33:38 12,424 ----a-w c:\windows\System32\DriverStore\FileRepository\s125obx2.inf_9c20a3bf\i386\s125cmnt.sys
+ 2007-04-24 09:33:46 98,696 ----a-w c:\windows\System32\DriverStore\FileRepository\s125obx2.inf_9c20a3bf\i386\s125obex.sys
+ 2008-12-16 15:47:00 13,976 ----a-w c:\windows\System32\DriverStore\FileRepository\vminiide.inf_d147f797\videX32.sys
+ 2008-12-16 15:48:40 21,144 ----a-w c:\windows\System32\DriverStore\FileRepository\vminiide.inf_d147f797\xfilt.sys
+ 2009-02-06 18:08:52 55,280 -c--a-w c:\windows\System32\DRVSTORE\fssfltr_9D8141AC16915376436B9EE4A4DDF522797C6456\fssfltr.sys
- 2006-10-26 14:10:08 1,190,688 ----a-w c:\windows\System32\FM20.DLL
+ 2007-08-23 01:03:38 1,195,888 ----a-w c:\windows\System32\FM20.DLL
- 2009-02-15 03:56:34 1,713,824 ----a-w c:\windows\System32\FNTCACHE.DAT
+ 2009-03-14 06:03:05 2,485,736 ----a-w c:\windows\System32\FNTCACHE.DAT
- 2008-10-05 03:24:02 3,695,008 ----a-w c:\windows\System32\Macromed\Flash\NPSWF32.dll
+ 2009-02-03 02:15:28 3,771,296 ----a-w c:\windows\System32\Macromed\Flash\NPSWF32.dll
- 2008-10-05 03:24:04 235,936 ----a-w c:\windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2009-02-03 02:15:30 240,544 ----a-w c:\windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2009-02-03 03:24:01 84,661 ----a-w c:\windows\System32\Macromed\Flash\uninstall_plugin.exe
+ 2009-03-13 00:26:15 84,661 ----a-w c:\windows\System32\Macromed\Flash\uninstall_plugin.exe
+ 2008-09-17 11:36:22 974,848 ----a-w c:\windows\System32\mfc70.dll
+ 2008-09-17 11:36:22 1,046,528 ----a-w c:\windows\System32\MFC71LU.DLL
- 2009-02-03 23:21:12 21,244,864 ----a-w c:\windows\System32\mrt.exe
+ 2009-02-25 12:55:00 24,768,960 ----a-w c:\windows\System32\mrt.exe
- 2007-02-13 16:22:54 947,472 ----a-w c:\windows\System32\msjava.dll
+ 2008-07-31 10:16:54 947,472 ----a-w c:\windows\System32\msjava.dll
+ 2008-09-17 11:36:22 507,904 ----a-w c:\windows\System32\MSLUP71.dll
+ 2008-09-17 11:36:22 352,256 ----a-w c:\windows\System32\MSLUR71.dll
+ 2008-09-30 15:43:34 1,286,152 ----a-w c:\windows\System32\msxml4.dll
+ 2008-09-17 11:36:22 44,544 ----a-w c:\windows\System32\msxml4a.dll
+ 2008-09-17 11:36:22 82,432 ----a-w c:\windows\System32\msxml4r.dll
- 2009-02-21 21:50:02 104,658 ----a-w c:\windows\System32\perfc009.dat
+ 2009-03-29 22:34:17 106,292 ----a-w c:\windows\System32\perfc009.dat
- 2009-02-21 21:50:03 598,782 ----a-w c:\windows\System32\perfh009.dat
+ 2009-03-29 22:34:17 602,846 ----a-w c:\windows\System32\perfh009.dat
+ 2009-02-28 20:09:41 6,656 ----a-w c:\windows\System32\pndx5016.dll
+ 2009-02-28 20:09:41 5,632 ----a-w c:\windows\System32\pndx5032.dll
+ 2008-03-03 15:59:58 446,464 ----a-w c:\windows\System32\S3Cfg3d.dll
- 2006-12-06 13:53:08 17,408 ----a-w c:\windows\System32\S3Clone.dll
+ 2008-08-29 09:55:06 199,680 ----a-w c:\windows\System32\S3Clone.dll
- 2006-11-28 03:36:40 651,264 ----a-w c:\windows\System32\S3Disply.dll
+ 2008-10-10 18:58:38 733,184 ----a-w c:\windows\System32\S3Disply.dll
+ 2008-03-05 17:12:24 102,400 ----a-w c:\windows\System32\S3Funkey.exe
+ 2008-05-28 13:20:36 528,384 ----a-w c:\windows\System32\S3Gamma2.dll
- 2006-11-09 15:29:52 327,680 ----a-w c:\windows\System32\S3Info2.dll
+ 2008-05-28 13:32:00 352,256 ----a-w c:\windows\System32\S3Info2.dll
- 2006-12-07 14:03:06 245,760 ----a-w c:\windows\System32\S3iset32.dll
+ 2008-07-30 17:53:36 393,216 ----a-w c:\windows\System32\S3iset32.dll
- 2006-12-07 14:03:02 167,936 ----a-w c:\windows\System32\S3minset.exe
+ 2008-07-30 17:53:42 299,008 ----a-w c:\windows\System32\S3minset.exe
+ 2008-03-03 15:44:32 602,112 ----a-w c:\windows\System32\S3ovrlay.dll
+ 2008-07-08 18:48:16 204,800 ----a-w c:\windows\System32\s3trayp.exe
+ 2008-12-24 07:48:32 577,536 ----a-w c:\windows\System32\SkinCrafter3_vs2005.dll
- 2009-02-19 23:53:54 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-03-29 21:14:24 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2008-09-30 16:02:56 22,528 ----a-w c:\windows\System32\spool\drivers\w32x86\3\G2PrintUPDDriver.dll
+ 2008-09-30 16:03:30 69,632 ----a-w c:\windows\System32\spool\drivers\w32x86\3\G2PrintUPDUI.dll
+ 2008-09-30 16:01:14 8,192 ----a-w c:\windows\System32\spool\prtprocs\w32x86\GoToPrintProcessor.dll
+ 2008-09-17 11:36:22 258,352 ----a-w c:\windows\System32\unicows.dll
- 2006-12-09 03:48:22 3,991,552 ----a-w c:\windows\System32\VTGOGL32.DLL
+ 2008-10-17 10:02:42 4,466,688 ----a-w c:\windows\System32\VTGOGL32.DLL
- 2006-12-09 03:43:18 2,900,480 ----a-w c:\windows\System32\VTGUModeDX32.dll
+ 2008-10-17 10:02:36 3,546,624 ----a-w c:\windows\System32\VTGUModeDX32.dll
- 2009-02-21 19:28:38 6,118 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2119908331-4203043047-2055449669-1000_UserData.bin
+ 2009-03-29 22:32:39 8,504 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2119908331-4203043047-2055449669-1000_UserData.bin
- 2009-02-20 07:45:28 4,688 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2119908331-4203043047-2055449669-1001_UserData.bin
+ 2009-03-29 07:08:29 6,822 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2119908331-4203043047-2055449669-1001_UserData.bin
- 2009-02-15 03:58:56 3,682 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2119908331-4203043047-2055449669-1002_UserData.bin
+ 2009-03-28 23:58:28 5,262 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2119908331-4203043047-2055449669-1002_UserData.bin
- 2009-02-21 19:28:38 60,700 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-03-29 22:32:38 64,992 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-02-21 19:28:35 28,818 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-03-29 22:32:36 34,908 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-01-29 08:02:06 347,136 ----a-w c:\windows\System32\WindowsCodecsExt.dll
+ 2009-01-29 08:02:06 347,648 ----a-w c:\windows\System32\WindowsCodecsExt.dll
- 2008-01-19 07:37:03 10,620,928 ----a-w c:\windows\System32\wmp.dll
+ 2008-12-16 05:31:35 10,622,976 ----a-w c:\windows\System32\wmp.dll
+ 2008-01-19 07:37:08 33,280 ----a-w c:\windows\System32\WpdConns.dll
+ 2006-11-02 09:46:14 151,552 ----a-w c:\windows\System32\WpdMtp.dll
+ 2008-01-19 07:37:09 60,928 ----a-w c:\windows\System32\WpdMtpUS.dll
+ 2009-01-08 23:01:22 629,760 ----a-w c:\windows\System32\xvidcore.dll
+ 2009-01-25 21:10:48 179,200 ----a-w c:\windows\System32\xvidvfw.dll
- 2009-02-19 23:53:55 156,380,009 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2009-03-29 21:12:18 162,111,467 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2008-12-16 05:53:36 4,096 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\dxmasf.dll
+ 2008-12-16 05:53:35 7,680 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\spwmp.dll
+ 2008-12-16 05:53:36 10,619,904 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\wmp.dll
+ 2008-12-16 05:53:30 107,520 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\wmpconfig.exe
+ 2008-12-16 05:53:30 168,960 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\wmplayer.exe
+ 2008-12-16 04:00:17 8,147,968 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\wmploc.DLL
+ 2008-12-16 05:53:30 107,520 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\wmpshare.exe
+ 2008-12-16 05:37:10 4,096 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\dxmasf.dll
+ 2008-12-16 05:36:47 7,680 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\spwmp.dll
+ 2008-12-16 05:37:33 10,619,904 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\wmp.dll
+ 2008-12-16 03:49:51 107,520 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\wmpconfig.exe
+ 2008-12-16 03:49:38 168,960 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\wmplayer.exe
+ 2008-12-16 03:49:52 8,147,968 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\wmploc.DLL
+ 2008-12-16 03:49:20 107,520 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\wmpshare.exe
+ 2008-12-16 05:31:31 4,096 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\dxmasf.dll
+ 2008-12-16 05:31:30 7,680 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\spwmp.dll
+ 2008-12-16 05:31:35 10,622,976 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\wmp.dll
+ 2008-12-16 05:31:19 107,520 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\wmpconfig.exe
+ 2008-12-16 05:31:19 168,960 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\wmplayer.exe
+ 2008-12-16 03:29:44 8,147,456 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\wmploc.DLL
+ 2008-12-16 05:31:19 107,520 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\wmpshare.exe
+ 2008-12-16 04:32:10 4,096 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\dxmasf.dll
+ 2008-12-16 04:31:29 7,680 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\spwmp.dll
+ 2008-12-16 04:32:38 10,624,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\wmp.dll
+ 2008-12-16 02:38:46 107,520 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\wmpconfig.exe
+ 2008-12-16 02:38:29 168,960 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\wmplayer.exe
+ 2008-12-16 02:39:20 8,147,456 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\wmploc.DLL
+ 2008-12-16 02:38:10 107,520 ----a-w c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\wmpshare.exe
+ 2009-02-11 23:29:35 2,409,784 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16819_none_f0a011f86e53bc84\OESpamFilter.dat
+ 2009-02-11 23:29:48 2,409,784 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.21009_none_f13456d18769739f\OESpamFilter.dat
+ 2009-02-12 00:40:03 2,409,784 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18214_none_f2814f2c6b7ecec2\OESpamFilter.dat
+ 2009-02-12 00:28:19 2,409,784 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22375_none_f2cb0cb984cc2f89\OESpamFilter.dat
+ 2008-11-27 04:42:05 269,824 ----a-w c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6000.16782_none_1fdb8f82585b552d\schannel.dll
+ 2008-12-02 04:25:38 269,824 ----a-w c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6000.20967_none_207fcf7d716438ef\schannel.dll
+ 2008-11-27 04:43:25 268,288 ----a-w c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6001.18175_none_21cf9ef255771632\schannel.dll
+ 2008-12-02 04:36:39 268,288 ----a-w c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6001.22320_none_228a4bcd6e70a8bb\schannel.dll
+ 2009-02-09 01:59:26 2,028,032 ----a-w c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16816_none_b70870b09d62e718\win32k.sys
+ 2009-02-09 01:54:23 2,030,080 ----a-w c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21006_none_b79cb589b6789e33\win32k.sys
+ 2009-02-09 03:10:34 2,033,152 ----a-w c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18211_none_b8e9ade49a8df956\win32k.sys
+ 2009-02-09 02:54:45 2,033,664 ----a-w c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22372_none_b9336b71b3db5a1d\win32k.sys
+ 2008-06-26 03:20:31 712,704 ----a-w c:\windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.20867_none_94eb3a03bd3f8302\WindowsCodecs.dll
+ 2008-06-26 03:21:07 712,704 ----a-w c:\windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.22211_none_97018689ba42f034\WindowsCodecs.dll
+ 2008-06-26 03:20:31 347,648 ----a-w c:\windows\winsxs\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.20867_none_91fb4ef5d4c6df69\WindowsCodecsExt.dll
+ 2008-06-26 03:21:07 347,648 ----a-w c:\windows\winsxs\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.22211_none_94119b7bd1ca4c9b\WindowsCodecsExt.dll
+ 2009-03-29 21:12:11 1,286,152 ----a-w c:\windows\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b\msxml4.dll
+ 2009-03-29 21:12:14 91,656 ----a-w c:\windows\winsxs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d\msxml4r.dll
+ 2009-02-22 08:24:42 479,232 ----a-w c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1801_none_d088a2ec442ef17b\msvcm80.dll
+ 2009-02-22 08:24:42 558,080 ----a-w c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1801_none_d088a2ec442ef17b\msvcp80.dll
+ 2009-02-22 08:24:42 635,904 ----a-w c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1801_none_d088a2ec442ef17b\msvcr80.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-10-24 1451264]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"GoToMyPC"="c:\program files\Citrix\GoToMyPC\g2svc.exe" [2008-09-30 258856]
"S3Funkey"="S3Funkey.exe" [2008-03-05 c:\windows\System32\S3Funkey.exe]
"S3Trayp"="S3trayp.exe" [2008-07-08 c:\windows\System32\s3trayp.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\James\AppData\Local\Google\Update\GoogleUpdate.exe" /c
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{8E222360-664C-4F3A-9B24-383D8ACCDE5D}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{7B9581FD-214D-482D-AF4A-538D16448EE6}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{32369590-CB1D-4DAA-B7EF-A3E58D0CF965}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{8EF6067B-C28F-4230-B0D9-7B2494EDB943}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{D436CE78-C32A-45E1-A3B0-9EEB1D69E0BE}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{FF9D1B08-6A1A-4D9A-B0E5-2E75401106A7}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{59AD2CE8-CA30-4221-A694-E01AAD476B2A}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{F05068D6-ECBC-474B-BB03-249F782F6619}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{E4A495A9-4839-4078-9D32-977959E31F0F}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{C701330C-415B-4BE0-AA4B-46F4F3C30C24}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{3A9E7785-9822-41C9-912B-2918DE3B5D4F}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{8A66A08F-5081-4BB0-8615-3C3C4FF0F097}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{EF0B9809-D289-462D-9AF3-70BD69F1536A}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{CEBACC35-9A1B-4E09-AAF9-C6B5D84AE48B}"= UDP:5353:Adobe CSI CS4
"{63A7D032-AD0B-479E-9569-EA2DD7B456C8}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{38E35BF1-9FB4-4CB2-8BB5-26E7478C3070}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\System32\drivers\xfilt.sys [2009-03-14 21144]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2008-10-24 468224]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-03-02 603904]
R3 BELKIN;Belkin Wireless G USB Network Adapter;c:\windows\System32\drivers\BLKWGU.sys [2009-01-28 252416]
R3 S3GIGP;S3GIGP;c:\windows\System32\drivers\VTGKModeDX32.sys [2009-03-14 809472]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [2009-02-22 55280]
S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 s125bus;Sony Ericsson Device 125 driver (WDM);c:\windows\System32\drivers\s125bus.sys [2007-04-24 83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;c:\windows\System32\drivers\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;c:\windows\System32\drivers\s125mdm.sys [2007-04-24 108680]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;c:\windows\System32\drivers\s125obex.sys [2007-04-24 98696]
S3 S3G700;S3G700;c:\windows\System32\drivers\VTGKModeDX32.sys [2009-03-14 809472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
2009-03-29 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]
2009-03-29 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-03 03:06]
2009-03-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2119908331-4203043047-2055449669-1000.job
- c:\users\James\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-28 18:49]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://login.live.com/login.srf?wa=wsig ... 4&id=64855uInternet Settings,ProxyOverride = *.local;<local>
uInternet Settings,ProxyServer = 127.0.0.1:8118
IE: Add to AMV Convert Tool... - c:\program files\MP3 Player Utilities 4.00\AMVConverter\grab.html
IE: Download Link Using Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.00\MediaManager\grab.html
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-03-30 00:01:41
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-03-30 0:04:05
ComboFix-quarantined-files.txt 2009-03-29 23:04:03
ComboFix2.txt 2009-02-21 21:55:14
Pre-Run: 36,218,384,384 bytes free
Post-Run: 36,478,746,624 bytes free
906 --- E O F --- 2009-03-29 21:12:20
Is this ok?
James.