Koachana siostrzyczka przypuszczalnie otworzyła "licencję", dzięki czemu do komputera dostał się bardzo przyjemny wirusik uniemożliwiając pracę...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:01: VIRUS ALERT!, on 2008-10-27
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\drivers\services.exe
C:\windows\Explorer.EXE
C:\windows\system32\ctfnom.exe
C:\windows\system32\temp1.exe
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\windows\system32\temp2.exe
C:\Documents and Settings\LocalService\svchost.exe
C:\windows\system32\update32.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\windows\system32\spoolsv.exe
C:\windows\system32\drivers\services.exe
C:\Documents and Settings\Marek\svchost.exe
C:\Documents and Settings\Marek\Menu Start\Programy\Autostart\userinit.exe
C:\windows\system32\dwwin.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\windows\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\windows\system32\svchost.exe
C:\windows\system32\dlds1.exe
C:\windows\system32\dlds2.exe
C:\windows\system32\dlds6.exe
C:\windows\system32\dlds7.exe
C:\windows\system32\dlds5.exe
C:\windows\system32\dwwin.exe
C:\windows\system32\dwwin.exe
C:\windows\system32\dwwin.exe
C:\windows\system32\dwwin.exe
C:\windows\system32\dwwin.exe
C:\windows\system32\rundll32.exe
C:\windows\system32\rundll32.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Marek\Ustawienia lokalne\Dane aplikacji\Opera\Opera\profile\cache4\temporary_download\HJTInstall (1).exe
C:\windows\system32\cmd.exe
C:\windows\system32\net.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=...6Ojg5&lid=2
F3 - REG:win.ini: load=C:\windows\svchost.exe
F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe,C:\windows\system32\drivers\services.exe
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: bkqxdons - {5CCA7D45-B04C-4014-8AD2-EF6788741F44} - C:\windows\bkqxdons.dll
O3 - Toolbar: bkqxdons - {180454C7-CB02-4B04-B401-B278C6F1AEC2} - C:\windows\bkqxdons.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [[system]] C:\windows\system32\drivers\services.exe
O4 - HKLM\..\Run: [winlogon] C:\Documents and Settings\Marek\svchost.exe
O4 - HKLM\..\Run: [System32] C:\windows\system32\update32.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [f09981a3] rundll32.exe "C:\windows\system32\lffwvdol.dll",b
O4 - HKLM\..\RunServices: [ctfmom] C:\windows\system32\ctfnom.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [[system]] C:\windows\system32\drivers\services.exe
O4 - HKCU\..\Run: [winlogon] C:\Documents and Settings\Marek\svchost.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Program Files\Opera\Program\Plugins\NPSWF32_FlashUtil.exe -p
O4 - HKLM\..\Policies\Explorer\Run: [ctfmom] C:\windows\system32\ctfnom.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [[system]] C:\windows\system32\drivers\services.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [winlogon] C:\Documents and Settings\LocalService\svchost.exe (User 'Default user')
O4 - Startup: userinit.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O20 - AppInit_DLLs: C:\windows\system32\wowfx.dll
O21 - SSODL: vwnskbot - {62C8A139-B46E-427E-B18F-786933764F6A} - C:\windows\vwnskbot.dll
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Harmonogram zadań (Schedule) - Unknown owner - C:\windows\system32\drivers\services.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\windows\privacy_danger\index.htm
--
End of file - 5606 bytes
[Problem] Wirus + log
Rozpoczęty przez
Filozoph
, 27 10 2008 20:04
9 odpowiedzi w tym temacie
#4
ordynat
-
-
- 804 postów
Zaawansowany użytkownik
Napisano 28 10 2008 - 14:06
Wklej do Notatnika:
>>Plik>>Zapisz jako... >>> CFScript
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe
-->
Ma się rozpocząć usuwanie. (i powstanie log).
Daj ten log, który powstanie w trakcie usuwania.
Po restarcie usuń ręcznie folder C:\Qoobox.
ordynat
File::
C:\WINDOWS\system32\febsyeje.exe
C:\WINDOWS\system32\drivers\vusvqopl.sys
C:\iguyg.exe
C:\opiviup.exe
C:\WINDOWS\aetlsrknkvs.dll
C:\ctf
C:\WINDOWS\aetlsrknavr.dll
C:\WINDOWS\vwnskbot.dll
C:\WINDOWS\qnflkotm.dll
C:\WINDOWS\bkqxdons.dll
C:\WINDOWS\woprdagt.exe
C:\WINDOWS\system32\fccDvSlj.dll
C:\WINDOWS\system32\efcDUkLe.dll
C:\WINDOWS\system32\cbXomjkk.dll
C:\WINDOWS\system32\awtrOHBr.dll
C:\d2.exe
C:\d3.exe
C:\yrjs.exe
C:\-258375412
C:\windows\system32\ajqyvgxm.dll
C:\windows\system32\tuvWmNdc.dll
Folder::
C:\WINDOWS\privacy_danger
C:\WINDOWS\system32\xlib254.dll
C:\WINDOWS\system32\append.dll
Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="about:blank"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{04D13789-2BA5-4721-BC0F-BBD182477E7e}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{39A90C7A-2556-4919-8DE2-40D480AEB4DD}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9fe57121-c67c-4e38-a124-ae5d85cf4437}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9349597-6e81-47f3-b05d-469763764fb7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5CCA7D45-B04C-4014-8AD2-EF6788741F44}"=-
"{180454C7-CB02-4B04-B401-B278C6F1AEC2}"=-
[-HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\*0]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{E9349597-6E81-47F3-B05D-469763764FB7}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"vwnskbot"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtrohbr]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"Uwaga: Po wklejeniu do Notatnika usuń *gwiazdki z tekstu!>>Plik>>Zapisz jako... >>> CFScript
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe
-->
Ma się rozpocząć usuwanie. (i powstanie log).
Daj ten log, który powstanie w trakcie usuwania.
Po restarcie usuń ręcznie folder C:\Qoobox.
ordynat
#5
Filozoph
-
-
- 6 postów
Obserwator
Napisano 28 10 2008 - 20:10
ComboFix 08-10-28.01 - Marek 2008-10-28 18:31:50.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.517 [GMT 1:00]
Uruchomiony z: C:\Documents and Settings\Marek\Pulpit\ComboFix.exe
Użyto następujących komend :: C:\Documents and Settings\Marek\Pulpit\CFScript.txt
* Utworzono nowy punkt przywracania
FILE ::
C:\-258375412
C:\ctf
C:\d2.exe
C:\d3.exe
C:\iguyg.exe
C:\opiviup.exe
C:\WINDOWS\aetlsrknavr.dll
C:\WINDOWS\aetlsrknkvs.dll
C:\WINDOWS\bkqxdons.dll
C:\WINDOWS\qnflkotm.dll
C:\windows\system32\ajqyvgxm.dll
C:\WINDOWS\system32\awtrOHBr.dll
C:\WINDOWS\system32\cbXomjkk.dll
C:\WINDOWS\system32\drivers\vusvqopl.sys
C:\WINDOWS\system32\efcDUkLe.dll
C:\WINDOWS\system32\fccDvSlj.dll
C:\WINDOWS\system32\febsyeje.exe
C:\windows\system32\tuvWmNdc.dll
C:\WINDOWS\vwnskbot.dll
C:\WINDOWS\woprdagt.exe
C:\yrjs.exe
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\-258375412
C:\ctf
C:\iguyg.exe
C:\WINDOWS\system32\3.tmp
C:\WINDOWS\system32\4.tmp
C:\WINDOWS\system32\febsyeje.exe
.
((((((((((((((((((((((((( Pliki utworzone od 2008-09-28 do 2008-10-28 )))))))))))))))))))))))))))))))
.
2008-10-28 07:27 . 2008-10-28 07:27 <DIR> d-------- C:\Documents and Settings\Karolina\Dane aplikacji\Malwarebytes
2008-10-28 01:19 . 2008-10-28 01:19 <DIR> d-------- C:\Program Files\WorldOfGooDemo
2008-10-28 01:19 . 2008-10-28 01:19 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\2DBoy
2008-10-28 00:48 . 2008-10-28 00:48 67,072 --a------ C:\WINDOWS\system32\111.tmp
2008-10-28 00:48 . 2008-10-28 00:48 44 --a------ C:\WINDOWS\system32\110.tmp
2008-10-28 00:48 . 2008-10-28 00:48 18 --a------ C:\WINDOWS\system32\112.tmp
2008-10-27 19:57 . 2008-10-27 19:57 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-27 19:57 . 2008-10-27 19:57 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\Malwarebytes
2008-10-27 19:57 . 2008-10-27 19:57 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2008-10-27 19:57 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-27 19:57 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-27 19:46 . 2008-10-27 19:46 10,240 --a------ C:\WINDOWS\system32\eolgskyv.exe
2008-10-27 19:39 . 2008-10-27 19:39 64,000 --a------ C:\WINDOWS\system32\nvsvc32.exe
2008-10-27 19:38 . 2008-10-27 19:38 88 --a------ C:\WINDOWS\system32\2.tmp
2008-10-27 19:38 . 2008-10-27 19:38 18 --a------ C:\WINDOWS\system32\5.tmp
2008-10-27 18:48 . 2008-10-28 18:36 <DIR> d--h----- C:\Documents and Settings\Administrator\Ustawienia lokalne
2008-10-27 18:48 . 2008-09-24 23:03 <DIR> d-------- C:\Documents and Settings\Administrator\Ulubione
2008-10-27 18:48 . 2008-09-24 21:13 <DIR> d--h----- C:\Documents and Settings\Administrator\Szablony
2008-10-27 18:48 . 2008-09-24 23:03 <DIR> d-------- C:\Documents and Settings\Administrator\Pulpit
2008-10-27 18:48 . 2008-09-24 23:03 <DIR> d-------- C:\Documents and Settings\Administrator\Moje dokumenty
2008-10-27 18:48 . 2008-09-24 23:03 <DIR> dr------- C:\Documents and Settings\Administrator\Menu Start
2008-10-27 18:48 . 2008-09-24 23:03 <DIR> dr-h----- C:\Documents and Settings\Administrator\Dane aplikacji
2008-10-27 18:48 . 2008-10-27 18:48 <DIR> d-------- C:\Documents and Settings\Administrator
2008-10-27 18:23 . 2008-10-27 18:23 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\Gadu-Gadu
2008-10-25 14:01 . 2008-10-25 14:01 <DIR> d-------- C:\Documents and Settings\Karolina\Dane aplikacji\TmpRecentIcons
2008-10-25 13:37 . 2008-10-25 13:55 <DIR> d-------- C:\Program Files\HDTVNetworks
2008-10-25 13:35 . 2008-04-14 21:51 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-10-22 14:20 . 2008-10-22 14:20 <DIR> d-------- C:\Documents and Settings\Karolina\Dane aplikacji\BESTplayer
2008-10-20 22:10 . 2008-10-20 22:38 <DIR> d-------- C:\Muzyka
2008-10-20 21:36 . 2008-10-20 21:36 <DIR> d-------- C:\Program Files\DAEMON Tools Toolbar
2008-10-20 21:35 . 2008-10-20 22:09 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-10-20 21:26 . 2008-10-20 21:26 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\Ahead
2008-10-20 21:19 . 2008-10-20 21:19 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-10-20 21:19 . 2008-10-20 21:19 <DIR> d-------- C:\Program Files\Ahead
2008-10-20 21:19 . 2001-07-06 13:41 569,344 --a------ C:\WINDOWS\system32\imagr5.dll
2008-10-20 21:19 . 2001-07-06 11:44 544,768 --a------ C:\WINDOWS\system32\imagx5.dll
2008-10-20 21:19 . 2001-07-06 17:24 283,920 --a------ C:\WINDOWS\system32\ImagXpr5.dll
2008-10-20 21:19 . 2001-07-09 10:50 163,840 --a------ C:\WINDOWS\system32\NeroCheck.exe
2008-10-20 21:19 . 2003-03-29 15:45 89,184 --a------ C:\WINDOWS\system32\drivers\imagedrv.sys
2008-10-20 21:19 . 2003-07-22 15:29 57,344 --a------ C:\WINDOWS\system32\ImageDrive.cpl
2008-10-20 21:19 . 2001-06-26 07:15 38,912 --a------ C:\WINDOWS\system32\picn20.dll
2008-10-20 21:15 . 2008-10-20 21:15 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\DAEMON Tools
2008-10-20 21:15 . 2008-10-20 21:15 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-10-20 20:31 . 2008-10-20 20:31 <DIR> d-------- C:\Program Files\AskBarDis
2008-10-20 20:31 . 2008-10-20 21:29 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\Azureus
2008-10-20 20:31 . 2008-10-20 20:31 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Azureus
2008-10-20 20:27 . 2008-10-20 20:28 <DIR> d-------- C:\Program Files\Vuze
2008-10-20 20:27 . 2008-06-10 01:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-10-20 20:26 . 2008-10-20 20:27 <DIR> d-------- C:\Program Files\Java
2008-10-20 20:24 . 2008-10-20 20:24 <DIR> d-------- C:\Program Files\Common Files\Java
2008-10-19 19:03 . 2008-10-19 20:54 <DIR> d-------- C:\Documents and Settings\Karolina\Dane aplikacji\Winamp
2008-10-19 18:23 . 2008-10-19 18:23 <DIR> d-------- C:\Program Files\Super Torrent Search
2008-10-19 18:14 . 2008-10-19 18:33 <DIR> d-------- C:\Program Files\uTorrent
2008-10-19 18:14 . 2008-10-25 13:37 <DIR> d-------- C:\Documents and Settings\Karolina\Dane aplikacji\uTorrent
2008-10-19 18:02 . 2008-10-19 18:02 <DIR> d-------- C:\Documents and Settings\Karolina\Dane aplikacji\Ventrilo
2008-10-15 15:31 . 2008-10-15 15:31 <DIR> d-------- C:\Program Files\GoldWave
2008-10-13 22:19 . 2008-10-13 22:19 <DIR> d-------- C:\Program Files\Ventrilo
2008-10-13 22:19 . 2008-10-13 22:19 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-13 22:19 . 2008-10-13 22:20 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\Ventrilo
2008-10-13 21:00 . 2008-10-13 21:00 <DIR> d--h----- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
2008-10-13 21:00 . 2006-12-25 21:00 198,656 --a------ C:\WINDOWS\system32\CNMLM8R.DLL
2008-10-13 20:57 . 2008-04-13 23:15 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-10-13 20:57 . 2008-04-13 23:15 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-10-13 20:53 . 2008-10-13 20:53 <DIR> d-------- C:\Program Files\Canon
2008-10-13 20:53 . 2008-04-13 23:17 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-10-13 20:53 . 2008-04-13 23:17 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-10-13 20:52 . 2008-04-13 23:15 32,128 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-10-13 20:52 . 2008-04-13 23:15 32,128 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-10-12 18:33 . 2008-04-13 23:15 26,368 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-10-10 17:54 . 2008-10-28 07:34 <DIR> d-------- C:\Documents and Settings\Karolina\Dane aplikacji\OpenOffice.org2
2008-10-09 18:58 . 2008-10-09 18:58 <DIR> d-------- C:\FPC
2008-10-05 17:48 . 2008-10-05 17:48 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\Toribash
2008-10-05 17:47 . 2008-10-05 17:47 <DIR> d-------- C:\Games
2008-10-01 21:26 . 2008-10-24 14:59 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\OpenOffice.org2
2008-10-01 21:19 . 2008-10-01 21:21 <DIR> d-------- C:\Program Files\Winamp
2008-10-01 21:19 . 2008-10-01 21:21 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\Winamp
2008-10-01 20:42 . 2008-10-01 20:42 <DIR> d-------- C:\Program Files\OpenOffice.org 2.4
2008-09-30 19:44 . 2008-09-30 19:44 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-29 14:51 . 2008-09-29 14:51 <DIR> d-------- C:\Program Files\Razor
2008-09-29 14:43 . 2008-09-29 14:43 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2008-09-29 14:43 . 2008-09-29 14:43 <DIR> d-------- C:\Program Files\Reference Assemblies
2008-09-29 14:43 . 2008-09-29 14:43 <DIR> d-------- C:\Program Files\MSBuild
2008-09-29 14:42 . 2006-06-29 12:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2008-09-29 14:25 . 2008-09-29 14:28 <DIR> d-------- C:\Program Files\RegCleaner
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-27 18:44 --------- d-----w C:\Program Files\Opera
2008-10-23 16:42 138,280 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-10-23 16:42 111,928 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-10-01 20:16 --------- d-----w C:\Program Files\InstallShield Installation Information
2008-09-27 20:46 --------- d-----w C:\Documents and Settings\Karolina\Dane aplikacji\Gadu-Gadu
2008-09-25 18:09 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-09-25 13:30 --------- d-----w C:\Program Files\<a href="http://www.download.net.pl/219/IrfanView/">IrfanView</a>
2008-09-24 22:42 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-24 22:28 --------- d-----w C:\Program Files\Gadu-Gadu
2008-09-24 21:13 --------- d-----w C:\Program Files\C-Media 3D Audio
2008-09-24 20:18 --------- d-----w C:\Program Files\microsoft frontpage
2008-09-24 20:16 --------- d-----w C:\Program Files\Usługi online
2008-08-06 13:29 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-08-06 13:27 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-07-31 08:41 68,616 ----a-w C:\WINDOWS\system32\XAPOFX1_1.dll
2008-07-31 08:41 238,088 ----a-w C:\WINDOWS\system32\xactengine3_2.dll
2008-07-31 08:40 509,448 ----a-w C:\WINDOWS\system32\XAudio2_2.dll
2001-11-23 10:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.
------- Sigcheck -------
2008-04-14 21:51 1043456 0c81a3099f86c345147dd3f3a77acb80 C:\WINDOWS\explorer.exe
2008-04-14 21:51 1043456 60ac00a36996ef3c7b1b20c4d64b9a0e C:\WINDOWS\ServicePackFiles\i386\explorer.exe
2008-04-14 21:51 1043456 9b8f81bf8212246c59e47b5bc8711b90 C:\WINDOWS\system32\dllcache\explorer.exe
2008-04-14 21:51 23552 3c74e9c08078e209d951ecc19eae72af C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe
2008-04-14 21:51 23552 651fe132c83e83c63abb47f9dfcefeb7 C:\WINDOWS\system32\ctfmon.exe
2008-04-14 21:51 23552 dcc9c3a0dab5b6419a151e75f3cb0f92 C:\WINDOWS\system32\dllcache\ctfmon.exe
2008-04-14 21:51 66048 18ca9190c6f8008895fe699fafca9ebf C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
2008-04-14 21:51 66048 df96765a96c267b845e20f2b783de25b C:\WINDOWS\system32\spoolsv.exe
2008-04-14 21:51 66048 b573ab129c0e19f02a65e91e00e9d0f9 C:\WINDOWS\system32\dllcache\spoolsv.exe
2008-04-14 21:51 120320 bd9c12b2cdb32df1a4fc30717bbf5463 C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe
2008-04-14 21:51 120320 b90f344567849326d380fdb811a95bc8 C:\WINDOWS\system32\wuauclt.exe
2008-04-14 21:51 120320 197bf0b1a7afd56a7e9d980bd9883be3 C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-04-14 21:51 34816 ebeaeade004c9c9947d8d7e1ed927460 C:\WINDOWS\ServicePackFiles\i386\userinit.exe
2008-04-14 21:51 34816 53dc709e97d8f201dba64c155d1122c4 C:\WINDOWS\system32\userinit.exe
2008-04-14 21:51 34816 f355cfda01e48132dcf59da18080bd38 C:\WINDOWS\system32\dllcache\userinit.exe
.
((((((((((((((((((((((((((((( snapshot@2008-10-27_18.49.26.76 )))))))))))))))))))))))))))))))))))))))))
.
- 2003-07-22 09:15:24 225,280 ----a-w C:\windows\CmiRmRedundDir.exe
+ 2003-07-22 09:15:24 233,472 ----a-w C:\WINDOWS\CmiRmRedundDir.exe
- 2003-08-05 12:23:24 266,240 ----a-w C:\windows\CMIUninstall.exe
+ 2003-08-05 12:23:24 274,432 ----a-w C:\WINDOWS\CMIUninstall.exe
- 2008-04-14 20:51:24 58,368 ------w C:\windows\ehome\medctrro.exe
+ 2008-04-14 20:51:24 66,560 ------w C:\WINDOWS\ehome\medctrro.exe
- 2005-10-20 19:02:28 163,328 ----a-w C:\windows\ERDNT\subs\ERDNT.EXE
+ 2005-10-20 19:02:28 175,104 ----a-w C:\WINDOWS\ERDNT\subs\ERDNT.EXE
- 2008-04-14 20:51:20 10,752 ----a-w C:\windows\hh.exe
+ 2008-04-14 20:51:20 18,944 ----a-w C:\WINDOWS\hh.exe
- 2008-09-24 20:25:14 166,912 ----a-r C:\windows\Installer\{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe
+ 2008-09-24 20:25:14 175,104 ----a-r C:\WINDOWS\Installer\{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe
- 2008-10-01 19:44:03 2,363,392 ----a-r C:\windows\Installer\{5BA16F95-7015-48C1-BBDB-5CBE00D0CE7E}\soffice.exe
+ 2008-10-01 19:44:03 2,371,584 ----a-r C:\WINDOWS\Installer\{5BA16F95-7015-48C1-BBDB-5CBE00D0CE7E}\soffice.exe
- 1998-10-29 14:45:06 306,688 ----a-w C:\windows\IsUninst.exe
+ 1998-10-29 14:45:06 314,880 ----a-w C:\WINDOWS\IsUninst.exe
- 2007-10-23 23:47:22 36,864 ----a-w C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2007-10-23 23:47:22 45,056 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2007-10-23 23:47:22 24,576 ----a-w C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2007-10-23 23:47:22 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2007-10-23 23:47:22 106,496 ----a-w C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2007-10-23 23:47:22 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2007-10-23 23:47:40 106,496 ----a-w C:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2007-10-23 23:47:40 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-10-23 23:47:28 5,120 ----a-w C:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2007-10-23 23:47:28 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2007-10-23 23:47:40 9,728 ----a-w C:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2007-10-23 23:47:40 17,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2007-10-23 23:47:40 28,672 ----a-w C:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2007-10-23 23:47:40 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2007-10-23 23:47:34 40,960 ----a-w C:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2007-10-23 23:47:34 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2007-10-23 23:47:36 69,632 ----a-w C:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2007-10-23 23:47:36 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-10-23 23:47:40 53,248 ----a-w C:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2007-10-23 23:47:40 61,440 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2007-10-23 23:47:40 32,768 ----a-w C:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2007-10-23 23:47:40 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2007-10-11 07:55:14 159,744 ----a-w C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2007-10-11 07:55:14 167,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
- 2007-10-11 07:55:14 61,440 ----a-w C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2007-10-11 07:55:14 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
- 2007-10-11 07:55:14 143,360 ----a-w C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2007-10-11 07:55:14 151,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
- 2007-10-09 10:58:20 14,848 ----a-w C:\windows\Microsoft.NET\Framework\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe
+ 2007-10-09 10:58:20 23,040 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe
- 2008-04-14 20:51:04 256,512 ----a-w C:\windows\msagent\agentsvr.exe
+ 2008-04-14 20:51:04 264,704 ----a-w C:\WINDOWS\msagent\agentsvr.exe
- 2008-04-13 22:23:34 558,080 ----a-w C:\windows\Network Diagnostic\xpnetdiag.exe
+ 2008-04-13 22:23:34 566,272 ----a-w C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
- 2008-04-14 20:51:32 70,144 ----a-w C:\windows\NOTEPAD.EXE
+ 2008-04-14 20:51:32 78,336 ----a-w C:\WINDOWS\NOTEPAD.EXE
- 2008-04-14 20:51:20 769,024 ----a-w C:\windows\pchealth\helpctr\binaries\HelpCtr.exe
+ 2008-04-14 20:51:20 777,216 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe
- 2001-10-26 19:29:54 99,840 ----a-w C:\windows\pchealth\helpctr\binaries\HelpHost.exe
+ 2001-10-26 19:29:54 108,032 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HelpHost.exe
- 2008-04-14 20:51:20 18,432 ----a-w C:\windows\pchealth\helpctr\binaries\HscUpd.exe
+ 2008-04-14 20:51:20 26,624 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\HscUpd.exe
- 2008-04-14 20:51:30 171,520 ----a-w C:\windows\pchealth\helpctr\binaries\msconfig.exe
+ 2008-04-14 20:51:30 179,712 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
- 2001-10-26 19:29:58 35,328 ----a-w C:\windows\pchealth\helpctr\binaries\notiflag.exe
+ 2001-10-26 19:29:58 43,520 ----a-w C:\WINDOWS\pchealth\helpctr\binaries\notiflag.exe
- 2008-04-14 20:51:46 151,040 ----a-w C:\windows\pchealth\UploadLB\Binaries\UploadM.exe
+ 2008-04-14 20:51:46 159,232 ----a-w C:\WINDOWS\pchealth\UploadLB\Binaries\UploadM.exe
- 2005-01-28 11:44:28 47,104 ----a-w C:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe
+ 2005-01-28 11:44:28 55,296 ----a-w C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe
- 2005-01-28 11:44:28 38,912 ----a-w C:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe
+ 2005-01-28 11:44:28 47,104 ----a-w C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe
- 2008-04-14 20:51:24 103,936 ----a-w C:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\logagent.exe
+ 2008-04-14 20:51:24 112,128 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\logagent.exe
- 2005-01-28 11:44:28 96,768 ----a-w C:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\logagent.exe
+ 2005-01-28 11:44:28 104,960 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\logagent.exe
- 2008-04-14 20:51:04 188,416 ------w C:\windows\ServicePackFiles\i386\accwiz.exe
+ 2008-04-14 20:51:04 196,608 ------w C:\WINDOWS\ServicePackFiles\i386\accwiz.exe
- 2008-04-14 20:51:04 4,096 ------w C:\windows\ServicePackFiles\i386\actmovie.exe
+ 2008-04-14 20:51:04 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\actmovie.exe
- 2008-04-14 20:51:04 16,439 ------w C:\windows\ServicePackFiles\i386\admin.exe
+ 2008-04-14 20:51:04 24,631 ------w C:\WINDOWS\ServicePackFiles\i386\admin.exe
- 2008-04-14 20:51:04 256,512 ------w C:\windows\ServicePackFiles\i386\agentsvr.exe
+ 2008-04-14 20:51:04 264,704 ------w C:\WINDOWS\ServicePackFiles\i386\agentsvr.exe
- 2008-04-14 20:51:04 98,304 ------w C:\windows\ServicePackFiles\i386\ahui.exe
+ 2008-04-14 20:51:04 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\ahui.exe
- 2008-04-14 20:51:04 44,544 ------w C:\windows\ServicePackFiles\i386\alg.exe
+ 2008-04-14 20:51:04 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\alg.exe
- 2008-04-13 19:40:02 24,576 ------w C:\windows\ServicePackFiles\i386\aspnet_regiis.exe
+ 2008-04-13 19:40:02 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\aspnet_regiis.exe
- 2008-04-13 19:40:02 32,768 ------w C:\windows\ServicePackFiles\i386\aspnet_state.exe
+ 2008-04-13 19:40:02 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\aspnet_state.exe
- 2008-04-13 19:40:02 32,768 ------w C:\windows\ServicePackFiles\i386\aspnet_wp.exe
+ 2008-04-13 19:40:02 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\aspnet_wp.exe
- 2008-04-14 20:51:04 30,208 ------w C:\windows\ServicePackFiles\i386\asr_fmt.exe
+ 2008-04-14 20:51:04 38,400 ------w C:\WINDOWS\ServicePackFiles\i386\asr_fmt.exe
- 2008-04-14 20:51:04 32,768 ------w C:\windows\ServicePackFiles\i386\asr_pfu.exe
+ 2008-04-14 20:51:04 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\asr_pfu.exe
- 2008-04-14 20:51:04 25,600 ------w C:\windows\ServicePackFiles\i386\at.exe
+ 2008-04-14 20:51:04 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\at.exe
- 2008-04-14 20:51:04 11,264 ------w C:\windows\ServicePackFiles\i386\atmadm.exe
+ 2008-04-14 20:51:04 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\atmadm.exe
- 2008-04-14 20:51:04 12,288 ------w C:\windows\ServicePackFiles\i386\attrib.exe
+ 2008-04-14 20:51:04 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\attrib.exe
- 2008-04-14 20:51:04 14,336 ------w C:\windows\ServicePackFiles\i386\auditusr.exe
+ 2008-04-14 20:51:04 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\auditusr.exe
- 2008-04-14 20:51:04 16,439 ------w C:\windows\ServicePackFiles\i386\author.exe
+ 2008-04-14 20:51:04 24,631 ------w C:\WINDOWS\ServicePackFiles\i386\author.exe
- 2008-04-14 20:51:08 71,680 ------w C:\windows\ServicePackFiles\i386\blastcln.exe
+ 2008-04-14 20:51:08 79,872 ------w C:\WINDOWS\ServicePackFiles\i386\blastcln.exe
- 2008-04-14 20:51:08 154,624 ------w C:\windows\ServicePackFiles\i386\bootcfg.exe
+ 2008-04-14 20:51:08 162,816 ------w C:\WINDOWS\ServicePackFiles\i386\bootcfg.exe
- 2008-04-14 20:51:08 20,992 ------w C:\windows\ServicePackFiles\i386\cacls.exe
+ 2008-04-14 20:51:08 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\cacls.exe
- 2007-06-27 16:23:20 94,208 ------w C:\windows\ServicePackFiles\i386\caspol.exe
+ 2007-06-27 16:23:20 102,400 ------w C:\WINDOWS\ServicePackFiles\i386\caspol.exe
- 2008-04-14 20:51:08 188,480 ------w C:\windows\ServicePackFiles\i386\cfgwiz.exe
+ 2008-04-14 20:51:08 196,672 ------w C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe
- 2008-04-14 20:51:08 56,832 ------w C:\windows\ServicePackFiles\i386\[beeep]her.exe
+ 2008-04-14 20:51:08 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\[beeep]her.exe
- 2008-04-14 20:51:08 5,632 ------w C:\windows\ServicePackFiles\i386\cisvc.exe
+ 2008-04-14 20:51:08 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\cisvc.exe
- 2008-04-14 20:51:08 64,512 ------w C:\windows\ServicePackFiles\i386\cleanmgr.exe
+ 2008-04-14 20:51:08 72,704 ------w C:\WINDOWS\ServicePackFiles\i386\cleanmgr.exe
- 2008-04-14 20:51:08 20,480 ------w C:\windows\ServicePackFiles\i386\cliconfg.exe
+ 2008-04-14 20:51:08 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\cliconfg.exe
- 2008-04-14 20:51:08 103,424 ------w C:\windows\ServicePackFiles\i386\clipbrd.exe
+ 2008-04-14 20:51:08 111,616 ------w C:\WINDOWS\ServicePackFiles\i386\clipbrd.exe
- 2008-04-14 20:51:08 33,280 ------w C:\windows\ServicePackFiles\i386\clipsrv.exe
+ 2008-04-14 20:51:08 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe
- 2008-04-14 20:51:10 396,288 ------w C:\windows\ServicePackFiles\i386\cmd.exe
+ 2008-04-14 20:51:10 404,480 ------w C:\WINDOWS\ServicePackFiles\i386\cmd.exe
- 2008-04-14 20:51:10 25,600 ------w C:\windows\ServicePackFiles\i386\cmdl32.exe
+ 2008-04-14 20:51:10 33,792 ------w C:\WINDOWS\ServicePackFiles\i386\cmdl32.exe
- 2008-04-14 20:51:10 39,424 ------w C:\windows\ServicePackFiles\i386\cmmon32.exe
+ 2008-04-14 20:51:10 47,616 ------w C:\WINDOWS\ServicePackFiles\i386\cmmon32.exe
- 2008-04-14 20:51:10 64,512 ------w C:\windows\ServicePackFiles\i386\cmstp.exe
+ 2008-04-14 20:51:10 72,704 ------w C:\WINDOWS\ServicePackFiles\i386\cmstp.exe
- 2008-04-14 20:51:10 9,728 ------w C:\windows\ServicePackFiles\i386\comrepl.exe
+ 2008-04-14 20:51:10 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\comrepl.exe
- 2008-04-14 20:51:10 6,144 ------w C:\windows\ServicePackFiles\i386\comrereg.exe
+ 2008-04-14 20:51:10 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\comrereg.exe
- 2008-04-13 22:13:34 9,728 ------w C:\windows\ServicePackFiles\i386\comsdupd.exe
+ 2008-04-13 22:13:34 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\comsdupd.exe
- 2008-04-14 20:51:10 1,036,288 ------w C:\windows\ServicePackFiles\i386\conf.exe
+ 2008-04-14 20:51:10 1,044,480 ------w C:\WINDOWS\ServicePackFiles\i386\conf.exe
- 2008-04-14 20:51:10 27,648 ------w C:\windows\ServicePackFiles\i386\conime.exe
+ 2008-04-14 20:51:10 35,840 ------w C:\WINDOWS\ServicePackFiles\i386\conime.exe
- 2008-04-13 19:40:14 49,152 ------w C:\windows\ServicePackFiles\i386\csc.exe
+ 2008-04-13 19:40:14 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\csc.exe
- 2008-04-14 20:51:12 139,264 ------w C:\windows\ServicePackFiles\i386\cscript.exe
+ 2008-04-14 20:51:12 147,456 ------w C:\WINDOWS\ServicePackFiles\i386\cscript.exe
- 2008-04-14 20:51:12 42,496 ------w C:\windows\ServicePackFiles\i386\davcdata.exe
+ 2008-04-14 20:51:12 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\davcdata.exe
- 2008-04-14 20:51:12 6,144 ------w C:\windows\ServicePackFiles\i386\dcomcnfg.exe
+ 2008-04-14 20:51:12 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\dcomcnfg.exe
- 2008-04-14 20:51:12 30,720 ------w C:\windows\ServicePackFiles\i386\ddeshare.exe
+ 2008-04-14 20:51:12 38,912 ------w C:\WINDOWS\ServicePackFiles\i386\ddeshare.exe
- 2008-04-14 20:51:12 25,088 ------w C:\windows\ServicePackFiles\i386\defrag.exe
+ 2008-04-14 20:51:12 33,280 ------w C:\WINDOWS\ServicePackFiles\i386\defrag.exe
- 2008-04-14 20:51:12 82,944 ------w C:\windows\ServicePackFiles\i386\dfrgfat.exe
+ 2008-04-14 20:51:12 91,136 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgfat.exe
- 2008-04-14 20:51:12 105,472 ------w C:\windows\ServicePackFiles\i386\dfrgntfs.exe
+ 2008-04-14 20:51:12 113,664 ------w C:\WINDOWS\ServicePackFiles\i386\dfrgntfs.exe
- 2008-04-14 20:51:12 545,792 ------w C:\windows\ServicePackFiles\i386\dialer.exe
+ 2008-04-14 20:51:12 553,984 ------w C:\WINDOWS\ServicePackFiles\i386\dialer.exe
- 2008-04-14 20:51:12 87,040 ------w C:\windows\ServicePackFiles\i386\diantz.exe
+ 2008-04-14 20:51:12 95,232 ------w C:\WINDOWS\ServicePackFiles\i386\diantz.exe
- 2008-04-14 20:51:12 164,864 ------w C:\windows\ServicePackFiles\i386\diskpart.exe
+ 2008-04-14 20:51:12 173,056 ------w C:\WINDOWS\ServicePackFiles\i386\diskpart.exe
- 2008-04-14 20:51:14 5,120 ------w C:\windows\ServicePackFiles\i386\dllhost.exe
+ 2008-04-14 20:51:14 13,312 ------w C:\WINDOWS\ServicePackFiles\i386\dllhost.exe
- 2008-04-14 20:51:14 225,280 ------w C:\windows\ServicePackFiles\i386\dmadmin.exe
+ 2008-04-14 20:51:14 233,472 ------w C:\WINDOWS\ServicePackFiles\i386\dmadmin.exe
- 2008-04-14 20:51:14 15,872 ------w C:\windows\ServicePackFiles\i386\dmremote.exe
+ 2008-04-14 20:51:14 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\dmremote.exe
- 2008-04-14 20:51:14 29,696 ------w C:\windows\ServicePackFiles\i386\dplaysvr.exe
+ 2008-04-14 20:51:14 37,888 ------w C:\WINDOWS\ServicePackFiles\i386\dplaysvr.exe
- 2008-04-14 20:51:14 18,432 ------w C:\windows\ServicePackFiles\i386\dpnsvr.exe
+ 2008-04-14 20:51:14 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\dpnsvr.exe
- 2008-04-14 20:51:14 83,456 ------w C:\windows\ServicePackFiles\i386\dpvsetup.exe
+ 2008-04-14 20:51:14 91,648 ------w C:\WINDOWS\ServicePackFiles\i386\dpvsetup.exe
- 2008-04-14 20:51:14 65,024 ------w C:\windows\ServicePackFiles\i386\drvqry.exe
+ 2008-04-14 20:51:14 73,216 ------w C:\WINDOWS\ServicePackFiles\i386\drvqry.exe
- 2008-04-14 20:51:14 10,752 ------w C:\windows\ServicePackFiles\i386\dumprep.exe
+ 2008-04-14 20:51:14 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\dumprep.exe
- 2008-04-14 20:51:14 17,920 ------w C:\windows\ServicePackFiles\i386\dvdupgrd.exe
+ 2008-04-14 20:51:14 26,112 ------w C:\WINDOWS\ServicePackFiles\i386\dvdupgrd.exe
- 2008-04-14 20:51:14 180,224 ------w C:\windows\ServicePackFiles\i386\dwwin.exe
+ 2008-04-14 20:51:14 188,416 ------w C:\WINDOWS\ServicePackFiles\i386\dwwin.exe
- 2008-04-14 20:51:14 1,298,432 ------w C:\windows\ServicePackFiles\i386\dxdiag.exe
+ 2008-04-14 20:51:14 1,306,624 ------w C:\WINDOWS\ServicePackFiles\i386\dxdiag.exe
- 2008-04-14 20:51:16 194,048 ------w C:\windows\ServicePackFiles\i386\eudcedit.exe
+ 2008-04-14 20:51:16 202,240 ------w C:\WINDOWS\ServicePackFiles\i386\eudcedit.exe
- 2008-04-14 20:51:16 52,736 ------w C:\windows\ServicePackFiles\i386\evcreate.exe
+ 2008-04-14 20:51:16 60,928 ------w C:\WINDOWS\ServicePackFiles\i386\evcreate.exe
- 2008-04-14 20:51:16 26,112 ------w C:\windows\ServicePackFiles\i386\evntcmd.exe
+ 2008-04-14 20:51:16 34,304 ------w C:\WINDOWS\ServicePackFiles\i386\evntcmd.exe
- 2008-04-14 20:51:16 93,184 ------w C:\windows\ServicePackFiles\i386\evntwin.exe
+ 2008-04-14 20:51:16 101,376 ------w C:\WINDOWS\ServicePackFiles\i386\evntwin.exe
- 2008-04-14 20:51:16 86,016 ------w C:\windows\ServicePackFiles\i386\evtrig.exe
+ 2008-04-14 20:51:16 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\evtrig.exe
- 2008-04-14 20:51:18 24,064 ------w C:\windows\ServicePackFiles\i386\extrac32.exe
+ 2008-04-14 20:51:18 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\extrac32.exe
- 2008-04-14 20:51:18 20,992 ------w C:\windows\ServicePackFiles\i386\faxpatch.exe
+ 2008-04-14 20:51:18 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\faxpatch.exe
- 2008-04-14 20:51:18 28,160 ------w C:\windows\ServicePackFiles\i386\findstr.exe
+ 2008-04-14 20:51:18 36,352 ------w C:\WINDOWS\ServicePackFiles\i386\findstr.exe
- 2008-04-14 20:51:18 23,040 ------w C:\windows\ServicePackFiles\i386\fltmc.exe
+ 2008-04-14 20:51:18 31,232 ------w C:\WINDOWS\ServicePackFiles\i386\fltmc.exe
- 2008-04-14 20:51:18 21,504 ------w C:\windows\ServicePackFiles\i386\fontview.exe
+ 2008-04-14 20:51:18 29,696 ------w C:\WINDOWS\ServicePackFiles\i386\fontview.exe
- 2008-04-14 20:51:18 7,680 ------w C:\windows\ServicePackFiles\i386\forcedos.exe
+ 2008-04-14 20:51:18 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\forcedos.exe
- 2008-04-14 20:51:18 15,120 ------w C:\windows\ServicePackFiles\i386\fp98sadm.exe
+ 2008-04-14 20:51:18 23,312 ------w C:\WINDOWS\ServicePackFiles\i386\fp98sadm.exe
- 2008-04-14 20:51:18 109,840 ------w C:\windows\ServicePackFiles\i386\fp98swin.exe
+ 2008-04-14 20:51:18 118,032 ------w C:\WINDOWS\ServicePackFiles\i386\fp98swin.exe
- 2008-04-14 20:51:18 24,632 ------w C:\windows\ServicePackFiles\i386\fpadmcgi.exe
+ 2008-04-14 20:51:18 32,824 ------w C:\WINDOWS\ServicePackFiles\i386\fpadmcgi.exe
- 2008-04-14 20:51:18 188,494 ------w C:\windows\ServicePackFiles\i386\fpcount.exe
+ 2008-04-14 20:51:18 196,686 ------w C:\WINDOWS\ServicePackFiles\i386\fpcount.exe
- 2008-04-14 20:51:18 20,538 ------w C:\windows\ServicePackFiles\i386\fpremadm.exe
+ 2008-04-14 20:51:18 28,730 ------w C:\WINDOWS\ServicePackFiles\i386\fpremadm.exe
- 2008-04-14 20:51:18 28,728 ------w C:\windows\ServicePackFiles\i386\fpsrvadm.exe
+ 2008-04-14 20:51:18 36,920 ------w C:\WINDOWS\ServicePackFiles\i386\fpsrvadm.exe
- 2008-04-14 20:51:18 44,544 ------w C:\windows\ServicePackFiles\i386\ftp.exe
+ 2008-04-14 20:51:18 52,736 ------w C:\WINDOWS\ServicePackFiles\i386\ftp.exe
- 2008-04-14 20:51:18 142,848 ------w C:\windows\ServicePackFiles\i386\fxsclnt.exe
+ 2008-04-14 20:51:18 151,040 ------w C:\WINDOWS\ServicePackFiles\i386\fxsclnt.exe
- 2008-04-14 20:51:18 233,472 ------w C:\windows\ServicePackFiles\i386\fxscover.exe
+ 2008-04-14 20:51:18 241,664 ------w C:\WINDOWS\ServicePackFiles\i386\fxscover.exe
- 2008-04-14 20:51:18 268,288 ------w C:\windows\ServicePackFiles\i386\fxssvc.exe
+ 2008-04-14 20:51:18 276,480 ------w C:\WINDOWS\ServicePackFiles\i386\fxssvc.exe
- 2008-04-14 20:51:18 61,440 ------w C:\windows\ServicePackFiles\i386\getmac.exe
+ 2008-04-14 20:51:18 69,632 ------w C:\WINDOWS\ServicePackFiles\i386\getmac.exe
- 2008-04-14 20:51:18 123,904 ------w C:\windows\ServicePackFiles\i386\gprslt.exe
+ 2008-04-14 20:51:18 132,096 ------w C:\WINDOWS\ServicePackFiles\i386\gprslt.exe
- 2008-04-14 20:51:20 39,424 ------w C:\windows\ServicePackFiles\i386\grpconv.exe
+ 2008-04-14 20:51:20 47,616 ------w C:\WINDOWS\ServicePackFiles\i386\grpconv.exe
- 2008-04-14 20:51:20 15,872 ------w C:\windows\ServicePackFiles\i386\help.exe
+ 2008-04-14 20:51:20 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\help.exe
- 2008-04-14 20:51:20 769,024 ------w C:\windows\ServicePackFiles\i386\helpctr.exe
+ 2008-04-14 20:51:20 777,216 ------w C:\WINDOWS\ServicePackFiles\i386\helpctr.exe
- 2008-04-14 20:51:20 744,448 ------w C:\windows\ServicePackFiles\i386\helpsvc.exe
+ 2008-04-14 20:51:20 752,640 ------w C:\WINDOWS\ServicePackFiles\i386\helpsvc.exe
- 2008-04-14 20:51:20 10,752 ------w C:\windows\ServicePackFiles\i386\hh.exe
+ 2008-04-14 20:51:20 18,944 ------w C:\WINDOWS\ServicePackFiles\i386\hh.exe
- 2008-04-14 20:51:20 18,432 ------w C:\windows\ServicePackFiles\i386\hscupd.exe
+ 2008-04-14 20:51:20 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\hscupd.exe
- 2008-04-14 20:51:20 216,576 ------w C:\windows\ServicePackFiles\i386\icwconn1.exe
+ 2008-04-14 20:51:20 224,768 ------w C:\WINDOWS\ServicePackFiles\i386\icwconn1.exe
- 2008-04-14 20:51:20 86,016 ------w C:\windows\ServicePackFiles\i386\icwconn2.exe
+ 2008-04-14 20:51:20 94,208 ------w C:\WINDOWS\ServicePackFiles\i386\icwconn2.exe
- 2008-04-14 20:51:20 24,576 ------w C:\windows\ServicePackFiles\i386\icwrmind.exe
+ 2008-04-14 20:51:20 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\icwrmind.exe
- 2008-04-14 20:51:20 34,304 ------w C:\windows\ServicePackFiles\i386\ie4uinit.exe
+ 2008-04-14 20:51:20 42,496 ------w C:\WINDOWS\ServicePackFiles\i386\ie4uinit.exe
- 2008-04-14 20:51:20 18,432 ------w C:\windows\ServicePackFiles\i386\iedw.exe
+ 2008-04-14 20:51:20 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\iedw.exe
- 2007-12-17 15:28:36 8,192 ------w C:\windows\ServicePackFiles\i386\ieexec.exe
+ 2007-12-17 15:28:36 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\ieexec.exe
- 2008-04-14 20:51:20 93,184 ------w C:\windows\ServicePackFiles\i386\iexplore.exe
+ 2008-04-14 20:51:20 101,376 ------w C:\WINDOWS\ServicePackFiles\i386\iexplore.exe
- 2008-04-14 20:51:20 114,688 ------w C:\windows\ServicePackFiles\i386\iexpress.exe
+ 2008-04-14 20:51:20 122,880 ------w C:\WINDOWS\ServicePackFiles\i386\iexpress.exe
- 2008-04-14 20:51:20 31,232 ------w C:\windows\ServicePackFiles\i386\iisrstas.exe
+ 2008-04-14 20:51:20 39,424 ------w C:\WINDOWS\ServicePackFiles\i386\iisrstas.exe
- 2008-04-13 19:40:34 184,320 ------w C:\windows\ServicePackFiles\i386\ilasm.exe
+ 2008-04-13 19:40:34 192,512 ------w C:\WINDOWS\ServicePackFiles\i386\ilasm.exe
- 2008-04-14 20:51:20 150,528 ------w C:\windows\ServicePackFiles\i386\imapi.exe
+ 2008-04-14 20:51:20 158,720 ------w C:\WINDOWS\ServicePackFiles\i386\imapi.exe
- 2008-04-14 20:51:22 15,872 ------w C:\windows\ServicePackFiles\i386\inetin51.exe
+ 2008-04-14 20:51:22 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\inetin51.exe
- 2008-04-14 20:51:22 20,480 ------w C:\windows\ServicePackFiles\i386\inetwiz.exe
+ 2008-04-14 20:51:22 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\inetwiz.exe
- 2007-06-27 16:24:30 24,576 ------w C:\windows\ServicePackFiles\i386\installutil.exe
+ 2007-06-27 16:24:30 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\installutil.exe
- 2008-04-14 20:51:22 56,832 ------w C:\windows\ServicePackFiles\i386\ipconfig.exe
+ 2008-04-14 20:51:22 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\ipconfig.exe
- 2008-04-14 20:51:22 53,248 ------w C:\windows\ServicePackFiles\i386\ipv6.exe
+ 2008-04-14 20:51:22 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\ipv6.exe
- 2008-04-14 20:51:22 24,064 ------w C:\windows\ServicePackFiles\i386\ipxroute.exe
+ 2008-04-14 20:51:22 32,256 ------w C:\WINDOWS\ServicePackFiles\i386\ipxroute.exe
- 2008-04-14 20:51:22 152,064 ------w C:\windows\ServicePackFiles\i386\irftp.exe
+ 2008-04-14 20:51:22 160,256 ------w C:\WINDOWS\ServicePackFiles\i386\irftp.exe
- 2007-06-27 16:24:36 40,960 ------w C:\windows\ServicePackFiles\i386\jsc.exe
+ 2007-06-27 16:24:36 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\jsc.exe
- 2008-04-13 20:13:40 480,256 ------w C:\windows\ServicePackFiles\i386\lang\cintsetp.exe
+ 2008-04-13 20:13:40 488,448 ------w C:\WINDOWS\ServicePackFiles\i386\lang\cintsetp.exe
- 2008-04-13 20:13:34 57,399 ------w C:\windows\ServicePackFiles\i386\lang\cplexe.exe
+ 2008-04-13 20:13:34 65,591 ------w C:\WINDOWS\ServicePackFiles\i386\lang\cplexe.exe
- 2008-04-13 20:13:46 307,257 ------w C:\windows\ServicePackFiles\i386\lang\imjpdct.exe
+ 2008-04-13 20:13:46 315,449 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpdct.exe
- 2008-04-13 20:13:48 155,705 ------w C:\windows\ServicePackFiles\i386\lang\imjpdsvr.exe
+ 2008-04-13 20:13:48 163,897 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpdsvr.exe
- 2008-04-13 20:13:50 196,665 ------w C:\windows\ServicePackFiles\i386\lang\imjpinst.exe
+ 2008-04-13 20:13:50 213,381 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpinst.exe
- 2008-04-13 20:13:52 208,952 ------w C:\windows\ServicePackFiles\i386\lang\imjpmig.exe
+ 2008-04-13 20:13:52 217,144 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjpmig.exe
- 2008-04-13 20:14:00 233,527 ------w C:\windows\ServicePackFiles\i386\lang\imjprw.exe
+ 2008-04-13 20:14:00 241,719 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjprw.exe
- 2008-04-13 20:14:02 262,200 ------w C:\windows\ServicePackFiles\i386\lang\imjputy.exe
+ 2008-04-13 20:14:02 270,392 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imjputy.exe
- 2008-04-13 20:13:38 59,392 ------w C:\windows\ServicePackFiles\i386\lang\imscinst.exe
+ 2008-04-13 20:13:38 75,192 ------w C:\WINDOWS\ServicePackFiles\i386\lang\imscinst.exe
- 2008-04-13 20:13:38 70,144 ------w C:\windows\ServicePackFiles\i386\lang\pintlphr.exe
+ 2008-04-13 20:13:38 78,336 ------w C:\WINDOWS\ServicePackFiles\i386\lang\pintlphr.exe
- 2008-04-13 20:13:52 44,032 ------w C:\windows\ServicePackFiles\i386\lang\tintlphr.exe
+ 2008-04-13 20:13:52 52,224 ------w C:\WINDOWS\ServicePackFiles\i386\lang\tintlphr.exe
- 2008-04-13 20:13:54 455,168 ------w C:\windows\ServicePackFiles\i386\lang\tintsetp.exe
+ 2008-04-13 20:13:54 463,360 ------w C:\WINDOWS\ServicePackFiles\i386\lang\tintsetp.exe
- 2008-04-14 20:51:22 677,888 ------w C:\windows\ServicePackFiles\i386\lhmstsc.exe
+ 2008-04-14 20:51:22 686,080 ------w C:\WINDOWS\ServicePackFiles\i386\lhmstsc.exe
- 2008-04-14 20:51:24 75,264 ------w C:\windows\ServicePackFiles\i386\locator.exe
+ 2008-04-14 20:51:24 83,456 ------w C:\WINDOWS\ServicePackFiles\i386\locator.exe
- 2008-04-14 20:51:24 60,928 ------w C:\windows\ServicePackFiles\i386\logman.exe
+ 2008-04-14 20:51:24 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\logman.exe
- 2008-04-14 20:51:56 220,672 ------w C:\windows\ServicePackFiles\i386\logon.scr
+ 2008-04-14 20:51:56 228,864 ------w C:\WINDOWS\ServicePackFiles\i386\logon.scr
- 2008-04-14 20:51:24 515,072 ------w C:\windows\ServicePackFiles\i386\logonui.exe
+ 2008-04-14 20:51:24 523,264 ------w C:\WINDOWS\ServicePackFiles\i386\logonui.exe
- 2008-04-14 20:51:24 13,312 ------w C:\windows\ServicePackFiles\i386\lsass.exe
+ 2008-04-14 20:51:24 21,504 ------w C:\WINDOWS\ServicePackFiles\i386\lsass.exe
- 2008-04-14 20:51:24 73,216 ------w C:\windows\ServicePackFiles\i386\magnify.exe
+ 2008-04-14 20:51:24 81,408 ------w C:\WINDOWS\ServicePackFiles\i386\magnify.exe
- 2008-04-14 20:51:24 57,344 ------w C:\windows\ServicePackFiles\i386\makecab.exe
+ 2008-04-14 20:51:24 65,536 ------w C:\WINDOWS\ServicePackFiles\i386\makecab.exe
- 2008-04-14 20:51:24 104,448 ------w C:\windows\ServicePackFiles\i386\migload.exe
+ 2008-04-14 20:51:24 112,640 ------w C:\WINDOWS\ServicePackFiles\i386\migload.exe
- 2008-04-14 20:51:24 7,680 ------w C:\windows\ServicePackFiles\i386\migregdb.exe
+ 2008-04-14 20:51:24 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\migregdb.exe
- 2008-04-14 20:51:24 247,808 ------w C:\windows\ServicePackFiles\i386\migwiz.exe
+ 2008-04-14 20:51:24 256,000 ------w C:\WINDOWS\ServicePackFiles\i386\migwiz.exe
- 2008-04-14 20:51:24 241,152 ------w C:\windows\ServicePackFiles\i386\migwiza.exe
+ 2008-04-14 20:51:24 249,344 ------w C:\WINDOWS\ServicePackFiles\i386\migwiza.exe
- 2008-04-14 20:51:26 1,414,656 ------w C:\windows\ServicePackFiles\i386\mmc.exe
+ 2008-04-14 20:51:26 1,422,848 ------w C:\WINDOWS\ServicePackFiles\i386\mmc.exe
- 2008-04-14 20:51:26 33,792 ------w C:\windows\ServicePackFiles\i386\mmcperf.exe
+ 2008-04-14 20:51:26 41,984 ------w C:\WINDOWS\ServicePackFiles\i386\mmcperf.exe
- 2008-04-14 20:51:26 32,768 ------w C:\windows\ServicePackFiles\i386\mnmsrvc.exe
+ 2008-04-14 20:51:26 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\mnmsrvc.exe
- 2008-04-14 20:51:26 143,872 ------w C:\windows\ServicePackFiles\i386\mobsync.exe
+ 2008-04-14 20:51:26 152,064 ------w C:\WINDOWS\ServicePackFiles\i386\mobsync.exe
- 2008-04-14 20:51:26 17,408 ------w C:\windows\ServicePackFiles\i386\mofcomp.exe
+ 2008-04-14 20:51:26 25,600 ------w C:\WINDOWS\ServicePackFiles\i386\mofcomp.exe
- 2008-04-14 20:51:28 3,558,912 ------w C:\windows\ServicePackFiles\i386\moviemk.exe
+ 2008-04-14 20:51:28 3,567,104 ------w C:\WINDOWS\ServicePackFiles\i386\moviemk.exe
- 2008-04-14 20:51:30 124,928 ------w C:\windows\ServicePackFiles\i386\mplay32.exe
+ 2008-04-14 20:51:30 133,120 ------w C:\WINDOWS\ServicePackFiles\i386\mplay32.exe
- 2008-04-14 20:51:30 19,968 ------w C:\windows\ServicePackFiles\i386\mqbkup.exe
+ 2008-04-14 20:51:30 28,160 ------w C:\WINDOWS\ServicePackFiles\i386\mqbkup.exe
- 2008-04-14 20:51:30 4,608 ------w C:\windows\ServicePackFiles\i386\mqsvc.exe
+ 2008-04-14 20:51:30 12,800 ------w C:\WINDOWS\ServicePackFiles\i386\mqsvc.exe
- 2008-04-14 20:51:30 117,248 ------w C:\windows\ServicePackFiles\i386\mqtgsvc.exe
+ 2008-04-14 20:51:30 125,440 ------w C:\WINDOWS\ServicePackFiles\i386\mqtgsvc.exe
- 2008-04-14 20:51:30 171,520 ------w C:\windows\ServicePackFiles\i386\msconfig.exe
+ 2008-04-14 20:51:30 179,712 ------w C:\WINDOWS\ServicePackFiles\i386\msconfig.exe
- 2008-04-14 20:51:30 6,144 ------w C:\windows\ServicePackFiles\i386\msdtc.exe
+ 2008-04-14 20:51:30 14,336 ------w C:\WINDOWS\ServicePackFiles\i386\msdtc.exe
- 2008-04-14 20:51:30 29,184 ------w C:\windows\ServicePackFiles\i386\mshta.exe
+ 2008-04-14 20:51:30 37,376 ------w C:\WINDOWS\ServicePackFiles\i386\mshta.exe
- 2008-04-14 20:51:30 78,848 ------w C:\windows\ServicePackFiles\i386\msiexec.exe
+ 2008-04-14 20:51:30 87,040 ------w C:\WINDOWS\ServicePackFiles\i386\msiexec.exe
- 2008-04-14 20:51:30 60,928 ------w C:\windows\ServicePackFiles\i386\msimn.exe
+ 2008-04-14 20:51:30 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\msimn.exe
- 2008-04-14 20:51:30 40,960 ------w C:\windows\ServicePackFiles\i386\msiregmv.exe
+ 2008-04-14 20:51:30 49,152 ------w C:\WINDOWS\ServicePackFiles\i386\msiregmv.exe
- 2008-04-14 20:51:32 1,695,232 ------w C:\windows\ServicePackFiles\i386\msmsgs.exe
+ 2008-04-14 20:51:32 1,703,424 ------w C:\WINDOWS\ServicePackFiles\i386\msmsgs.exe
- 2008-04-14 20:51:32 29,184 ------w C:\windows\ServicePackFiles\i386\msoobe.exe
+ 2008-04-14 20:51:32 37,376 ------w C:\WINDOWS\ServicePackFiles\i386\msoobe.exe
- 2008-04-14 20:51:32 345,088 ------w C:\windows\ServicePackFiles\i386\mspaint.exe
+ 2008-04-14 20:51:32 353,280 ------w C:\WINDOWS\ServicePackFiles\i386\mspaint.exe
- 2008-04-14 20:51:32 12,288 ------w C:\windows\ServicePackFiles\i386\mstinit.exe
+ 2008-04-14 20:51:32 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\mstinit.exe
- 2008-04-14 20:51:32 119,808 ------w C:\windows\ServicePackFiles\i386\mtstocom.exe
+ 2008-04-14 20:51:32 128,000 ------w C:\WINDOWS\ServicePackFiles\i386\mtstocom.exe
- 2008-04-14 20:51:32 176,640 ------w C:\windows\ServicePackFiles\i386\napstat.exe
+ 2008-04-14 20:51:32 184,832 ------w C:\WINDOWS\ServicePackFiles\i386\napstat.exe
- 2008-04-14 20:51:32 55,296 ------w C:\windows\ServicePackFiles\i386\narrator.exe
+ 2008-04-14 20:51:32 63,488 ------w C:\WINDOWS\ServicePackFiles\i386\narrator.exe
- 2008-04-14 20:51:32 4,096 ------w C:\windows\ServicePackFiles\i386\nddeapir.exe
+ 2008-04-14 20:51:32 12,288 ------w C:\WINDOWS\ServicePackFiles\i386\nddeapir.exe
- 2008-04-14 20:51:32 42,496 ------w C:\windows\ServicePackFiles\i386\net.exe
+ 2008-04-14 20:51:32 50,688 ------w C:\WINDOWS\ServicePackFiles\i386\net.exe
- 2008-04-14 20:51:32 124,928 ------w C:\windows\ServicePackFiles\i386\net1.exe
+ 2008-04-14 20:51:32 133,120 ------w C:\WINDOWS\ServicePackFiles\i386\net1.exe
- 2008-04-14 20:51:32 114,688 ------w C:\windows\ServicePackFiles\i386\netdde.exe
+ 2008-04-14 20:51:32 122,880 ------w C:\WINDOWS\ServicePackFiles\i386\netdde.exe
- 2008-04-14 20:56:18 332,288 ------w C:\windows\ServicePackFiles\i386\netsetup.exe
+ 2008-04-14 20:56:18 344,064 ------w C:\WINDOWS\ServicePackFiles\i386\netsetup.exe
- 2008-04-14 20:51:32 87,040 ------w C:\windows\ServicePackFiles\i386\netsh.exe
+ 2008-04-14 20:51:32 95,232 ------w C:\WINDOWS\ServicePackFiles\i386\netsh.exe
- 2008-04-14 20:51:32 38,400 ------w C:\windows\ServicePackFiles\i386\netstat.exe
+ 2008-04-14 20:51:32 46,592 ------w C:\WINDOWS\ServicePackFiles\i386\netstat.exe
- 2008-04-13 19:41:08 147,456 ------w C:\windows\ServicePackFiles\i386\ngen.exe
+ 2008-04-13 19:41:08 155,648 ------w C:\WINDOWS\ServicePackFiles\i386\ngen.exe
- 2008-04-14 20:51:32 70,144 ------w C:\windows\ServicePackFiles\i386\notepad.exe
+ 2008-04-14 20:51:32 78,336 ------w C:\WINDOWS\ServicePackFiles\i386\notepad.exe
- 2008-04-14 20:51:34 15,360 ------w C:\windows\ServicePackFiles\i386\nppagent.exe
+ 2008-04-14 20:51:34 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\nppagent.exe
- 2008-04-14 20:51:34 79,872 ------w C:\windows\ServicePackFiles\i386\nslookup.exe
+ 2008-04-14 20:51:34 88,064 ------w C:\WINDOWS\ServicePackFiles\i386\nslookup.exe
- 2008-04-14 20:51:34 1,222,144 ------w C:\windows\ServicePackFiles\i386\ntbackup.exe
+ 2008-04-14 20:51:34 1,230,336 ------w C:\WINDOWS\ServicePackFiles\i386\ntbackup.exe
- 2008-04-14 20:51:36 421,376 ------w C:\windows\ServicePackFiles\i386\ntvdm.exe
+ 2008-04-14 20:51:36 429,568 ------w C:\WINDOWS\ServicePackFiles\i386\ntvdm.exe
- 2008-04-14 20:51:36 32,768 ------w C:\windows\ServicePackFiles\i386\odbcad32.exe
+ 2008-04-14 20:51:36 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\odbcad32.exe
- 2008-04-14 20:51:36 69,632 ------w C:\windows\ServicePackFiles\i386\odbcconf.exe
+ 2008-04-14 20:51:36 77,824 ------w C:\WINDOWS\ServicePackFiles\i386\odbcconf.exe
- 2008-04-14 20:51:36 60,928 ------w C:\windows\ServicePackFiles\i386\oemig50.exe
+ 2008-04-14 20:51:36 69,120 ------w C:\WINDOWS\ServicePackFiles\i386\oemig50.exe
- 2008-04-14 20:51:36 51,712 ------w C:\windows\ServicePackFiles\i386\oobebaln.exe
+ 2008-04-14 20:51:36 59,904 ------w C:\WINDOWS\ServicePackFiles\i386\oobebaln.exe
- 2008-04-14 20:51:36 70,144 ------w C:\windows\ServicePackFiles\i386\opnfiles.exe
+ 2008-04-14 20:51:36 78,336 ------w C:\WINDOWS\ServicePackFiles\i386\opnfiles.exe
- 2008-04-14 20:51:36 216,064 ------w C:\windows\ServicePackFiles\i386\osk.exe
+ 2008-04-14 20:51:36 224,256 ------w C:\WINDOWS\ServicePackFiles\i386\osk.exe
- 2008-04-14 20:51:36 59,392 ------w C:\windows\ServicePackFiles\i386\packager.exe
+ 2008-04-14 20:51:36 67,584 ------w C:\WINDOWS\ServicePackFiles\i386\packager.exe
- 2008-04-14 20:51:36 15,872 ------w C:\windows\ServicePackFiles\i386\perfmon.exe
+ 2008-04-14 20:51:36 24,064 ------w C:\WINDOWS\ServicePackFiles\i386\perfmon.exe
- 2008-04-14 20:51:36 283,136 ------w C:\windows\ServicePackFiles\i386\pinball.exe
+ 2008-04-14 20:51:36 291,328 ------w C:\WINDOWS\ServicePackFiles\i386\pinball.exe
- 2008-04-14 20:51:36 18,944 ------w C:\windows\ServicePackFiles\i386\ping.exe
+ 2008-04-14 20:51:36 27,136 ------w C:\WINDOWS\ServicePackFiles\i386\ping.exe
- 2008-04-14 20:51:36 49,152 ------w C:\windows\ServicePackFiles\i386\powercfg.exe
+ 2008-04-14 20:51:36 57,344 ------w C:\WINDOWS\ServicePackFiles\i386\powercfg.exe
- 2008-04-14 20:51:36 109,568 ------w C:\windows\ServicePackFiles\i386\progman.exe
+ 2008-04-14 20:51:36 117,760 ------w C:\WINDOWS\ServicePackFiles\i386\progman.exe
- 2008-04-14 20:51:36 50,688 ------w C:\windows\ServicePackFiles\i386\proquota.exe
+ 2008-04-14 20:51:36 58,880 ------w C:\WINDOWS\ServicePackFiles\i386\proquota.exe
- 2008-04-14 20:51:36 9,728 ------w C:\windows\ServicePackFiles\i386\proxycfg.exe
+ 2008-04-14 20:51:36 17,920 ------w C:\WINDOWS\ServicePackFiles\i386\proxycfg.exe
- 2008-04-14 20:51:36 20,992 ------w C:\windows\ServicePackFiles\i386\qprocess.exe
+ 2008-04-14 20:51:36 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\qprocess.exe
- 2008-04-14 20:51:36 56,832 ------w C:\windows\ServicePackFiles\i386\rasphone.exe
+ 2008-04-14 20:51:36 65,024 ------w C:\WINDOWS\ServicePackFiles\i386\rasphone.exe
- 2008-04-14 20:51:36 35,840 ------w C:\windows\ServicePackFiles\i386\rcimlby.exe
+ 2008-04-14 20:51:36 44,032 ------w C:\WINDOWS\ServicePackFiles\i386\rcimlby.exe
- 2008-04-14 20:51:36 22,016 ------w C:\windows\ServicePackFiles\i386\rcp.exe
+ 2008-04-14 20:51:36 30,208 ------w C:\WINDOWS\ServicePackFiles\i386\rcp.exe
- 2008-04-14 20:51:36 62,976 ------w C:\windows\ServicePackFiles\i386\rdpclip.exe
+ 2008-04-14 20:51:36 71,168 ------w C:\WINDOWS\ServicePackFiles\i386\rdpclip.exe
- 2008-04-14 20:51:36 13,824 ------w C:\windows\ServicePackFiles\i386\rdsaddin.exe
+ 2008-04-14 20:51:36 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\rdsaddin.exe
- 2008-04-14 20:51:38 67,072 ------w C:\windows\ServicePackFiles\i386\rdshost.exe
+ 2008-04-14 20:51:38 75,264 ------w C:\WINDOWS\ServicePackFiles\i386\rdshost.exe
- 2008-04-14 20:51:38 53,248 ------w C:\windows\ServicePackFiles\i386\reg.exe
+ 2008-04-14 20:51:38 61,440 ------w C:\WINDOWS\ServicePackFiles\i386\reg.exe
- 2007-06-27 16:27:34 28,672 ------w C:\windows\ServicePackFiles\i386\regasm.exe
+ 2007-06-27 16:27:34 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\regasm.exe
- 2008-04-14 20:51:38 149,504 ------w C:\windows\ServicePackFiles\i386\regedit.exe
+ 2008-04-14 20:51:38 157,696 ------w C:\WINDOWS\ServicePackFiles\i386\regedit.exe
- 2007-06-27 16:27:42 11,264 ------w C:\windows\ServicePackFiles\i386\regsvcs.exe
+ 2007-06-27 16:27:42 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\regsvcs.exe
- 2008-04-14 20:51:38 12,288 ------w C:\windows\ServicePackFiles\i386\regsvr32.exe
+ 2008-04-14 20:51:38 20,480 ------w C:\WINDOWS\ServicePackFiles\i386\regsvr32.exe
- 2008-04-14 20:51:38 14,336 ------w C:\windows\ServicePackFiles\i386\rexec.exe
+ 2008-04-14 20:51:38 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\rexec.exe
- 2008-04-14 20:51:38 15,360 ------w C:\windows\ServicePackFiles\i386\rsh.exe
+ 2008-04-14 20:51:38 23,552 ------w C:\WINDOWS\ServicePackFiles\i386\rsh.exe
- 2008-04-14 20:51:38 107,520 ------w C:\windows\ServicePackFiles\i386\rsnotify.exe
+ 2008-04-14 20:51:38 115,712 ------w C:\WINDOWS\ServicePackFiles\i386\rsnotify.exe
- 2008-04-14 20:51:38 382,976 ------w C:\windows\ServicePackFiles\i386\rstrui.exe
+ 2008-04-14 20:51:38 391,168 ------w C:\WINDOWS\ServicePackFiles\i386\rstrui.exe
- 2008-04-14 20:51:38 77,824 ------w C:\windows\ServicePackFiles\i386\rtcshare.exe
+ 2008-04-14 20:51:38 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\rtcshare.exe
- 2008-04-14 20:51:40 33,280 ------w C:\windows\ServicePackFiles\i386\rundll32.exe
+ 2008-04-14 20:51:40 41,472 ------w C:\WINDOWS\ServicePackFiles\i386\rundll32.exe
- 2008-04-14 20:51:40 14,336 ------w C:\windows\ServicePackFiles\i386\runonce.exe
+ 2008-04-14 20:51:40 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\runonce.exe
- 2008-04-14 20:51:40 13,824 ------w C:\windows\ServicePackFiles\i386\savedump.exe
+ 2008-04-14 20:51:40 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\savedump.exe
- 2008-04-14 20:51:40 98,304 ------w C:\windows\ServicePackFiles\i386\scardsvr.exe
+ 2008-04-14 20:51:40 106,496 ------w C:\WINDOWS\ServicePackFiles\i386\scardsvr.exe
- 2008-04-14 20:51:40 36,352 ------w C:\windows\ServicePackFiles\i386\scrcons.exe
+ 2008-04-14 20:51:40 44,544 ------w C:\WINDOWS\ServicePackFiles\i386\scrcons.exe
- 2008-04-14 20:51:56 9,216 ------w C:\windows\ServicePackFiles\i386\scrnsave.scr
+ 2008-04-14 20:51:56 17,408 ------w C:\WINDOWS\ServicePackFiles\i386\scrnsave.scr
- 2008-04-14 20:51:40 128,000 ------w C:\windows\ServicePackFiles\i386\sctasks.exe
+ 2008-04-14 20:51:40 136,192 ------w C:\WINDOWS\ServicePackFiles\i386\sctasks.exe
- 2008-04-14 20:51:40 77,824 ------w C:\windows\ServicePackFiles\i386\sdbinst.exe
+ 2008-04-14 20:51:40 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\sdbinst.exe
- 2008-04-14 20:51:40 19,456 ------w C:\windows\ServicePackFiles\i386\secedit.exe
+ 2008-04-14 20:51:40 27,648 ------w C:\WINDOWS\ServicePackFiles\i386\secedit.exe
- 2008-04-14 20:51:40 109,056 ------w C:\windows\ServicePackFiles\i386\services.exe
+ 2008-04-14 20:51:40 117,248 ------w C:\WINDOWS\ServicePackFiles\i386\services.exe
- 2008-04-14 20:51:40 142,336 ------w C:\windows\ServicePackFiles\i386\sessmgr.exe
+ 2008-04-14 20:51:40 150,528 ------w C:\WINDOWS\ServicePackFiles\i386\sessmgr.exe
- 2008-04-14 20:51:40 32,768 ------w C:\windows\ServicePackFiles\i386\sethc.exe
+ 2008-04-14 20:51:40 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\sethc.exe
- 2008-04-14 20:51:40 23,040 ------w C:\windows\ServicePackFiles\i386\setup.exe
+ 2008-04-14 20:51:40 31,232 ------w C:\WINDOWS\ServicePackFiles\i386\setup.exe
- 2008-04-14 20:51:42 73,728 ------w C:\windows\ServicePackFiles\i386\setup50.exe
+ 2008-04-14 20:51:42 81,920 ------w C:\WINDOWS\ServicePackFiles\i386\setup50.exe
- 2008-04-14 20:51:42 32,768 ------w C:\windows\ServicePackFiles\i386\setupn.exe
+ 2008-04-14 20:51:42 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\setupn.exe
- 2008-04-14 20:51:42 45,056 ------w C:\windows\ServicePackFiles\i386\shmgrate.exe
+ 2008-04-14 20:51:42 53,248 ------w C:\WINDOWS\ServicePackFiles\i386\shmgrate.exe
- 2008-04-14 20:51:42 78,336 ------w C:\windows\ServicePackFiles\i386\shrpubw.exe
+ 2008-04-14 20:51:42 86,528 ------w C:\WINDOWS\ServicePackFiles\i386\shrpubw.exe
- 2008-04-14 20:51:42 16,437 ------w C:\windows\ServicePackFiles\i386\shtml.exe
+ 2008-04-14 20:51:42 24,629 ------w C:\WINDOWS\ServicePackFiles\i386\shtml.exe
- 2008-04-14 20:51:42 20,480 ------w C:\windows\ServicePackFiles\i386\shutdown.exe
+ 2008-04-14 20:51:42 28,672 ------w C:\WINDOWS\ServicePackFiles\i386\shutdown.exe
- 2008-04-14 20:51:42 70,656 ------w C:\windows\ServicePackFiles\i386\sigverif.exe
+ 2008-04-14 20:51:42 78,848 ------w C:\WINDOWS\ServicePackFiles\i386\sigverif.exe
- 2008-04-14 20:51:42 26,112 ------w C:\windows\ServicePackFiles\i386\skeys.exe
+ 2008-04-14 20:51:42 34,304 ------w C:\WINDOWS\ServicePackFiles\i386\skeys.exe
- 2008-04-14 20:51:42 32,866 ------w C:\windows\ServicePackFiles\i386\slrundll.exe
+ 2008-04-14 20:51:42 41,058 ------w C:\WINDOWS\ServicePackFiles\i386\slrundll.exe
- 2008-04-14 20:51:42 73,796 ------w C:\windows\ServicePackFiles\i386\slserv.exe
+ 2008-04-14 20:51:42 81,988 ------w C:\WINDOWS\ServicePackFiles\i386\slserv.exe
- 2008-04-14 20:51:42 8,192 ------w C:\windows\ServicePackFiles\i386\smbinst.exe
+ 2008-04-14 20:51:42 16,384 ------w C:\WINDOWS\ServicePackFiles\i386\smbinst.exe
- 2008-04-14 20:51:42 236,544 ------w C:\windows\ServicePackFiles\i386\smi2smir.exe
+ 2008-04-14 20:51:42 244,736 ------w C:\WINDOWS\ServicePackFiles\i386\smi2smir.exe
- 2008-04-14 20:51:44 91,136 ------w C:\windows\ServicePackFiles\i386\smlogsvc.exe
+ 2008-04-14 20:51:44 99,328 ------w C:\WINDOWS\ServicePackFiles\i386\smlogsvc.exe
- 2008-04-14 20:51:44 132,608 ------w C:\windows\ServicePackFiles\i386\sndrec32.exe
+ 2008-04-14 20:51:44 140,800 ------w C:\WINDOWS\ServicePackFiles\i386\sndrec32.exe
- 2008-04-14 20:51:44 32,768 ------w C:\windows\ServicePackFiles\i386\snmp.exe
+ 2008-04-14 20:51:44 40,960 ------w C:\WINDOWS\ServicePackFiles\i386\snmp.exe
- 2008-04-14 20:51:44 8,704 ------w C:\windows\ServicePackFiles\i386\snmptrap.exe
+ 2008-04-14 20:51:44 16,896 ------w C:\WINDOWS\ServicePackFiles\i386\snmptrap.exe
- 2008-04-14 20:51:44 24,576 ------w C:\windows\ServicePackFiles\i386\sort.exe
+ 2008-04-14 20:51:44 32,768 ------w C:\WINDOWS\ServicePackFiles\i386\sort.exe
- 2008-04-14 20:51:44 7,680 ------w C:\windows\ServicePackFiles\i386\spdwnwxp.exe
+ 2008-04-14 20:51:44 15,872 ------w C:\WINDOWS\ServicePackFiles\i386\spdwnwxp.exe
- 2008-04-14 20:51:44 538,624 ------w C:\windows\ServicePackFiles\i386\spider.exe
+ 2008-04-14 20:51:44 546,816 ------w C:\WINDOWS\ServicePackFiles\i386\spider.exe
- 2008-04-13 22:13:32 12,800 ------w C:\windows\ServicePackFiles\i386\spiisupd.exe
+ 2008-04-13 22:13:32 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\spiisupd.exe
- 2008-04-14 20:51:44 11,264 ------w C:\windows\ServicePackFiles\i386\spnpinst.exe
+ 2008-04-14 20:51:44 19,456 ------w C:\WINDOWS\ServicePackFiles\i386\spnpinst.exe
- 2008-04-14 20:51:44 20,992 ------w C:\windows\ServicePackFiles\i386\spupdwxp.exe
+ 2008-04-14 20:51:44 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\spupdwxp.exe
- 2008-04-14 20:51:56 708,608 ------w C:\windows\ServicePackFiles\i386\ss3dfo.scr
+ 2008-04-14 20:51:56 716,800 ------w C:\WINDOWS\ServicePackFiles\i386\ss3dfo.scr
- 2008-04-14 20:51:56 19,968 ------w C:\windows\ServicePackFiles\i386\ssbezier.scr
+ 2008-04-14 20:51:56 28,160 ------w C:\WINDOWS\ServicePackFiles\i386\ssbezier.scr
- 2008-04-14 20:51:56 393,216 ------w C:\windows\ServicePackFiles\i386\ssflwbox.scr
+ 2008-04-14 20:51:56 401,408 ------w C:\WINDOWS\ServicePackFiles\i386\ssflwbox.scr
- 2008-04-14 20:51:56 20,992 ------w C:\windows\ServicePackFiles\i386\ssmarque.scr
+ 2008-04-14 20:51:56 29,184 ------w C:\WINDOWS\ServicePackFiles\i386\ssmarque.scr
- 2008-04-14 20:51:56 47,104 ------w C:\windows\ServicePackFiles\i386\ssmypics.scr
+ 2008-04-14 20:51:56 55,296 ------w C:\WINDOWS\ServicePackFiles\i386\ssmypics.scr
- 2008-04-14 20:51:56 18,944 ------w C:\windows\ServicePackFiles\i386\ssmyst.scr
+ 2008-04-14 20:51:56 27,136 ------w C:\WINDOWS\ServicePackFiles\i386\ssmyst.scr
- 2008-04-14 20:51:56 610,304 ------w C:\windows\ServicePackFiles\i386\sspipes.scr
+ 2008-04-14 20:51:56 618,496 ------w C:\WINDOWS\ServicePackFiles\i386\sspipes.scr
- 2008-04-14 20:51:56 14,336 ------w C:\windows\ServicePackFiles\i386\ssstars.scr
+ 2008-04-14 20:51:56 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\ssstars.scr
- 2008-04-14 20:51:58 679,936 ------w C:\windows\ServicePackFiles\i386\sstext3d.scr
+ 2008-04-14 20:51:58 688,128 ------w C:\WINDOWS\ServicePackFiles\i386\sstext3d.scr
- 2008-04-14 20:51:44 14,848 ------w C:\windows\ServicePackFiles\i386\stimon.exe
+ 2008-04-14 20:51:44 23,040 ------w C:\WINDOWS\ServicePackFiles\i386\stimon.exe
- 2008-04-14 20:51:44 16,449 ------w C:\windows\ServicePackFiles\i386\stub_fpsrvadm.exe
+ 2008-04-14 20:51:44 24,641 ------w C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvadm.exe
- 2008-04-14 20:51:44 65,601 ------w C:\windows\ServicePackFiles\i386\stub_fpsrvwin.exe
+ 2008-04-14 20:51:44 73,793 ------w C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvwin.exe
- 2008-04-14 20:51:44 14,336 ------w C:\windows\ServicePackFiles\i386\svchost.exe
+ 2008-04-14 20:51:44 22,528 ------w C:\WINDOWS\ServicePackFiles\i386\svchost.exe
- 2008-04-14 20:51:44 73,728 ------w C:\windows\ServicePackFiles\i386\sysinfo.exe
+ 2008-04-14 20:51:44 81,920 ------w C:\WINDOWS\ServicePackFiles\i386\sysinfo.exe
- 2008-04-14 20:51:44 107,008 ------w C:\windows\ServicePackFiles\i386\sysocmgr.exe
+ 2008-04-14 20:51:44 115,200 ------w C:\WINDOWS\ServicePackFiles\i386\sysocmgr.exe
- 2008-04-14 20:51:46 78,848 ------w C:\windows\ServicePackFiles\i386\taskkill.exe
+ 2008-04-14 20:51:46 87,040 ------w C:\WINDOWS\ServicePackFiles\i386\taskkill.exe
- 2008-04-14 20:51:46 79,360 ------w C:\windows\ServicePackFiles\i386\tasklist.exe
+ 2008-04-14 20:51:46 87,552 ------w C:\WINDOWS\ServicePackFiles\i386\tasklist.exe
- 2008-04-14 20:51:46 139,776 ------w C:\windows\ServicePackFiles\i386\taskmgr.exe
+ 2008-04-14 20:51:46 147,968 ------w C:\WINDOWS\ServicePackFiles\i386\taskmgr.exe
- 2008-04-14 20:51:46 32,827 ------w C:\windows\ServicePackFiles\i386\tcptest.exe
+ 2008-04-14 20:51:46 41,019 ------w C:\WINDOWS\ServicePackFiles\i386\tcptest.exe
- 2008-04-14 20:51:46 77,824 ------w C:\windows\ServicePackFiles\i386\telnet.exe
+ 2008-04-14 20:51:46 86,016 ------w C:\WINDOWS\ServicePackFiles\i386\telnet.exe
- 2008-04-14 20:51:46 63,488 ------w C:\windows\ServicePackFiles\i386\tlntadmn.exe
+ 2008-04-14 20:51:46 71,680 ------w C:\WINDOWS\ServicePackFiles\i386\tlntadmn.exe
- 2008-04-14 20:51:46 80,384 ------w C:\windows\ServicePackFiles\i386\tlntsess.exe
+ 2008-04-14 20:51:46 88,576 ------w C:\WINDOWS\ServicePackFiles\i386\tlntsess.exe
- 2008-04-14 20:51:46 75,264 ------w C:\windows\ServicePackFiles\i386\tlntsvr.exe
+ 2008-04-14 20:51:46 83,456 ------w C:\WINDOWS\ServicePackFiles\i386\tlntsvr.exe
- 2008-04-14 20:51:46 347,136 ------w C:\windows\ServicePackFiles\i386\tourstrt.exe
+ 2008-04-14 20:51:46 355,328 ------w C:\WINDOWS\ServicePackFiles\i386\tourstrt.exe
- 2008-04-14 20:51:46 82,944 ------w C:\windows\ServicePackFiles\i386\tp4mon.exe
+ 2008-04-14 20:51:46 91,136 ------w C:\WINDOWS\ServicePackFiles\i386\tp4mon.exe
- 2008-04-14 20:51:46 260,096 ------w C:\windows\ServicePackFiles\i386\tracerpt.exe
+ 2008-04-14 20:51:46 268,288 ------w C:\WINDOWS\ServicePackFiles\i386\tracerpt.exe
- 2008-04-14 20:51:46 12,800 ------w C:\windows\ServicePackFiles\i386\tracert.exe
+ 2008-04-14 20:51:46 20,992 ------w C:\WINDOWS\ServicePackFiles\i386\tracert.exe
- 2008-04-14 20:51:46 60,416 ------w C:\windows\ServicePackFiles\i386\tzchange.exe
+ 2008-04-14 20:51:46 68,608 ------w C:\WINDOWS\ServicePackFiles\i386\tzchange.exe
- 2008-04-14 20:51:46 151,040 ------w C:\windows\ServicePackFiles\i386\uploadm.exe
+ 2008-04-14 20:51:46 159,232 ------w C:\WINDOWS\ServicePackFiles\i386\uploadm.exe
- 2008-04-14 20:51:46 16,896 ------w C:\windows\ServicePackFiles\i386\upnpcont.exe
+ 2008-04-14 20:51:46 25,088 ------w C:\WINDOWS\ServicePackFiles\i386\upnpcont.exe
- 2008-04-14 20:51:46 18,432 ------w C:\windows\ServicePackFiles\i386\ups.exe
+ 2008-04-14 20:51:46 26,624 ------w C:\WINDOWS\ServicePackFiles\i386\ups.exe
- 2008-04-14 20:51:48 50,176 ------w C:\windows\ServicePackFiles\i386\utilman.exe
+ 2008-04-14 20:51:48 58,368 ------w C:\WINDOWS\ServicePackFiles\i386\utilman.exe
- 2007-06-27 16:30:00 716,800 ------w C:\windows\ServicePackFiles\i386\vbc.exe
+ 2007-06-27 16:30:00 724,992 ------w C:\WINDOWS\ServicePackFiles\i386\vbc.exe
- 2008-04-14 20:51:48 28,672 ------w C:\windows\ServicePackFiles\i386\verclsid.exe
+ 2008-04-14 20:51:48 36,864 ------w C:\WINDOWS\ServicePackFiles\i386\verclsid.exe
- 2008-04-14 20:51:48 291,840 ------w C:\windows\ServicePackFiles\i386\vssvc.exe
+ 2008-04-14 20:51:48 300,032 ------w C:\WINDOWS\ServicePackFiles\i386\vssvc.exe
- 2008-04-14 20:51:48 46,080 ------w C:\windows\ServicePackFiles\i386\wab.exe
+ 2008-04-14 20:51:48 54,272 ------w C:\WINDOWS\ServicePackFiles\i386\wab.exe
- 2008-04-14 20:51:48 30,208 ------w C:\windows\ServicePackFiles\i386\wabmig.exe
+ 2008-04-14 20:51:48 38,400 ------w C:\WINDOWS\ServicePackFiles\i386\wabmig.exe
- 2008-04-14 20:51:48 118,272 ------w C:\windows\ServicePackFiles\i386\wbemtest.exe
+ 2008-04-14 20:51:48 126,464 ------w C:\WINDOWS\ServicePackFiles\i386\wbemtest.exe
- 2008-04-14 20:51:48 66,048 ------w C:\windows\ServicePackFiles\i386\wextract.exe
+ 2008-04-14 20:51:48 74,240 ------w C:\WINDOWS\ServicePackFiles\i386\wextract.exe
- 2008-04-14 20:51:48 435,712 ------w C:\windows\ServicePackFiles\i386\wiaacmgr.exe
+ 2008-04-14 20:51:48 443,904 ------w C:\WINDOWS\ServicePackFiles\i386\wiaacmgr.exe
- 2008-04-14 20:51:50 285,696 ------w C:\windows\ServicePackFiles\i386\winhlp32.exe
+ 2008-04-14 20:51:50 293,888 ------w C:\WINDOWS\ServicePackFiles\i386\winhlp32.exe
- 2008-04-14 20:51:50 510,464 ------w C:\windows\ServicePackFiles\i386\winlogon.exe
+ 2008-04-14 20:51:50 518,656 ------w C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
- 2008-04-14 20:51:50 5,632 ------w C:\windows\ServicePackFiles\i386\winver.exe
+ 2008-04-14 20:51:50 13,824 ------w C:\WINDOWS\ServicePackFiles\i386\winver.exe
- 2008-04-14 20:51:50 196,608 ------w C:\windows\ServicePackFiles\i386\wmiadap.exe
+ 2008-04-14 20:51:50 204,800 ------w C:\WINDOWS\ServicePackFiles\i386\wmiadap.exe
- 2008-04-14 20:51:50 126,464 ------w C:\windows\ServicePackFiles\i386\wmiapsrv.exe
+ 2008-04-14 20:51:50 134,656 ------w C:\WINDOWS\ServicePackFiles\i386\wmiapsrv.exe
- 2008-04-14 20:51:52 367,104 ------w C:\windows\ServicePackFiles\i386\wmic.exe
+ 2008-04-14 20:51:52 375,296 ------w C:\WINDOWS\ServicePackFiles\i386\wmic.exe
- 2008-04-14 20:51:52 218,112 ------w C:\windows\ServicePackFiles\i386\wmiprvse.exe
+ 2008-04-14 20:51:52 226,304 ------w C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe
- 2008-04-14 20:51:52 217,088 ------w C:\windows\ServicePackFiles\i386\wordpad.exe
+ 2008-04-14 20:51:52 225,280 ------w C:\WINDOWS\ServicePackFiles\i386\wordpad.exe
- 2008-04-14 20:51:52 32,256 ------w C:\windows\ServicePackFiles\i386\wpabaln.exe
+ 2008-04-14 20:51:52 40,448 ------w C:\WINDOWS\ServicePackFiles\i386\wpabaln.exe
- 2008-04-14 20:51:52 11,776 ------w C:\windows\ServicePackFiles\i386\wpnpinst.exe
+ 2008-04-14 20:51:52 19,968 ------w C:\WINDOWS\ServicePackFiles\i386\wpnpinst.exe
- 2008-04-14 20:51:52 13,824 ------w C:\windows\ServicePackFiles\i386\wscntfy.exe
+ 2008-04-14 20:51:52 22,016 ------w C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe
- 2008-04-14 20:51:52 155,648 ------w C:\windows\ServicePackFiles\i386\wscript.exe
+ 2008-04-14 20:51:52 163,840 ------w C:\WINDOWS\ServicePackFiles\i386\wscript.exe
- 2008-04-14 20:51:52 168,960 ------w C:\windows\ServicePackFiles\i386\wuauclt1.exe
+ 2008-04-14 20:51:52 177,152 ------w C:\WINDOWS\ServicePackFiles\i386\wuauclt1.exe
- 2008-04-14 20:51:52 30,720 ------w C:\windows\ServicePackFiles\i386\xcopy.exe
+ 2008-04-14 20:51:52 38,912 ------w C:\WINDOWS\ServicePackFiles\i386\xcopy.exe
- 2008-04-13 22:23:34 558,080 ------w C:\windows\ServicePackFiles\i386\xpnetdg.exe
+ 2008-04-13 22:23:34 566,272 ------w C:\WINDOWS\ServicePackFiles\i386\xpnetdg.exe
- 2008-04-14 20:51:32 1,695,232 ------w C:\windows\ServicePackFiles\ServicePackCache\i386\msmsgs.exe
+ 2008-04-14 20:51:32 1,703,424 ------w C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msmsgs.exe
- 2008-04-14 20:51:42 32,866 ------w C:\windows\slrundll.exe
+ 2008-04-14 20:51:42 41,058 ------w C:\WINDOWS\slrundll.exe
- 2003-11-27 15:52:00 1,454,080 ----a-w C:\windows\system\SmWizard.exe
+ 2003-11-27 15:52:00 1,462,272 ----a-w C:\WINDOWS\system\SmWizard.exe
- 2008-04-14 20:51:04 188,416 ----a-w C:\windows\system32\accwiz.exe
+ 2008-04-14 20:51:04 196,608 ----a-w C:\WINDOWS\system32\accwiz.exe
- 2008-04-14 20:51:04 4,096 ----a-w C:\windows\system32\actmovie.exe
+ 2008-04-14 20:51:04 12,288 ----a-w C:\WINDOWS\system32\actmovie.exe
- 2008-08-06 14:24:56 114,688 ----a-w C:\windows\system32\Adobe\Shockwave 11\SwInit.exe
+ 2008-08-06 14:24:56 122,880 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe
- 1999-06-25 08:55:30 149,504 ----a-w C:\windows\system32\Adobe\Shockwave 11\UNWISE.EXE
+ 1999-06-25 08:55:30 157,696 ----a-w C:\WINDOWS\system32\Adobe\Shockwave 11\UNWISE.EXE
- 2008-04-14 20:51:04 98,304 ----a-w C:\windows\system32\ahui.exe
+ 2008-04-14 20:51:04 106,496 ----a-w C:\WINDOWS\system32\ahui.exe
- 2001-10-26 19:29:46 19,968 ----a-w C:\windows\system32\arp.exe
+ 2001-10-26 19:29:46 28,160 ----a-w C:\WINDOWS\system32\arp.exe
- 2008-04-14 20:51:04 30,208 ----a-w C:\windows\system32\asr_fmt.exe
+ 2008-04-14 20:51:04 38,400 ----a-w C:\WINDOWS\system32\asr_fmt.exe
- 2001-10-26 19:29:46 33,792 ----a-w C:\windows\system32\asr_ldm.exe
+ 2001-10-26 19:29:46 41,984 ----a-w C:\WINDOWS\system32\asr_ldm.exe
- 2008-04-14 20:51:04 32,768 ----a-w C:\windows\system32\asr_pfu.exe
+ 2008-04-14 20:51:04 40,960 ----a-w C:\WINDOWS\system32\asr_pfu.exe
- 2008-04-14 20:51:04 25,600 ----a-w C:\windows\system32\at.exe
+ 2008-04-14 20:51:04 33,792 ----a-w C:\WINDOWS\system32\at.exe
- 2008-04-14 20:51:04 11,264 ----a-w C:\windows\system32\atmadm.exe
+ 2008-04-14 20:51:04 19,456 ----a-w C:\WINDOWS\system32\atmadm.exe
- 2008-04-14 20:51:04 14,336 ----a-w C:\windows\system32\auditusr.exe
+ 2008-04-14 20:51:04 22,528 ----a-w C:\WINDOWS\system32\auditusr.exe
- 2008-04-14 20:51:08 71,680 ----a-w C:\windows\system32\blastcln.exe
+ 2008-04-14 20:51:08 79,872 ----a-w C:\WINDOWS\system32\blastcln.exe
- 2008-04-14 20:51:08 154,624 ----a-w C:\windows\system32\bootcfg.exe
+ 2008-04-14 20:51:08 162,816 ----a-w C:\WINDOWS\system32\bootcfg.exe
- 2001-10-26 19:29:48 4,608 ----a-w C:\windows\system32\bootok.exe
+ 2001-10-26 19:29:48 12,800 ----a-w C:\WINDOWS\system32\bootok.exe
- 2001-10-26 19:29:48 5,120 ----a-w C:\windows\system32\bootvrfy.exe
+ 2001-10-26 19:29:48 13,312 ----a-w C:\WINDOWS\system32\bootvrfy.exe
- 2008-04-14 20:51:08 20,992 ----a-w C:\windows\system32\cacls.exe
+ 2008-04-14 20:51:08 29,184 ----a-w C:\WINDOWS\system32\cacls.exe
- 2001-10-26 19:29:48 115,200 ----a-w C:\windows\system32\calc.exe
+ 2001-10-26 19:29:48 123,392 ----a-w C:\WINDOWS\system32\calc.exe
- 2001-10-26 19:29:48 80,896 ----a-w C:\windows\system32\charmap.exe
+ 2001-10-26 19:29:48 89,088 ----a-w C:\WINDOWS\system32\charmap.exe
- 2001-10-26 19:29:48 11,776 ----a-w C:\windows\system32\chkdsk.exe
+ 2001-10-26 19:29:48 19,968 ----a-w C:\WINDOWS\system32\chkdsk.exe
- 2001-10-26 19:29:48 11,264 ----a-w C:\windows\system32\chkntfs.exe
+ 2001-10-26 19:29:48 19,456 ----a-w C:\WINDOWS\system32\chkntfs.exe
- 2001-10-26 19:29:48 8,192 ----a-w C:\windows\system32\cidaemon.exe
+ 2001-10-26 19:29:48 16,384 ----a-w C:\WINDOWS\system32\cidaemon.exe
- 2008-04-14 20:51:08 56,832 ----a-w C:\windows\system32\[beeep]her.exe
+ 2008-04-14 20:51:08 65,024 ----a-w C:\WINDOWS\system32\[beeep]her.exe
- 2001-10-26 19:29:48 7,680 ----a-w C:\windows\system32\ckcnv.exe
+ 2001-10-26 19:29:48 15,872 ----a-w C:\WINDOWS\system32\ckcnv.exe
- 2008-04-14 20:51:08 64,512 ----a-w C:\windows\system32\cleanmgr.exe
+ 2008-04-14 20:51:08 72,704 ----a-w C:\WINDOWS\system32\cleanmgr.exe
- 2008-04-14 20:51:08 20,480 ----a-w C:\windows\system32\cliconfg.exe
+ 2008-04-14 20:51:08 28,672 ----a-w C:\WINDOWS\system32\cliconfg.exe
- 2008-04-14 20:51:08 103,424 ----a-w C:\windows\system32\clipbrd.exe
+ 2008-04-14 20:51:08 111,616 ----a-w C:\WINDOWS\system32\clipbrd.exe
- 2008-04-14 20:51:10 25,600 ----a-w C:\windows\system32\cmdl32.exe
+ 2008-04-14 20:51:10 33,792 ----a-w C:\WINDOWS\system32\cmdl32.exe
- 2003-08-20 16:46:00 233,472 ----a-w C:\windows\system32\cmirmdrv.exe
+ 2003-08-20 16:46:00 241,664 ----a-w C:\WINDOWS\system32\cmirmdrv.exe
- 2008-04-14 20:51:10 39,424 ----a-w C:\windows\system32\cmmon32.exe
+ 2008-04-14 20:51:10 47,616 ----a-w C:\WINDOWS\system32\cmmon32.exe
- 2008-04-14 20:51:10 64,512 ----a-w C:\windows\system32\cmstp.exe
+ 2008-04-14 20:51:10 72,704 ----a-w C:\WINDOWS\system32\cmstp.exe
- 2008-04-14 20:51:10 9,728 ----a-w C:\windows\system32\Com\comrepl.exe
+ 2008-04-14 20:51:10 17,920 ----a-w C:\WINDOWS\system32\Com\comrepl.exe
- 2008-04-14 20:51:10 6,144 ----a-w C:\windows\system32\Com\comrereg.exe
+ 2008-04-14 20:51:10 14,336 ----a-w C:\WINDOWS\system32\Com\comrereg.exe
- 2001-10-26 19:29:50 15,872 ----a-w C:\windows\system32\comp.exe
+ 2001-10-26 19:29:50 24,064 ----a-w C:\WINDOWS\system32\comp.exe
- 2001-10-26 19:29:50 17,920 ----a-w C:\windows\system32\compact.exe
+ 2001-10-26 19:29:50 26,112 ----a-w C:\WINDOWS\system32\compact.exe
- 2008-04-13 22:13:34 9,728 ------w C:\windows\system32\comsdupd.exe
+ 2008-04-13 22:13:34 17,920 ------w C:\WINDOWS\system32\comsdupd.exe
- 2008-10-27 17:40:54 16,384 ----a-w C:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-10-28 15:09:31 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-10-27 17:40:54 32,768 ----a-w C:\windows\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat
+ 2008-10-28 15:09:31 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat
- 2008-10-27 17:40:54 32,768 ----a-w C:\windows\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat
+ 2008-10-28 15:09:31 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat
- 2008-04-14 20:51:10 27,648 ----a-w C:\windows\system32\conime.exe
+ 2008-04-14 20:51:10 35,840 ----a-w C:\WINDOWS\system32\conime.exe
- 2001-10-26 19:29:50 8,192 ----a-w C:\windows\system32\control.exe
+ 2001-10-26 19:29:50 16,384 ----a-w C:\WINDOWS\system32\control.exe
- 2001-10-26 19:29:50 13,824 ----a-w C:\windows\system32\convert.exe
+ 2001-10-26 19:29:50 22,016 ----a-w C:\WINDOWS\system32\convert.exe
- 2008-04-14 20:51:12 6,144 ----a-w C:\windows\system32\dcomcnfg.exe
+ 2008-04-14 20:51:12 14,336 ----a-w C:\WINDOWS\system32\dcomcnfg.exe
- 2008-04-14 20:51:12 30,720 ----a-w C:\windows\system32\ddeshare.exe
+ 2008-04-14 20:51:12 38,912 ----a-w C:\WINDOWS\system32\ddeshare.exe
- 2008-04-14 20:51:12 25,088 ----a-w C:\windows\system32\defrag.exe
+ 2008-04-14 20:51:12 33,280 ----a-w C:\WINDOWS\system32\defrag.exe
- 2008-04-14 20:51:12 82,944 ----a-w C:\windows\system32\dfrgfat.exe
+ 2008-04-14 20:51:12 91,136 ----a-w C:\WINDOWS\system32\dfrgfat.exe
- 2008-04-14 20:51:12 105,472 ----a-w C:\windows\system32\dfrgntfs.exe
+ 2008-04-14 20:51:12 113,664 ----a-w C:\WINDOWS\system32\dfrgntfs.exe
- 2008-04-14 20:51:12 87,040 ----a-w C:\windows\system32\diantz.exe
+ 2008-04-14 20:51:12 95,232 ----a-w C:\WINDOWS\system32\diantz.exe
- 2008-04-14 20:51:12 164,864 ----a-w C:\windows\system32\diskpart.exe
+ 2008-04-14 20:51:12 173,056 ----a-w C:\WINDOWS\system32\diskpart.exe
- 2001-10-26 19:29:50 18,432 ----a-w C:\windows\system32\diskperf.exe
+ 2001-10-26 19:29:50 26,624 ----a-w C:\WINDOWS\system32\diskperf.exe
- 2008-04-14 20:51:04 188,416 -c--a-w C:\windows\system32\dllcache\accwiz.exe
+ 2008-04-14 20:51:04 196,608 -c--a-w C:\WINDOWS\system32\dllcache\accwiz.exe
- 2008-04-14 20:51:04 4,096 -c--a-w C:\windows\system32\dllcache\actmovie.exe
+ 2008-04-14 20:51:04 12,288 -c--a-w C:\WINDOWS\system32\dllcache\actmovie.exe
- 2008-04-14 20:51:04 256,512 -c--a-w C:\windows\system32\dllcache\agentsvr.exe
+ 2008-04-14 20:51:04 264,704 -c--a-w C:\WINDOWS\system32\dllcache\agentsvr.exe
- 2008-04-14 20:51:04 98,304 -c--a-w C:\windows\system32\dllcache\ahui.exe
+ 2008-04-14 20:51:04 106,496 -c--a-w C:\WINDOWS\system32\dllcache\ahui.exe
- 2008-04-14 20:51:04 44,544 -c--a-w C:\windows\system32\dllcache\alg.exe
+ 2008-04-14 20:51:04 52,736 -c--a-w C:\WINDOWS\system32\dllcache\alg.exe
- 2001-10-26 19:29:46 19,968 -c--a-w C:\windows\system32\dllcache\arp.exe
+ 2001-10-26 19:29:46 28,160 -c--a-w C:\WINDOWS\system32\dllcache\arp.exe
- 2008-04-14 20:51:04 30,208 -c--a-w C:\windows\system32\dllcache\asr_fmt.exe
+ 2008-04-14 20:51:04 38,400 -c--a-w C:\WINDOWS\system32\dllcache\asr_fmt.exe
- 2001-10-26 19:29:46 33,792 -c--a-w C:\windows\system32\dllcache\asr_ldm.exe
+ 2001-10-26 19:29:46 41,984 -c--a-w C:\WINDOWS\system32\dllcache\asr_ldm.exe
- 2008-04-14 20:51:04 32,768 -c--a-w C:\windows\system32\dllcache\asr_pfu.exe
+ 2008-04-14 20:51:04 40,960 -c--a-w C:\WINDOWS\system32\dllcache\asr_pfu.exe
- 2008-04-14 20:51:04 25,600 -c--a-w C:\windows\system32\dllcache\at.exe
+ 2008-04-14 20:51:04 33,792 -c--a-w C:\WINDOWS\system32\dllcache\at.exe
- 2008-04-14 20:51:04 11,264 -c--a-w C:\windows\system32\dllcache\atmadm.exe
+ 2008-04-14 20:51:04 19,456 -c--a-w C:\WINDOWS\system32\dllcache\atmadm.exe
- 2008-04-14 20:51:04 12,288 -c--a-w C:\windows\system32\dllcache\attrib.exe
+ 2008-04-14 20:51:04 20,480 -c--a-w C:\WINDOWS\system32\dllcache\attrib.exe
- 2008-04-14 20:51:04 14,336 -c--a-w C:\windows\system32\dllcache\auditusr.exe
+ 2008-04-14 20:51:04 22,528 -c--a-w C:\WINDOWS\system32\dllcache\auditusr.exe
- 2001-10-26 19:29:48 42,577 -c--a-w C:\windows\system32\dllcache\bckgzm.exe
+ 2001-10-26 19:29:48 50,769 -c--a-w C:\WINDOWS\system32\dllcache\bckgzm.exe
- 2008-04-14 20:51:08 71,680 -c--a-w C:\windows\system32\dllcache\blastcln.exe
+ 2008-04-14 20:51:08 79,872 -c--a-w C:\WINDOWS\system32\dllcache\blastcln.exe
- 2008-04-14 20:51:08 154,624 -c--a-w C:\windows\system32\dllcache\bootcfg.exe
+ 2008-04-14 20:51:08 162,816 -c--a-w C:\WINDOWS\system32\dllcache\bootcfg.exe
- 2001-10-26 19:29:48 4,608 -c--a-w C:\windows\system32\dllcache\bootok.exe
+ 2001-10-26 19:29:48 12,800 -c--a-w C:\WINDOWS\system32\dllcache\bootok.exe
- 2001-10-26 19:29:48 5,120 -c--a-w C:\windows\system32\dllcache\bootvrfy.exe
+ 2001-10-26 19:29:48 13,312 -c--a-w C:\WINDOWS\system32\dllcache\bootvrfy.exe
- 2008-04-14 20:51:08 20,992 -c--a-w C:\windows\system32\dllcache\cacls.exe
+ 2008-04-14 20:51:08 29,184 -c--a-w C:\WINDOWS\system32\dllcache\cacls.exe
- 2001-10-26 19:29:48 115,200 -c--a-w C:\windows\system32\dllcache\calc.exe
+ 2001-10-26 19:29:48 123,392 -c--a-w C:\WINDOWS\system32\dllcache\calc.exe
- 2001-10-26 19:29:48 12,288 -c--a-w C:\windows\system32\dllcache\cb32.exe
+ 2001-10-26 19:29:48 20,480 -c--a-w C:\WINDOWS\system32\dllcache\cb32.exe
- 2001-10-26 19:29:48 9,728 -c--a-w C:\windows\system32\dllcache\change.exe
+ 2001-10-26 19:29:48 17,920 -c--a-w C:\WINDOWS\system32\dllcache\change.exe
- 2001-10-26 19:29:48 80,896 -c--a-w C:\windows\system32\dllcache\charmap.exe
+ 2001-10-26 19:29:48 89,088 -c--a-w C:\WINDOWS\system32\dllcache\charmap.exe
- 2001-10-26 19:29:48 13,824 -c--a-w C:\windows\system32\dllcache\chglogon.exe
+ 2001-10-26 19:29:48 22,016 -c--a-w C:\WINDOWS\system32\dllcache\chglogon.exe
- 2001-10-26 19:29:48 15,872 -c--a-w C:\windows\system32\dllcache\chgport.exe
+ 2001-10-26 19:29:48 24,064 -c--a-w C:\WINDOWS\system32\dllcache\chgport.exe
- 2001-10-26 19:29:48 14,848 -c--a-w C:\windows\system32\dllcache\chgusr.exe
+ 2001-10-26 19:29:48 23,040 -c--a-w C:\WINDOWS\system32\dllcache\chgusr.exe
- 2001-10-26 19:29:48 11,776 -c--a-w C:\windows\system32\dllcache\chkdsk.exe
+ 2001-10-26 19:29:48 19,968 -c--a-w C:\WINDOWS\system32\dllcache\chkdsk.exe
- 2001-10-26 19:29:48 11,264 -c--a-w C:\windows\system32\dllcache\chkntfs.exe
+ 2001-10-26 19:29:48 19,456 -c--a-w C:\WINDOWS\system32\dllcache\chkntfs.exe
- 2001-10-26 19:29:48 42,575 -c--a-w C:\windows\system32\dllcache\chkrzm.exe
+ 2001-10-26 19:29:48 50,767 -c--a-w C:\WINDOWS\system32\dllcache\chkrzm.exe
- 2001-10-26 19:29:48 8,192 -c--a-w C:\windows\system32\dllcache\cidaemon.exe
+ 2001-10-26 19:29:48 16,384 -c--a-w C:\WINDOWS\system32\dllcache\cidaemon.exe
- 2008-04-13 20:13:40 480,256 -c--a-w C:\windows\system32\dllcache\cintsetp.exe
+ 2008-04-13 20:13:40 488,448 -c--a-w C:\WINDOWS\system32\dllcache\cintsetp.exe
- 2008-04-14 20:51:08 56,832 -c--a-w C:\windows\system32\dllcache\[beeep]her.exe
+ 2008-04-14 20:51:08 65,024 -c--a-w C:\WINDOWS\system32\dllcache\[beeep]her.exe
- 2008-04-14 20:51:08 5,632 -c--a-w C:\windows\system32\dllcache\cisvc.exe
+ 2008-04-14 20:51:08 13,824 -c--a-w C:\WINDOWS\system32\dllcache\cisvc.exe
- 2001-10-26 19:29:48 7,680 -c--a-w C:\windows\system32\dllcache\ckcnv.exe
+ 2001-10-26 19:29:48 15,872 -c--a-w C:\WINDOWS\system32\dllcache\ckcnv.exe
- 2008-04-14 20:51:08 64,512 -c--a-w C:\windows\system32\dllcache\cleanmgr.exe
+ 2008-04-14 20:51:08 72,704 -c--a-w C:\WINDOWS\system32\dllcache\cleanmgr.exe
- 2008-04-14 20:51:08 103,424 -c--a-w C:\windows\system32\dllcache\clipbrd.exe
+ 2008-04-14 20:51:08 111,616 -c--a-w C:\WINDOWS\system32\dllcache\clipbrd.exe
- 2008-04-14 20:51:08 33,280 -c--a-w C:\windows\system32\dllcache\clipsrv.exe
+ 2008-04-14 20:51:08 41,472 -c--a-w C:\WINDOWS\system32\dllcache\clipsrv.exe
- 2008-04-14 20:51:10 396,288 -c--a-w C:\windows\system32\dllcache\cmd.exe
+ 2008-04-14 20:51:10 404,480 -c--a-w C:\WINDOWS\system32\dllcache\cmd.exe
- 2008-04-14 20:51:10 25,600 -c--a-w C:\windows\system32\dllcache\cmdl32.exe
+ 2008-04-14 20:51:10 33,792 -c--a-w C:\WINDOWS\system32\dllcache\cmdl32.exe
- 2008-04-14 20:51:10 39,424 -c--a-w C:\windows\system32\dllcache\cmmon32.exe
+ 2008-04-14 20:51:10 47,616 -c--a-w C:\WINDOWS\system32\dllcache\cmmon32.exe
- 2008-04-14 20:51:10 64,512 -c--a-w C:\windows\system32\dllcache\cmstp.exe
+ 2008-04-14 20:51:10 72,704 -c--a-w C:\WINDOWS\system32\dllcache\cmstp.exe
- 2001-10-26 19:29:50 15,872 -c--a-w C:\windows\system32\dllcache\comp.exe
+ 2001-10-26 19:29:50 24,064 -c--a-w C:\WINDOWS\system32\dllcache\comp.exe
- 2001-10-26 19:29:50 17,920 -c--a-w C:\windows\system32\dllcache\compact.exe
+ 2001-10-26 19:29:50 26,112 -c--a-w C:\WINDOWS\system32\dllcache\compact.exe
- 2008-04-14 20:51:10 9,728 -c--a-w C:\windows\system32\dllcache\comrepl.exe
+ 2008-04-14 20:51:10 17,920 -c--a-w C:\WINDOWS\system32\dllcache\comrepl.exe
- 2008-04-14 20:51:10 6,144 -c--a-w C:\windows\system32\dllcache\comrereg.exe
+ 2008-04-14 20:51:10 14,336 -c--a-w C:\WINDOWS\system32\dllcache\comrereg.exe
- 2008-04-14 20:51:10 1,036,288 -c--a-w C:\windows\system32\dllcache\conf.exe
+ 2008-04-14 20:51:10 1,044,480 -c--a-w C:\WINDOWS\system32\dllcache\conf.exe
- 2008-04-14 20:51:10 27,648 -c--a-w C:\windows\system32\dllcache\conime.exe
+ 2008-04-14 20:51:10 35,840 -c--a-w C:\WINDOWS\system32\dllcache\conime.exe
- 2001-10-26 19:29:50 8,192 -c--a-w C:\windows\system32\dllcache\control.exe
+ 2001-10-26 19:29:50 16,384 -c--a-w C:\WINDOWS\system32\dllcache\control.exe
- 2001-10-26 19:29:50 13,824 -c--a-w C:\windows\system32\dllcache\convert.exe
+ 2001-10-26 19:29:50 22,016 -c--a-w C:\WINDOWS\system32\dllcache\convert.exe
- 2001-10-26 19:29:50 56,832 -c--a-w C:\windows\system32\dllcache\convlog.exe
+ 2001-10-26 19:29:50 65,024 -c--a-w C:\WINDOWS\system32\dllcache\convlog.exe
- 2008-04-13 20:13:34 57,399 -c--a-w C:\windows\system32\dllcache\cplexe.exe
+ 2008-04-13 20:13:34 65,591 -c--a-w C:\WINDOWS\system32\dllcache\cplexe.exe
- 2001-10-26 19:29:50 19,456 -c--a-w C:\windows\system32\dllcache\cprofile.exe
+ 2001-10-26 19:29:50 27,648 -c--a-w C:\WINDOWS\system32\dllcache\cprofile.exe
- 2008-04-14 20:51:12 139,264 -c--a-w C:\windows\system32\dllcache\cscript.exe
+ 2008-04-14 20:51:12 147,456 -c--a-w C:\WINDOWS\system32\dllcache\cscript.exe
- 2008-04-14 20:51:12 42,496 -c--a-w C:\windows\system32\dllcache\davcdata.exe
+ 2008-04-14 20:51:12 50,688 -c--a-w C:\WINDOWS\system32\dllcache\davcdata.exe
- 2008-04-14 20:51:12 6,144 -c--a-w C:\windows\system32\dllcache\dcomcnfg.exe
+ 2008-04-14 20:51:12 14,336 -c--a-w C:\WINDOWS\system32\dllcache\dcomcnfg.exe
- 2008-04-14 20:51:12 30,720 -c--a-w C:\windows\system32\dllcache\ddeshare.exe
+ 2008-04-14 20:51:12 38,912 -c--a-w C:\WINDOWS\system32\dllcache\ddeshare.exe
- 2008-04-14 20:51:12 25,088 -c--a-w C:\windows\system32\dllcache\defrag.exe
+ 2008-04-14 20:51:12 33,280 -c--a-w C:\WINDOWS\system32\dllcache\defrag.exe
- 2008-04-14 20:51:12 82,944 -c--a-w C:\windows\system32\dllcache\dfrgfat.exe
+ 2008-04-14 20:51:12 91,136 -c--a-w C:\WINDOWS\system32\dllcache\dfrgfat.exe
- 2008-04-14 20:51:12 105,472 -c--a-w C:\windows\system32\dllcache\dfrgntfs.exe
+ 2008-04-14 20:51:12 113,664 -c--a-w C:\WINDOWS\system32\dllcache\dfrgntfs.exe
- 2008-04-14 20:51:12 545,792 -c--a-w C:\windows\system32\dllcache\dialer.exe
+ 2008-04-14 20:51:12 553,984 -c--a-w C:\WINDOWS\system32\dllcache\dialer.exe
- 2008-04-14 20:51:12 87,040 -c--a-w C:\windows\system32\dllcache\diantz.exe
+ 2008-04-14 20:51:12 95,232 -c--a-w C:\WINDOWS\system32\dllcache\diantz.exe
- 2008-04-14 20:51:12 164,864 -c--a-w C:\windows\system32\dllcache\diskpart.exe
+ 2008-04-14 20:51:12 173,056 -c--a-w C:\WINDOWS\system32\dllcache\diskpart.exe
- 2001-10-26 19:29:50 18,432 -c--a-w C:\windows\system32\dllcache\diskperf.exe
+ 2001-10-26 19:29:50 26,624 -c--a-w C:\WINDOWS\system32\dllcache\diskperf.exe
- 2008-04-14 20:51:12 294,912 -c----w C:\windows\system32\dllcache\dlimport.exe
+ 2008-04-14 20:51:12 303,104 -c----w C:\WINDOWS\system32\dllcache\dlimport.exe
- 2008-04-14 20:51:14 5,120 -c--a-w C:\windows\system32\dllcache\dllhost.exe
+ 2008-04-14 20:51:14 13,312 -c--a-w C:\WINDOWS\system32\dllcache\dllhost.exe
- 2001-10-26 19:29:50 4,608 -c--a-w C:\windows\system32\dllcache\dllhst3g.exe
+ 2001-10-26 19:29:50 12,800 -c--a-w C:\WINDOWS\system32\dllcache\dllhst3g.exe
- 2008-04-14 20:51:14 225,280 -c--a-w C:\windows\system32\dllcache\dmadmin.exe
+ 2008-04-14 20:51:14 233,472 -c--a-w C:\WINDOWS\system32\dllcache\dmadmin.exe
- 2008-04-14 20:51:14 15,872 -c--a-w C:\windows\system32\dllcache\dmremote.exe
+ 2008-04-14 20:51:14 24,064 -c--a-w C:\WINDOWS\system32\dllcache\dmremote.exe
- 2001-10-26 19:29:52 10,752 -c--a-w C:\windows\system32\dllcache\doskey.exe
+ 2001-10-26 19:29:52 18,944 -c--a-w C:\WINDOWS\system32\dllcache\doskey.exe
- 2008-04-14 20:51:14 29,696 -c--a-w C:\windows\system32\dllcache\dplaysvr.exe
+ 2008-04-14 20:51:14 37,888 -c--a-w C:\WINDOWS\system32\dllcache\dplaysvr.exe
- 2008-04-14 20:51:14 18,432 -c--a-w C:\windows\system32\dllcache\dpnsvr.exe
+ 2008-04-14 20:51:14 26,624 -c--a-w C:\WINDOWS\system32\dllcache\dpnsvr.exe
- 2008-04-14 20:51:14 83,456 -c--a-w C:\windows\system32\dllcache\dpvsetup.exe
+ 2008-04-14 20:51:14 91,648 -c--a-w C:\WINDOWS\system32\dllcache\dpvsetup.exe
- 2008-04-14 20:51:14 65,024 -c--a-w C:\windows\system32\dllcache\drvqry.exe
+ 2008-04-14 20:51:14 73,216 -c--a-w C:\WINDOWS\system32\dllcache\drvqry.exe
- 2001-10-26 19:29:52 47,104 -c--a-w C:\windows\system32\dllcache\drwtsn32.exe
+ 2001-10-26 19:29:52 55,296 -c--a-w C:\WINDOWS\system32\dllcache\drwtsn32.exe
- 2008-04-14 20:51:14 10,752 -c--a-w C:\windows\system32\dllcache\dumprep.exe
+ 2008-04-14 20:51:14 18,944 -c--a-w C:\WINDOWS\system32\dllcache\dumprep.exe
- 2008-04-14 20:51:14 17,920 -c--a-w C:\windows\system32\dllcache\dvdupgrd.exe
+ 2008-04-14 20:51:14 26,112 -c--a-w C:\WINDOWS\system32\dllcache\dvdupgrd.exe
- 2008-04-14 20:51:14 180,224 -c--a-w C:\windows\system32\dllcache\dwwin.exe
+ 2008-04-14 20:51:14 188,416 -c--a-w C:\WINDOWS\system32\dllcache\dwwin.exe
- 2008-04-14 20:51:14 1,298,432 -c--a-w C:\windows\system32\dllcache\dxdiag.exe
+ 2008-04-14 20:51:14 1,306,624 -c--a-w C:\WINDOWS\system32\dllcache\dxdiag.exe
- 2001-10-26 19:29:52 39,424 -c--a-w C:\windows\system32\dllcache\esentutl.exe
+ 2001-10-26 19:29:52 47,616 -c--a-w C:\WINDOWS\system32\dllcache\esentutl.exe
- 2008-04-14 20:51:16 194,048 -c--a-w C:\windows\system32\dllcache\eudcedit.exe
+ 2008-04-14 20:51:16 202,240 -c--a-w C:\WINDOWS\system32\dllcache\eudcedit.exe
- 2008-04-14 20:51:16 52,736 -c--a-w C:\windows\system32\dllcache\evcreate.exe
+ 2008-04-14 20:51:16 60,928 -c--a-w C:\WINDOWS\system32\dllcache\evcreate.exe
- 2001-10-26 19:29:52 9,216 -c--a-w C:\windows\system32\dllcache\eventvwr.exe
+ 2001-10-26 19:29:52 17,408 -c--a-w C:\WINDOWS\system32\dllcache\eventvwr.exe
- 2008-04-14 20:51:16 26,112 -c--a-w C:\windows\system32\dllcache\evntcmd.exe
+ 2008-04-14 20:51:16 34,304 -c--a-w C:\WINDOWS\system32\dllcache\evntcmd.exe
- 2008-04-14 20:51:16 93,184 -c--a-w C:\windows\system32\dllcache\evntwin.exe
+ 2008-04-14 20:51:16 101,376 -c--a-w C:\WINDOWS\system32\dllcache\evntwin.exe
- 2008-04-14 20:51:16 86,016 -c--a-w C:\windows\system32\dllcache\evtrig.exe
+ 2008-04-14 20:51:16 94,208 -c--a-w C:\WINDOWS\system32\dllcache\evtrig.exe
- 2001-10-26 15:30:02 23,040 -c--a-w C:\windows\system32\dllcache\EXCH_regtrace.exe
+ 2001-10-26 15:30:02 31,232 -c--a-w C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
- 2001-10-26 19:29:52 16,384 -c--a-w C:\windows\system32\dllcache\expand.exe
+ 2001-10-26 19:29:52 24,576 -c--a-w C:\WINDOWS\system32\dllcache\expand.exe
- 2008-04-14 20:51:18 24,064 -c--a-w C:\windows\system32\dllcache\extrac32.exe
+ 2008-04-14 20:51:18 32,256 -c--a-w C:\WINDOWS\system32\dllcache\extrac32.exe
- 2001-10-26 19:29:54 14,848 -c--a-w C:\windows\system32\dllcache\fc.exe
+ 2001-10-26 19:29:54 23,040 -c--a-w C:\WINDOWS\system32\dllcache\fc.exe
- 2001-10-26 19:29:54 9,216 -c--a-w C:\windows\system32\dllcache\find.exe
+ 2001-10-26 19:29:54 17,408 -c--a-w C:\WINDOWS\system32\dllcache\find.exe
- 2008-04-14 20:51:18 28,160 -c--a-w C:\windows\system32\dllcache\findstr.exe
+ 2008-04-14 20:51:18 36,352 -c--a-w C:\WINDOWS\system32\dllcache\findstr.exe
- 2001-10-26 19:29:54 9,728 -c--a-w C:\windows\system32\dllcache\finger.exe
+ 2001-10-26 19:29:54 17,920 -c--a-w C:\WINDOWS\system32\dllcache\finger.exe
- 2001-10-26 19:29:54 3,072 -c--a-w C:\windows\system32\dllcache\fixmapi.exe
+ 2001-10-26 19:29:54 11,264 -c--a-w C:\WINDOWS\system32\dllcache\fixmapi.exe
- 2001-10-26 19:29:54 14,848 -c--a-w C:\windows\system32\dllcache\flattemp.exe
+ 2001-10-26 19:29:54 23,040 -c--a-w C:\WINDOWS\system32\dllcache\flattemp.exe
- 2008-04-14 20:51:18 23,040 -c--a-w C:\windows\system32\dllcache\fltmc.exe
+ 2008-04-14 20:51:18 31,232 -c--a-w C:\WINDOWS\system32\dllcache\fltmc.exe
- 2008-04-14 20:51:18 21,504 -c--a-w C:\windows\system32\dllcache\fontview.exe
+ 2008-04-14 20:51:18 29,696 -c--a-w C:\WINDOWS\system32\dllcache\fontview.exe
- 2008-04-14 20:51:18 7,680 -c--a-w C:\windows\system32\dllcache\forcedos.exe
+ 2008-04-14 20:51:18 15,872 -c--a-w C:\WINDOWS\system32\dllcache\forcedos.exe
- 2001-10-26 19:29:54 55,808 -c--a-w C:\windows\system32\dllcache\freecell.exe
+ 2001-10-26 19:29:54 64,000 -c--a-w C:\WINDOWS\system32\dllcache\freecell.exe
- 2001-10-26 19:29:54 62,976 -c--a-w C:\windows\system32\dllcache\fsutil.exe
+ 2001-10-26 19:29:54 71,168 -c--a-w C:\WINDOWS\system32\dllcache\fsutil.exe
- 2008-04-14 20:51:18 44,544 -c--a-w C:\windows\system32\dllcache\ftp.exe
+ 2008-04-14 20:51:18 52,736 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
- 2008-04-14 20:51:18 142,848 -c--a-w C:\windows\system32\dllcache\fxsclnt.exe
+ 2008-04-14 20:51:18 151,040 -c--a-w C:\WINDOWS\system32\dllcache\fxsclnt.exe
- 2008-04-14 20:51:18 233,472 -c--a-w C:\windows\system32\dllcache\fxscover.exe
+ 2008-04-14 20:51:18 241,664 -c--a-w C:\WINDOWS\system32\dllcache\fxscover.exe
- 2001-10-26 19:29:54 11,264 -c--a-w C:\windows\system32\dllcache\fxssend.exe
+ 2001-10-26 19:29:54 19,456 -c--a-w C:\WINDOWS\system32\dllcache\fxssend.exe
- 2008-04-14 20:51:18 268,288 -c--a-w C:\windows\system32\dllcache\fxssvc.exe
+ 2008-04-14 20:51:18 276,480 -c--a-w C:\WINDOWS\system32\dllcache\fxssvc.exe
- 2008-04-14 20:51:18 61,440 -c--a-w C:\windows\system32\dllcache\getmac.exe
+ 2008-04-14 20:51:18 69,632 -c--a-w C:\WINDOWS\system32\dllcache\getmac.exe
- 2008-04-14 20:51:18 123,904 -c--a-w C:\windows\system32\dllcache\gprslt.exe
+ 2008-04-14 20:51:18 132,096 -c--a-w C:\WINDOWS\system32\dllcache\gprslt.exe
- 2001-10-26 19:29:54 58,368 -c--a-w C:\windows\system32\dllcache\gpupdate.exe
+ 2001-10-26 19:29:54 66,560 -c--a-w C:\WINDOWS\system32\dllcache\gpupdate.exe
- 2008-04-14 20:51:20 39,424 -c--a-w C:\windows\system32\dllcache\grpconv.exe
+ 2008-04-14 20:51:20 47,616 -c--a-w C:\WINDOWS\system32\dllcache\grpconv.exe
- 2008-04-14 20:51:20 15,872 -c--a-w C:\windows\system32\dllcache\help.exe
+ 2008-04-14 20:51:20 24,064 -c--a-w C:\WINDOWS\system32\dllcache\help.exe
- 2008-04-14 20:51:20 769,024 -c--a-w C:\windows\system32\dllcache\helpctr.exe
+ 2008-04-14 20:51:20 777,216 -c--a-w C:\WINDOWS\system32\dllcache\helpctr.exe
- 2001-10-26 19:29:54 99,840 -c--a-w C:\windows\system32\dllcache\helphost.exe
+ 2001-10-26 19:29:54 108,032 -c--a-w C:\WINDOWS\system32\dllcache\helphost.exe
- 2008-04-14 20:51:20 744,448 -c--a-w C:\windows\system32\dllcache\helpsvc.exe
+ 2008-04-14 20:51:20 752,640 -c--a-w C:\WINDOWS\system32\dllcache\helpsvc.exe
- 2008-04-14 20:51:20 10,752 -c--a-w C:\windows\system32\dllcache\hh.exe
+ 2008-04-14 20:51:20 18,944 -c--a-w C:\WINDOWS\system32\dllcache\hh.exe
- 2001-10-26 19:29:54 8,192 -c--a-w C:\windows\system32\dllcache\hostname.exe
+ 2001-10-26 19:29:54 16,384 -c--a-w C:\WINDOWS\system32\dllcache\hostname.exe
- 2001-10-26 19:29:54 42,573 -c--a-w C:\windows\system32\dllcache\hrtzzm.exe
+ 2001-10-26 19:29:54 50,765 -c--a-w C:\WINDOWS\system32\dllcache\hrtzzm.exe
- 2008-04-14 20:51:20 18,432 -c--a-w C:\windows\system32\dllcache\hscupd.exe
+ 2008-04-14 20:51:20 26,624 -c--a-w C:\WINDOWS\system32\dllcache\hscupd.exe
- 2008-04-14 20:51:20 216,576 -c--a-w C:\windows\system32\dllcache\icwconn1.exe
+ 2008-04-14 20:51:20 224,768 -c--a-w C:\WINDOWS\system32\dllcache\icwconn1.exe
- 2008-04-14 20:51:20 86,016 -c--a-w C:\windows\system32\dllcache\icwconn2.exe
+ 2008-04-14 20:51:20 94,208 -c--a-w C:\WINDOWS\system32\dllcache\icwconn2.exe
- 2008-04-14 20:51:20 24,576 -c--a-w C:\windows\system32\dllcache\icwrmind.exe
+ 2008-04-14 20:51:20 32,768 -c--a-w C:\WINDOWS\system32\dllcache\icwrmind.exe
- 2001-10-26 19:29:54 73,728 -c--a-w C:\windows\system32\dllcache\icwtutor.exe
+ 2001-10-26 19:29:54 81,920 -c--a-w C:\WINDOWS\system32\dllcache\icwtutor.exe
- 2008-04-14 20:51:20 34,304 -c--a-w C:\windows\system32\dllcache\ie4uinit.exe
+ 2008-04-14 20:51:20 42,496 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2008-04-14 20:51:20 18,432 -c--a-w C:\windows\system32\dllcache\iedw.exe
+ 2008-04-14 20:51:20 26,624 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2008-04-14 20:51:20 93,184 -c--a-w C:\windows\system32\dllcache\iexplore.exe
+ 2008-04-14 20:51:20 101,376 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2008-04-14 20:51:20 114,688 -c--a-w C:\windows\system32\dllcache\iexpress.exe
+ 2008-04-14 20:51:20 122,880 -c--a-w C:\WINDOWS\system32\dllcache\iexpress.exe
- 2001-10-26 19:29:54 15,360 -c--a-w C:\windows\system32\dllcache\iisreset.exe
+ 2001-10-26 19:29:54 23,552 -c--a-w C:\WINDOWS\system32\dllcache\iisreset.exe
- 2008-04-14 20:51:20 31,232 -c--a-w C:\windows\system32\dllcache\iisrstas.exe
+ 2008-04-14 20:51:20 39,424 -c--a-w C:\WINDOWS\system32\dllcache\iisrstas.exe
- 2001-10-26 19:29:54 6,656 -c--a-w C:\windows\system32\dllcache\iissync.exe
+ 2001-10-26 19:29:54 14,848 -c--a-w C:\WINDOWS\system32\dllcache\iissync.exe
- 2008-04-14 20:51:20 150,528 -c--a-w C:\windows\system32\dllcache\imapi.exe
+ 2008-04-14 20:51:20 158,720 -c--a-w C:\WINDOWS\system32\dllcache\imapi.exe
- 2001-08-17 23:56:28 44,032 -c--a-w C:\windows\system32\dllcache\imekrmig.exe
+ 2001-08-17 23:56:28 52,224 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe
- 2001-08-17 23:06:18 311,359 -c--a-w C:\windows\system32\dllcache\imepadsv.exe
+ 2001-08-17 23:06:18 319,551 -c--a-w C:\WINDOWS\system32\dllcache\imepadsv.exe
- 2001-08-17 23:07:58 57,398 -c--a-w C:\windows\system32\dllcache\imjpdadm.exe
+ 2001-08-17 23:07:58 65,590 -c--a-w C:\WINDOWS\system32\dllcache\imjpdadm.exe
- 2008-04-13 20:13:46 307,257 -c--a-w C:\windows\system32\dllcache\imjpdct.exe
+ 2008-04-13 20:13:46 315,449 -c--a-w C:\WINDOWS\system32\dllcache\imjpdct.exe
- 2008-04-13 20:13:48 155,705 -c--a-w C:\windows\system32\dllcache\imjpdsvr.exe
+ 2008-04-13 20:13:48 163,897 -c--a-w C:\WINDOWS\system32\dllcache\imjpdsvr.exe
- 2008-04-13 20:13:50 196,665 -c--a-w C:\windows\system32\dllcache\imjpinst.exe
+ 2008-04-13 20:13:50 213,381 -c--a-w C:\WINDOWS\system32\dllcache\imjpinst.exe
- 2008-04-13 20:13:52 208,952 -c--a-w C:\windows\system32\dllcache\imjpmig.exe
+ 2008-04-13 20:13:52 217,144 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe
- 2008-04-13 20:14:00 233,527 -c--a-w C:\windows\system32\dllcache\imjprw.exe
+ 2008-04-13 20:14:00 241,719 -c--a-w C:\WINDOWS\system32\dllcache\imjprw.exe
- 2001-08-17 23:07:30 45,109 -c--a-w C:\windows\system32\dllcache\imjpuex.exe
+ 2001-08-17 23:07:30 53,301 -c--a-w C:\WINDOWS\system32\dllcache\imjpuex.exe
- 2008-04-13 20:14:02 262,200 -c--a-w C:\windows\system32\dllcache\imjputy.exe
+ 2008-04-13 20:14:02 270,392 -c--a-w C:\WINDOWS\system32\dllcache\imjputy.exe
- 2001-08-17 23:56:28 59,904 -c--a-w C:\windows\system32\dllcache\imkrinst.exe
+ 2001-08-17 23:56:28 68,096 -c--a-w C:\WINDOWS\system32\dllcache\imkrinst.exe
- 2008-04-13 20:13:38 59,392 -c--a-w C:\windows\system32\dllcache\imscinst.exe
+ 2008-04-13 20:13:38 75,192 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe
- 2008-04-14 20:51:22 15,872 -c--a-w C:\windows\system32\dllcache\inetin51.exe
+ 2008-04-14 20:51:22 24,064 -c--a-w C:\WINDOWS\system32\dllcache\inetin51.exe
- 2001-10-26 19:29:54 7,680 -c--a-w C:\windows\system32\dllcache\inetmgr.exe
+ 2001-10-26 19:29:54 15,872 -c--a-w C:\WINDOWS\system32\dllcache\inetmgr.exe
- 2008-04-14 20:51:22 20,480 -c--a-w C:\windows\system32\dllcache\inetwiz.exe
+ 2008-04-14 20:51:22 28,672 -c--a-w C:\WINDOWS\system32\dllcache\inetwiz.exe
- 2008-04-14 20:51:22 56,832 -c--a-w C:\windows\system32\dllcache\ipconfig.exe
+ 2008-04-14 20:51:22 65,024 -c--a-w C:\WINDOWS\system32\dllcache\ipconfig.exe
- 2001-10-26 19:29:54 45,056 -c--a-w C:\windows\system32\dllcache\ipsec6.exe
+ 2001-10-26 19:29:54 53,248 -c--a-w C:\WINDOWS\system32\dllcache\ipsec6.exe
- 2008-04-14 20:51:22 53,248 -c--a-w C:\windows\system32\dllcache\ipv6.exe
+ 2008-04-14 20:51:22 61,440 -c--a-w C:\WINDOWS\system32\dllcache\ipv6.exe
- 2008-04-14 20:51:22 24,064 -c--a-w C:\windows\system32\dllcache\ipxroute.exe
+ 2008-04-14 20:51:22 32,256 -c--a-w C:\WINDOWS\system32\dllcache\ipxroute.exe
- 2001-10-26 19:29:54 16,384 -c--a-w C:\windows\system32\dllcache\isignup.exe
+ 2001-10-26 19:29:54 24,576 -c--a-w C:\WINDOWS\system32\dllcache\isignup.exe
- 2001-10-26 19:29:54 9,728 -c--a-w C:\windows\system32\dllcache\label.exe
+ 2001-10-26 19:29:54 17,920 -c--a-w C:\WINDOWS\system32\dllcache\label.exe
- 2008-04-14 20:51:22 677,888 -c--a-w C:\windows\system32\dllcache\lhmstsc.exe
+ 2008-04-14 20:51:22 686,080 -c--a-w C:\WINDOWS\system32\dllcache\lhmstsc.exe
- 2001-10-26 19:29:54 29,696 -c--a-w C:\windows\system32\dllcache\lights.exe
+ 2001-10-26 19:29:54 37,888 -c--a-w C:\WINDOWS\system32\dllcache\lights.exe
- 2001-10-26 19:29:54 26,624 -c--a-w C:\windows\system32\dllcache\lnkstub.exe
+ 2001-10-26 19:29:54 34,816 -c--a-w C:\WINDOWS\system32\dllcache\lnkstub.exe
- 2008-04-14 20:51:24 75,264 -c--a-w C:\windows\system32\dllcache\locator.exe
+ 2008-04-14 20:51:24 83,456 -c--a-w C:\WINDOWS\system32\dllcache\locator.exe
- 2001-10-26 19:29:56 5,120 -c--a-w C:\windows\system32\dllcache\lodctr.exe
+ 2001-10-26 19:29:56 13,312 -c--a-w C:\WINDOWS\system32\dllcache\lodctr.exe
- 2005-01-28 11:44:28 96,768 -c--a-w C:\windows\system32\dllcache\logagent.exe
+ 2005-01-28 11:44:28 104,960 -c--a-w C:\WINDOWS\system32\dllcache\logagent.exe
- 2008-04-14 20:51:24 60,928 -c--a-w C:\windows\system32\dllcache\logman.exe
+ 2008-04-14 20:51:24 69,120 -c--a-w C:\WINDOWS\system32\dllcache\logman.exe
- 2001-10-26 19:29:56 15,872 -c--a-w C:\windows\system32\dllcache\logoff.exe
+ 2001-10-26 19:29:56 24,064 -c--a-w C:\WINDOWS\system32\dllcache\logoff.exe
- 2008-04-14 20:51:56 220,672 -c--a-w C:\windows\system32\dllcache\logon.scr
+ 2008-04-14 20:51:56 228,864 -c--a-w C:\WINDOWS\system32\dllcache\logon.scr
- 2008-04-14 20:51:24 515,072 -c--a-w C:\windows\system32\dllcache\logonui.exe
+ 2008-04-14 20:51:24 523,264 -c--a-w C:\WINDOWS\system32\dllcache\logonui.exe
- 2001-10-26 19:29:56 6,144 -c--a-w C:\windows\system32\dllcache\lpq.exe
+ 2001-10-26 19:29:56 14,336 -c--a-w C:\WINDOWS\system32\dllcache\lpq.exe
- 2001-10-26 19:29:56 8,192 -c--a-w C:\windows\system32\dllcache\lpr.exe
+ 2001-10-26 19:29:56 16,384 -c--a-w C:\WINDOWS\system32\dllcache\lpr.exe
- 2008-04-14 20:51:24 13,312 -c--a-w C:\windows\system32\dllcache\lsass.exe
+ 2008-04-14 20:51:24 21,504 -c--a-w C:\WINDOWS\system32\dllcache\lsass.exe
- 2008-04-14 20:51:24 73,216 -c--a-w C:\windows\system32\dllcache\magnify.exe
+ 2008-04-14 20:51:24 81,408 -c--a-w C:\WINDOWS\system32\dllcache\magnify.exe
- 2008-04-14 20:51:24 57,344 -c--a-w C:\windows\system32\dllcache\makecab.exe
+ 2008-04-14 20:51:24 65,536 -c--a-w C:\WINDOWS\system32\dllcache\makecab.exe
- 2001-10-26 19:29:56 34,816 -c--a-w C:\windows\system32\dllcache\migisol.exe
+ 2001-10-26 19:29:56 43,008 -c--a-w C:\WINDOWS\system32\dllcache\migisol.exe
- 2008-04-14 20:51:24 104,448 -c--a-w C:\windows\system32\dllcache\migload.exe
+ 2008-04-14 20:51:24 112,640 -c--a-w C:\WINDOWS\system32\dllcache\migload.exe
- 2008-04-14 20:51:24 786,432 -c--a-w C:\windows\system32\dllcache\migrate.exe
+ 2008-04-14 20:51:24 794,624 -c--a-w C:\WINDOWS\system32\dllcache\migrate.exe
- 2008-04-14 20:51:24 7,680 -c--a-w C:\windows\system32\dllcache\migregdb.exe
+ 2008-04-14 20:51:24 15,872 -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe
- 2008-04-14 20:51:24 247,808 -c--a-w C:\windows\system32\dllcache\migwiz.exe
+ 2008-04-14 20:51:24 256,000 -c--a-w C:\WINDOWS\system32\dllcache\migwiz.exe
- 2008-04-14 20:51:24 241,152 -c--a-w C:\windows\system32\dllcache\migwiza.exe
+ 2008-04-14 20:51:24 249,344 -c--a-w C:\WINDOWS\system32\dllcache\migwiza.exe
- 2008-04-14 20:51:26 1,414,656 -c--a-w C:\windows\system32\dllcache\mmc.exe
+ 2008-04-14 20:51:26 1,422,848 -c--a-w C:\WINDOWS\system32\dllcache\mmc.exe
- 2008-04-14 20:51:26 33,792 -c--a-w C:\windows\system32\dllcache\mmcperf.exe
+ 2008-04-14 20:51:26 41,984 -c--a-w C:\WINDOWS\system32\dllcache\mmcperf.exe
- 2008-04-14 20:51:26 32,768 -c--a-w C:\windows\system32\dllcache\mnmsrvc.exe
+ 2008-04-14 20:51:26 40,960 -c--a-w C:\WINDOWS\system32\dllcache\mnmsrvc.exe
- 2008-04-14 20:51:26 143,872 -c--a-w C:\windows\system32\dllcache\mobsync.exe
+ 2008-04-14 20:51:26 152,064 -c--a-w C:\WINDOWS\system32\dllcache\mobsync.exe
- 2008-04-14 20:51:26 17,408 -c--a-w C:\windows\system32\dllcache\mofcomp.exe
+ 2008-04-14 20:51:26 25,600 -c--a-w C:\WINDOWS\system32\dllcache\mofcomp.exe
- 2001-10-26 19:29:56 8,192 -c--a-w C:\windows\system32\dllcache\mountvol.exe
+ 2001-10-26 19:29:56 16,384 -c--a-w C:\WINDOWS\system32\dllcache\mountvol.exe
- 2008-04-14 20:51:28 3,558,912 -c--a-w C:\windows\system32\dllcache\moviemk.exe
+ 2008-04-14 20:51:28 3,567,104 -c--a-w C:\WINDOWS\system32\dllcache\moviemk.exe
- 2008-04-14 20:51:30 124,928 -c--a-w C:\windows\system32\dllcache\mplay32.exe
+ 2008-04-14 20:51:30 133,120 -c--a-w C:\WINDOWS\system32\dllcache\mplay32.exe
- 2008-04-14 20:51:30 4,639 -c--a-w C:\windows\system32\dllcache\mplayer2.exe
+ 2008-04-14 20:51:30 12,831 -c--a-w C:\WINDOWS\system32\dllcache\mplayer2.exe
- 2001-10-26 19:29:58 22,016 -c--a-w C:\windows\system32\dllcache\mpnotify.exe
+ 2001-10-26 19:29:58 30,208 -c--a-w C:\WINDOWS\system32\dllcache\mpnotify.exe
- 2008-04-14 20:51:30 19,968 -c--a-w C:\windows\system32\dllcache\mqbkup.exe
+ 2008-04-14 20:51:30 28,160 -c--a-w C:\WINDOWS\system32\dllcache\mqbkup.exe
- 2008-04-14 20:51:30 4,608 -c--a-w C:\windows\system32\dllcache\mqsvc.exe
+ 2008-04-14 20:51:30 12,800 -c--a-w C:\WINDOWS\system32\dllcache\mqsvc.exe
- 2008-04-14 20:51:30 117,248 -c--a-w C:\windows\system32\dllcache\mqtgsvc.exe
+ 2008-04-14 20:51:30 125,440 -c--a-w C:\WINDOWS\system32\dllcache\mqtgsvc.exe
- 2001-10-26 19:29:58 13,824 -c--a-w C:\windows\system32\dllcache\mrinfo.exe
+ 2001-10-26 19:29:58 22,016 -c--a-w C:\WINDOWS\system32\dllcache\mrinfo.exe
- 2008-04-14 20:51:30 171,520 -c--a-w C:\windows\system32\dllcache\msconfig.exe
+ 2008-04-14 20:51:30 179,712 -c--a-w C:\WINDOWS\system32\dllcache\msconfig.exe
- 2008-04-14 20:51:30 6,144 -c--a-w C:\windows\system32\dllcache\msdtc.exe
+ 2008-04-14 20:51:30 14,336 -c--a-w C:\WINDOWS\system32\dllcache\msdtc.exe
- 2001-10-26 19:29:58 22,528 -c--a-w C:\windows\system32\dllcache\msg.exe
+ 2001-10-26 19:29:58 30,720 -c--a-w C:\WINDOWS\system32\dllcache\msg.exe
- 2001-10-26 19:29:58 128,000 -c--a-w C:\windows\system32\dllcache\mshearts.exe
+ 2001-10-26 19:29:58 136,192 -c--a-w C:\WINDOWS\system32\dllcache\mshearts.exe
- 2008-04-14 20:51:30 29,184 -c--a-w C:\windows\system32\dllcache\mshta.exe
+ 2008-04-14 20:51:30 37,376 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
- 2008-04-14 20:51:30 78,848 -c--a-w C:\windows\system32\dllcache\msiexec.exe
+ 2008-04-14 20:51:30 87,040 -c--a-w C:\WINDOWS\system32\dllcache\msiexec.exe
- 2008-04-14 20:51:30 60,928 -c--a-w C:\windows\system32\dllcache\msimn.exe
+ 2008-04-14 20:51:30 69,120 -c--a-w C:\WINDOWS\system32\dllcache\msimn.exe
- 2001-10-26 19:29:58 40,448 -c--a-w C:\windows\system32\dllcache\msinfo32.exe
+ 2001-10-26 19:29:58 48,640 -c--a-w C:\WINDOWS\system32\dllcache\msinfo32.exe
- 2008-04-14 20:51:30 40,960 -c--a-w C:\windows\system32\dllcache\msiregmv.exe
+ 2008-04-14 20:51:30 49,152 -c--a-w C:\WINDOWS\system32\dllcache\msiregmv.exe
- 2008-04-14 20:51:32 29,184 -c--a-w C:\windows\system32\dllcache\msoobe.exe
+ 2008-04-14 20:51:32 37,376 -c--a-w C:\WINDOWS\system32\dllcache\msoobe.exe
- 2008-04-14 20:51:32 345,088 -c--a-w C:\windows\system32\dllcache\mspaint.exe
+ 2008-04-14 20:51:32 353,280 -c--a-w C:\WINDOWS\system32\dllcache\mspaint.exe
- 2001-10-26 19:29:58 6,656 -c--a-w C:\windows\system32\dllcache\msswchx.exe
+ 2001-10-26 19:29:58 14,848 -c--a-w C:\WINDOWS\system32\dllcache\msswchx.exe
- 2008-04-14 20:51:32 12,288 -c--a-w C:\windows\system32\dllcache\mstinit.exe
+ 2008-04-14 20:51:32 20,480 -c--a-w C:\WINDOWS\system32\dllcache\mstinit.exe
- 2008-04-14 20:51:32 119,808 -c--a-w C:\windows\system32\dllcache\mtstocom.exe
+ 2008-04-14 20:51:32 128,000 -c--a-w C:\WINDOWS\system32\dllcache\mtstocom.exe
- 2008-04-14 20:51:32 176,640 -c--a-w C:\windows\system32\dllcache\napstat.exe
+ 2008-04-14 20:51:32 184,832 -c--a-w C:\WINDOWS\system32\dllcache\napstat.exe
- 2008-04-14 20:51:32 55,296 -c--a-w C:\windows\system32\dllcache\narrator.exe
+ 2008-04-14 20:51:32 63,488 -c--a-w C:\WINDOWS\system32\dllcache\narrator.exe
- 2001-10-26 19:29:58 21,504 -c--a-w C:\windows\system32\dllcache\nbtstat.exe
+ 2001-10-26 19:29:58 29,696 -c--a-w C:\WINDOWS\system32\dllcache\nbtstat.exe
- 2008-04-14 20:51:32 4,096 -c--a-w C:\windows\system32\dllcache\nddeapir.exe
+ 2008-04-14 20:51:32 12,288 -c--a-w C:\WINDOWS\system32\dllcache\nddeapir.exe
- 2008-04-14 20:51:32 42,496 -c--a-w C:\windows\system32\dllcache\net.exe
+ 2008-04-14 20:51:32 50,688 -c--a-w C:\WINDOWS\system32\dllcache\net.exe
- 2008-04-14 20:51:32 124,928 -c--a-w C:\windows\system32\dllcache\net1.exe
+ 2008-04-14 20:51:32 133,120 -c--a-w C:\WINDOWS\system32\dllcache\net1.exe
- 2008-04-14 20:51:32 114,688 -c--a-w C:\windows\system32\dllcache\netdde.exe
+ 2008-04-14 20:51:32 122,880 -c--a-w C:\WINDOWS\system32\dllcache\netdde.exe
- 2008-04-14 20:56:18 332,288 -c--a-w C:\windows\system32\dllcache\netsetup.exe
+ 2008-04-14 20:56:18 344,064 -c--a-w C:\WINDOWS\system32\dllcache\netsetup.exe
- 2008-04-14 20:51:32 87,040 -c--a-w C:\windows\system32\dllcache\netsh.exe
+ 2008-04-14 20:51:32 95,232 -c--a-w C:\WINDOWS\system32\dllcache\netsh.exe
- 2008-04-14 20:51:32 38,400 -c--a-w C:\windows\system32\dllcache\netstat.exe
+ 2008-04-14 20:51:32 46,592 -c--a-w C:\WINDOWS\system32\dllcache\netstat.exe
- 2008-04-14 20:51:32 70,144 -c--a-w C:\windows\system32\dllcache\notepad.exe
+ 2008-04-14 20:51:32 78,336 -c--a-w C:\WINDOWS\system32\dllcache\notepad.exe
- 2001-10-26 19:29:58 35,328 -c--a-w C:\windows\system32\dllcache\notiflag.exe
+ 2001-10-26 19:29:58 43,520 -c--a-w C:\WINDOWS\system32\dllcache\notiflag.exe
- 2008-04-14 20:51:34 15,360 -c--a-w C:\windows\system32\dllcache\nppagent.exe
+ 2008-04-14 20:51:34 23,552 -c--a-w C:\WINDOWS\system32\dllcache\nppagent.exe
- 2008-04-14 20:51:34 79,872 -c--a-w C:\windows\system32\dllcache\nslookup.exe
+ 2008-04-14 20:51:34 88,064 -c--a-w C:\WINDOWS\system32\dllcache\nslookup.exe
- 2008-04-14 20:51:34 1,222,144 -c--a-w C:\windows\system32\dllcache\ntbackup.exe
+ 2008-04-14 20:51:34 1,230,336 -c--a-w C:\WINDOWS\system32\dllcache\ntbackup.exe
- 2001-10-26 19:30:00 31,744 -c--a-w C:\windows\system32\dllcache\ntsd.exe
+ 2001-10-26 19:30:00 39,936 -c--a-w C:\WINDOWS\system32\dllcache\ntsd.exe
- 2008-04-14 20:51:36 421,376 -c--a-w C:\windows\system32\dllcache\ntvdm.exe
+ 2008-04-14 20:51:36 429,568 -c--a-w C:\WINDOWS\system32\dllcache\ntvdm.exe
- 2001-10-26 19:30:00 128,512 -c--a-w C:\windows\system32\dllcache\nwscript.exe
+ 2001-10-26 19:30:00 136,704 -c--a-w C:\WINDOWS\system32\dllcache\nwscript.exe
- 2008-04-14 20:51:36 32,768 -c--a-w C:\windows\system32\dllcache\odbcad32.exe
+ 2008-04-14 20:51:36 40,960 -c--a-w C:\WINDOWS\system32\dllcache\odbcad32.exe
- 2008-04-14 20:51:36 69,632 -c--a-w C:\windows\system32\dllcache\odbcconf.exe
+ 2008-04-14 20:51:36 77,824 -c--a-w C:\WINDOWS\system32\dllcache\odbcconf.exe
- 2008-04-14 20:51:36 60,928 -c--a-w C:\windows\system32\dllcache\oemig50.exe
+ 2008-04-14 20:51:36 69,120 -c--a-w C:\WINDOWS\system32\dllcache\oemig50.exe
- 2008-04-14 20:51:36 51,712 -c--a-w C:\windows\system32\dllcache\oobebaln.exe
+ 2008-04-14 20:51:36 59,904 -c--a-w C:\WINDOWS\system32\dllcache\oobebaln.exe
- 2008-04-14 20:51:36 70,144 -c--a-w C:\windows\system32\dllcache\opnfiles.exe
+ 2008-04-14 20:51:36 78,336 -c--a-w C:\WINDOWS\system32\dllcache\opnfiles.exe
- 2008-04-14 20:51:36 216,064 -c--a-w C:\windows\system32\dllcache\osk.exe
+ 2008-04-14 20:51:36 224,256 -c--a-w C:\WINDOWS\system32\dllcache\osk.exe
- 2001-10-26 19:30:00 41,472 -c--a-w C:\windows\system32\dllcache\osuninst.exe
+ 2001-10-26 19:30:00 49,664 -c--a-w C:\WINDOWS\system32\dllcache\osuninst.exe
- 2008-04-14 20:51:36 59,392 -c--a-w C:\windows\system32\dllcache\packager.exe
+ 2008-04-14 20:51:36 67,584 -c--a-w C:\WINDOWS\system32\dllcache\packager.exe
- 2001-10-26 19:30:00 22,528 -c--a-w C:\windows\system32\dllcache\pathping.exe
+ 2001-10-26 19:30:00 30,720 -c--a-w C:\WINDOWS\system32\dllcache\pathping.exe
- 2001-10-26 19:30:00 15,360 -c--a-w C:\windows\system32\dllcache\pentnt.exe
+ 2001-10-26 19:30:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\pentnt.exe
- 2008-04-14 20:51:36 15,872 -c--a-w C:\windows\system32\dllcache\perfmon.exe
+ 2008-04-14 20:51:36 24,064 -c--a-w C:\WINDOWS\system32\dllcache\perfmon.exe
- 2008-04-14 20:51:36 283,136 -c--a-w C:\windows\system32\dllcache\pinball.exe
+ 2008-04-14 20:51:36 291,328 -c--a-w C:\WINDOWS\system32\dllcache\pinball.exe
- 2008-04-14 20:51:36 18,944 -c--a-w C:\windows\system32\dllcache\ping.exe
+ 2008-04-14 20:51:36 27,136 -c--a-w C:\WINDOWS\system32\dllcache\ping.exe
- 2001-10-26 19:30:00 33,792 -c--a-w C:\windows\system32\dllcache\ping6.exe
+ 2001-10-26 19:30:00 41,984 -c--a-w C:\WINDOWS\system32\dllcache\ping6.exe
- 2008-04-13 20:13:38 70,144 -c--a-w C:\windows\system32\dllcache\pintlphr.exe
+ 2008-04-13 20:13:38 78,336 -c--a-w C:\WINDOWS\system32\dllcache\pintlphr.exe
- 2008-04-14 20:51:36 49,152 -c--a-w C:\windows\system32\dllcache\powercfg.exe
+ 2008-04-14 20:51:36 57,344 -c--a-w C:\WINDOWS\system32\dllcache\powercfg.exe
- 2001-10-26 19:30:00 9,216 -c--a-w C:\windows\system32\dllcache\print.exe
+ 2001-10-26 19:30:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\print.exe
- 2007-03-22 18:25:42 677,376 -c----w C:\windows\system32\dllcache\PrintFilterPipelineSvc.exe
+ 2007-03-22 18:25:42 685,568 -c----w C:\WINDOWS\system32\dllcache\PrintFilterPipelineSvc.exe
- 2008-04-14 20:51:36 109,568 -c--a-w C:\windows\system32\dllcache\progman.exe
+ 2008-04-14 20:51:36 117,760 -c--a-w C:\WINDOWS\system32\dllcache\progman.exe
- 2008-04-14 20:51:36 50,688 -c--a-w C:\windows\system32\dllcache\proquota.exe
+ 2008-04-14 20:51:36 58,880 -c--a-w C:\WINDOWS\system32\dllcache\proquota.exe
- 2008-04-14 20:51:36 9,728 -c--a-w C:\windows\system32\dllcache\proxycfg.exe
+ 2008-04-14 20:51:36 17,920 -c--a-w C:\WINDOWS\system32\dllcache\proxycfg.exe
- 2001-10-26 19:30:00 17,408 -c--a-w C:\windows\system32\dllcache\qappsrv.exe
+ 2001-10-26 19:30:00 25,600 -c--a-w C:\WINDOWS\system32\dllcache\qappsrv.exe
- 2008-04-14 20:51:36 20,992 -c--a-w C:\windows\system32\dllcache\qprocess.exe
+ 2008-04-14 20:51:36 29,184 -c--a-w C:\WINDOWS\system32\dllcache\qprocess.exe
- 2001-10-26 19:30:00 9,728 -c--a-w C:\windows\system32\dllcache\query.exe
+ 2001-10-26 19:30:00 17,920 -c--a-w C:\WINDOWS\system32\dllcache\query.exe
- 2001-10-26 19:30:00 16,896 -c--a-w C:\windows\system32\dllcache\quser.exe
+ 2001-10-26 19:30:00 25,088 -c--a-w C:\WINDOWS\system32\dllcache\quser.exe
- 2001-10-26 19:30:00 22,528 -c--a-w C:\windows\system32\dllcache\qwinsta.exe
+ 2001-10-26 19:30:00 30,720 -c--a-w C:\WINDOWS\system32\dllcache\qwinsta.exe
- 2001-10-26 19:30:00 11,776 -c--a-w C:\windows\system32\dllcache\rasautou.exe
+ 2001-10-26 19:30:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\rasautou.exe
- 2001-10-26 19:30:00 11,776 -c--a-w C:\windows\system32\dllcache\rasdial.exe
+ 2001-10-26 19:30:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\rasdial.exe
- 2008-04-14 20:51:36 56,832 -c--a-w C:\windows\system32\dllcache\rasphone.exe
+ 2008-04-14 20:51:36 65,024 -c--a-w C:\WINDOWS\system32\dllcache\rasphone.exe
- 2008-04-14 20:51:36 35,840 -c--a-w C:\windows\system32\dllcache\rcimlby.exe
+ 2008-04-14 20:51:36 44,032 -c--a-w C:\WINDOWS\system32\dllcache\rcimlby.exe
- 2008-04-14 20:51:36 22,016 -c--a-w C:\windows\system32\dllcache\rcp.exe
+ 2008-04-14 20:51:36 30,208 -c--a-w C:\WINDOWS\system32\dllcache\rcp.exe
- 2008-04-14 20:51:36 62,976 -c--a-w C:\windows\system32\dllcache\rdpclip.exe
+ 2008-04-14 20:51:36 71,168 -c--a-w C:\WINDOWS\system32\dllcache\rdpclip.exe
- 2008-04-14 20:51:36 13,824 -c--a-w C:\windows\system32\dllcache\rdsaddin.exe
+ 2008-04-14 20:51:36 22,016 -c--a-w C:\WINDOWS\system32\dllcache\rdsaddin.exe
- 2008-04-14 20:51:38 67,072 -c--a-w C:\windows\system32\dllcache\rdshost.exe
+ 2008-04-14 20:51:38 75,264 -c--a-w C:\WINDOWS\system32\dllcache\rdshost.exe
- 2001-10-26 19:30:00 7,168 -c--a-w C:\windows\system32\dllcache\recover.exe
+ 2001-10-26 19:30:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\recover.exe
- 2008-04-14 20:51:38 53,248 -c--a-w C:\windows\system32\dllcache\reg.exe
+ 2008-04-14 20:51:38 61,440 -c--a-w C:\WINDOWS\system32\dllcache\reg.exe
- 2008-04-14 20:51:38 149,504 -c--a-w C:\windows\system32\dllcache\regedit.exe
+ 2008-04-14 20:51:38 157,696 -c--a-w C:\WINDOWS\system32\dllcache\regedit.exe
- 2001-10-26 19:30:00 3,584 -c--a-w C:\windows\system32\dllcache\regedt32.exe
+ 2001-10-26 19:30:00 11,776 -c--a-w C:\WINDOWS\system32\dllcache\regedt32.exe
- 2001-10-26 19:30:00 33,792 -c--a-w C:\windows\system32\dllcache\regini.exe
+ 2001-10-26 19:30:00 41,984 -c--a-w C:\WINDOWS\system32\dllcache\regini.exe
- 2001-10-26 19:30:00 14,848 -c--a-w C:\windows\system32\dllcache\register.exe
+ 2001-10-26 19:30:00 23,040 -c--a-w C:\WINDOWS\system32\dllcache\register.exe
- 2008-04-14 20:51:38 12,288 -c--a-w C:\windows\system32\dllcache\regsvr32.exe
+ 2008-04-14 20:51:38 20,480 -c--a-w C:\WINDOWS\system32\dllcache\regsvr32.exe
- 2001-10-26 19:30:00 4,608 -c--a-w C:\windows\system32\dllcache\regwiz.exe
+ 2001-10-26 19:30:00 12,800 -c--a-w C:\WINDOWS\system32\dllcache\regwiz.exe
- 2001-10-26 19:30:00 33,792 -c--a-w C:\windows\system32\dllcache\relog.exe
+ 2001-10-26 19:30:00 41,984 -c--a-w C:\WINDOWS\system32\dllcache\relog.exe
- 2001-10-26 19:30:00 12,800 -c--a-w C:\windows\system32\dllcache\replace.exe
+ 2001-10-26 19:30:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\replace.exe
- 2001-10-26 19:30:00 9,728 -c--a-w C:\windows\system32\dllcache\reset.exe
+ 2001-10-26 19:30:00 17,920 -c--a-w C:\WINDOWS\system32\dllcache\reset.exe
- 2008-04-14 20:51:38 14,336 -c--a-w C:\windows\system32\dllcache\rexec.exe
+ 2008-04-14 20:51:38 22,528 -c--a-w C:\WINDOWS\system32\dllcache\rexec.exe
- 2001-10-26 19:30:00 20,480 -c--a-w C:\windows\system32\dllcache\route.exe
+ 2001-10-26 19:30:00 28,672 -c--a-w C:\WINDOWS\system32\dllcache\route.exe
- 2001-10-26 19:03:18 25,600 -c--a-w C:\windows\system32\dllcache\routemon.exe
+ 2001-10-26 19:03:18 33,792 -c--a-w C:\WINDOWS\system32\dllcache\routemon.exe
- 2008-04-14 20:51:38 15,360 -c--a-w C:\windows\system32\dllcache\rsh.exe
+ 2008-04-14 20:51:38 23,552 -c--a-w C:\WINDOWS\system32\dllcache\rsh.exe
- 2001-10-26 19:30:02 54,272 -c--a-w C:\windows\system32\dllcache\rsm.exe
+ 2001-10-26 19:30:02 62,464 -c--a-w C:\WINDOWS\system32\dllcache\rsm.exe
- 2001-10-26 19:30:02 24,576 -c--a-w C:\windows\system32\dllcache\rsmsink.exe
+ 2001-10-26 19:30:02 32,768 -c--a-w C:\WINDOWS\system32\dllcache\rsmsink.exe
- 2001-10-26 19:30:02 49,152 -c--a-w C:\windows\system32\dllcache\rsmui.exe
+ 2001-10-26 19:30:02 57,344 -c--a-w C:\WINDOWS\system32\dllcache\rsmui.exe
- 2008-04-14 20:51:38 107,520 -c--a-w C:\windows\system32\dllcache\rsnotify.exe
+ 2008-04-14 20:51:38 115,712 -c--a-w C:\WINDOWS\system32\dllcache\rsnotify.exe
- 2001-10-26 19:30:02 62,976 -c--a-w C:\windows\system32\dllcache\rsopprov.exe
+ 2001-10-26 19:30:02 71,168 -c--a-w C:\WINDOWS\system32\dllcache\rsopprov.exe
- 2008-04-14 20:51:38 382,976 -c--a-w C:\windows\system32\dllcache\rstrui.exe
+ 2008-04-14 20:51:38 391,168 -c--a-w C:\WINDOWS\system32\dllcache\rstrui.exe
- 2001-10-26 19:30:02 132,608 -c--a-w C:\windows\system32\dllcache\rsvp.exe
+ 2001-10-26 19:30:02 140,800 -c--a-w C:\WINDOWS\system32\dllcache\rsvp.exe
- 2008-04-14 20:51:38 77,824 -c--a-w C:\windows\system32\dllcache\rtcshare.exe
+ 2008-04-14 20:51:38 86,016 -c--a-w C:\WINDOWS\system32\dllcache\rtcshare.exe
- 2001-10-26 19:30:02 16,896 -c--a-w C:\windows\system32\dllcache\runas.exe
+ 2001-10-26 19:30:02 25,088 -c--a-w C:\WINDOWS\system32\dllcache\runas.exe
- 2008-04-14 20:51:40 33,280 -c--a-w C:\windows\system32\dllcache\rundll32.exe
+ 2008-04-14 20:51:40 41,472 -c--a-w C:\WINDOWS\system32\dllcache\rundll32.exe
- 2008-04-14 20:51:40 14,336 -c--a-w C:\windows\system32\dllcache\runonce.exe
+ 2008-04-14 20:51:40 22,528 -c--a-w C:\WINDOWS\system32\dllcache\runonce.exe
- 2001-10-26 19:30:02 42,574 -c--a-w C:\windows\system32\dllcache\rvsezm.exe
+ 2001-10-26 19:30:02 50,766 -c--a-w C:\WINDOWS\system32\dllcache\rvsezm.exe
- 2001-10-26 19:30:02 16,384 -c--a-w C:\windows\system32\dllcache\rwinsta.exe
+ 2001-10-26 19:30:02 24,576 -c--a-w C:\WINDOWS\system32\dllcache\rwinsta.exe
- 2001-10-26 19:30:02 36,864 -c--a-w C:\windows\system32\dllcache\sapisvr.exe
+ 2001-10-26 19:30:02 45,056 -c--a-w C:\WINDOWS\system32\dllcache\sapisvr.exe
- 2008-04-14 20:51:40 13,824 -c--a-w C:\windows\system32\dllcache\savedump.exe
+ 2008-04-14 20:51:40 22,016 -c--a-w C:\WINDOWS\system32\dllcache\savedump.exe
- 2001-10-26 19:30:02 31,232 -c--a-w C:\windows\system32\dllcache\sc.exe
+ 2001-10-26 19:30:02 39,424 -c--a-w C:\WINDOWS\system32\dllcache\sc.exe
- 2008-04-14 20:51:40 98,304 -c--a-w C:\windows\system32\dllcache\scardsvr.exe
+ 2008-04-14 20:51:40 106,496 -c--a-w C:\WINDOWS\system32\dllcache\scardsvr.exe
- 2008-04-14 20:51:40 36,352 -c--a-w C:\windows\system32\dllcache\scrcons.exe
+ 2008-04-14 20:51:40 44,544 -c--a-w C:\WINDOWS\system32\dllcache\scrcons.exe
- 2008-04-14 20:51:56 9,216 -c--a-w C:\windows\system32\dllcache\scrnsave.scr
+ 2008-04-14 20:51:56 17,408 -c--a-w C:\WINDOWS\system32\dllcache\scrnsave.scr
- 2008-04-14 20:51:40 128,000 -c--a-w C:\windows\system32\dllcache\sctasks.exe
+ 2008-04-14 20:51:40 136,192 -c--a-w C:\WINDOWS\system32\dllcache\sctasks.exe
- 2008-04-14 20:51:40 77,824 -c--a-w C:\windows\system32\dllcache\sdbinst.exe
+ 2008-04-14 20:51:40 86,016 -c--a-w C:\WINDOWS\system32\dllcache\sdbinst.exe
- 2008-04-14 20:51:40 19,456 -c--a-w C:\windows\system32\dllcache\secedit.exe
+ 2008-04-14 20:51:40 27,648 -c--a-w C:\WINDOWS\system32\dllcache\secedit.exe
- 2008-04-14 20:51:40 109,056 -c--a-w C:\windows\system32\dllcache\services.exe
+ 2008-04-14 20:51:40 117,248 -c--a-w C:\WINDOWS\system32\dllcache\services.exe
- 2008-04-14 20:51:40 142,336 -c--a-w C:\windows\system32\dllcache\sessmgr.exe
+ 2008-04-14 20:51:40 150,528 -c--a-w C:\WINDOWS\system32\dllcache\sessmgr.exe
- 2008-04-14 20:51:40 32,768 -c--a-w C:\windows\system32\dllcache\sethc.exe
+ 2008-04-14 20:51:40 40,960 -c--a-w C:\WINDOWS\system32\dllcache\sethc.exe
- 2008-04-14 20:51:40 23,040 -c--a-w C:\windows\system32\dllcache\setup.exe
+ 2008-04-14 20:51:40 31,232 -c--a-w C:\WINDOWS\system32\dllcache\setup.exe
- 2008-04-14 20:51:42 774,144 -c--a-w C:\windows\system32\dllcache\setup_wm.exe
+ 2008-04-14 20:51:42 782,336 -c--a-w C:\WINDOWS\system32\dllcache\setup_wm.exe
- 2008-04-14 20:51:42 73,728 -c--a-w C:\windows\system32\dllcache\setup50.exe
+ 2008-04-14 20:51:42 81,920 -c--a-w C:\WINDOWS\system32\dllcache\setup50.exe
- 2008-04-14 20:51:42 32,768 -c--a-w C:\windows\system32\dllcache\setupn.exe
+ 2008-04-14 20:51:42 40,960 -c--a-w C:\WINDOWS\system32\dllcache\setupn.exe
- 2001-10-26 19:30:02 9,728 -c--a-w C:\windows\system32\dllcache\sfc.exe
+ 2001-10-26 19:30:02 17,920 -c--a-w C:\WINDOWS\system32\dllcache\sfc.exe
- 2001-10-26 19:30:02 15,360 -c--a-w C:\windows\system32\dllcache\shadow.exe
+ 2001-10-26 19:30:02 23,552 -c--a-w C:\WINDOWS\system32\dllcache\shadow.exe
- 2008-04-14 20:51:42 45,056 -c--a-w C:\windows\system32\dllcache\shmgrate.exe
+ 2008-04-14 20:51:42 53,248 -c--a-w C:\WINDOWS\system32\dllcache\shmgrate.exe
- 2008-04-14 20:51:42 78,336 -c--a-w C:\windows\system32\dllcache\shrpubw.exe
+ 2008-04-14 20:51:42 86,528 -c--a-w C:\WINDOWS\system32\dllcache\shrpubw.exe
- 2008-04-14 20:51:42 20,480 -c--a-w C:\windows\system32\dllcache\shutdown.exe
+ 2008-04-14 20:51:42 28,672 -c--a-w C:\WINDOWS\system32\dllcache\shutdown.exe
- 2001-10-26 19:30:02 42,573 -c--a-w C:\windows\system32\dllcache\shvlzm.exe
+ 2001-10-26 19:30:02 50,765 -c--a-w C:\WINDOWS\system32\dllcache\shvlzm.exe
- 2008-04-14 20:51:42 70,656 -c--a-w C:\windows\system32\dllcache\sigverif.exe
+ 2008-04-14 20:51:42 78,848 -c--a-w C:\WINDOWS\system32\dllcache\sigverif.exe
- 2008-04-14 20:51:42 26,112 -c--a-w C:\windows\system32\dllcache\skeys.exe
+ 2008-04-14 20:51:42 34,304 -c--a-w C:\WINDOWS\system32\dllcache\skeys.exe
- 2008-04-14 20:51:42 8,192 -c--a-w C:\windows\system32\dllcache\smbinst.exe
+ 2008-04-14 20:51:42 16,384 -c--a-w C:\WINDOWS\system32\dllcache\smbinst.exe
- 2008-04-14 20:51:42 236,544 -c--a-w C:\windows\system32\dllcache\smi2smir.exe
+ 2008-04-14 20:51:42 244,736 -c--a-w C:\WINDOWS\system32\dllcache\smi2smir.exe
- 2008-04-14 20:51:44 91,136 -c--a-w C:\windows\system32\dllcache\smlogsvc.exe
+ 2008-04-14 20:51:44 99,328 -c--a-w C:\WINDOWS\system32\dllcache\smlogsvc.exe
- 2008-04-14 20:51:44 132,608 -c--a-w C:\windows\system32\dllcache\sndrec32.exe
+ 2008-04-14 20:51:44 140,800 -c--a-w C:\WINDOWS\system32\dllcache\sndrec32.exe
- 2001-10-26 19:30:02 139,264 -c--a-w C:\windows\system32\dllcache\sndvol32.exe
+ 2001-10-26 19:30:02 147,456 -c--a-w C:\WINDOWS\system32\dllcache\sndvol32.exe
- 2008-04-14 20:51:44 32,768 -c--a-w C:\windows\system32\dllcache\snmp.exe
+ 2008-04-14 20:51:44 40,960 -c--a-w C:\WINDOWS\system32\dllcache\snmp.exe
- 2008-04-14 20:51:44 8,704 -c--a-w C:\windows\system32\dllcache\snmptrap.exe
+ 2008-04-14 20:51:44 16,896 -c--a-w C:\WINDOWS\system32\dllcache\snmptrap.exe
- 2001-10-26 19:30:02 57,344 -c--a-w C:\windows\system32\dllcache\sol.exe
+ 2001-10-26 19:30:02 65,536 -c--a-w C:\WINDOWS\system32\dllcache\sol.exe
- 2008-04-14 20:51:44 24,576 -c--a-w C:\windows\system32\dllcache\sort.exe
+ 2008-04-14 20:51:44 32,768 -c--a-w C:\WINDOWS\system32\dllcache\sort.exe
- 2008-04-14 20:51:44 538,624 -c--a-w C:\windows\system32\dllcache\spider.exe
+ 2008-04-14 20:51:44 546,816 -c--a-w C:\WINDOWS\system32\dllcache\spider.exe
- 2008-04-13 22:13:32 12,800 -c--a-w C:\windows\system32\dllcache\spiisupd.exe
+ 2008-04-13 22:13:32 20,992 -c--a-w C:\WINDOWS\system32\dllcache\spiisupd.exe
- 2008-04-14 20:51:44 11,264 -c--a-w C:\windows\system32\dllcache\spnpinst.exe
+ 2008-04-14 20:51:44 19,456 -c--a-w C:\WINDOWS\system32\dllcache\spnpinst.exe
- 2001-10-26 19:30:02 47,104 -c--a-w C:\windows\system32\dllcache\srdiag.exe
+ 2001-10-26 19:30:02 55,296 -c--a-w C:\WINDOWS\system32\dllcache\srdiag.exe
- 2008-04-14 20:51:56 708,608 -c--a-w C:\windows\system32\dllcache\ss3dfo.scr
+ 2008-04-14 20:51:56 716,800 -c--a-w C:\WINDOWS\system32\dllcache\ss3dfo.scr
- 2008-04-14 20:51:56 19,968 -c--a-w C:\windows\system32\dllcache\ssbezier.scr
+ 2008-04-14 20:51:56 28,160 -c--a-w C:\WINDOWS\system32\dllcache\ssbezier.scr
- 2008-04-14 20:51:56 393,216 -c--a-w C:\windows\system32\dllcache\ssflwbox.scr
+ 2008-04-14 20:51:56 401,408 -c--a-w C:\WINDOWS\system32\dllcache\ssflwbox.scr
- 2008-04-14 20:51:56 20,992 -c--a-w C:\windows\system32\dllcache\ssmarque.scr
+ 2008-04-14 20:51:56 29,184 -c--a-w C:\WINDOWS\system32\dllcache\ssmarque.scr
- 2008-04-14 20:51:56 47,104 -c--a-w C:\windows\system32\dllcache\ssmypics.scr
+ 2008-04-14 20:51:56 55,296 -c--a-w C:\WINDOWS\system32\dllcache\ssmypics.scr
- 2008-04-14 20:51:56 18,944 -c--a-w C:\windows\system32\dllcache\ssmyst.scr
+ 2008-04-14 20:51:56 27,136 -c--a-w C:\WINDOWS\system32\dllcache\ssmyst.scr
- 2008-04-14 20:51:56 610,304 -c--a-w C:\windows\system32\dllcache\sspipes.scr
+ 2008-04-14 20:51:56 618,496 -c--a-w C:\WINDOWS\system32\dllcache\sspipes.scr
- 2008-04-14 20:51:56 14,336 -c--a-w C:\windows\system32\dllcache\ssstars.scr
+ 2008-04-14 20:51:56 22,528 -c--a-w C:\WINDOWS\system32\dllcache\ssstars.scr
- 2008-04-14 20:51:58 679,936 -c--a-w C:\windows\system32\dllcache\sstext3d.scr
+ 2008-04-14 20:51:58 688,128 -c--a-w C:\WINDOWS\system32\dllcache\sstext3d.scr
- 2008-04-14 20:51:44 14,848 -c--a-w C:\windows\system32\dllcache\stimon.exe
+ 2008-04-14 20:51:44 23,040 -c--a-w C:\WINDOWS\system32\dllcache\stimon.exe
- 2001-10-26 19:30:02 9,216 -c--a-w C:\windows\system32\dllcache\subst.exe
+ 2001-10-26 19:30:02 17,408 -c--a-w C:\WINDOWS\system32\dllcache\subst.exe
- 2008-04-14 20:51:44 14,336 -c--a-w C:\windows\system32\dllcache\svchost.exe
+ 2008-04-14 20:51:44 22,528 -c--a-w C:\WINDOWS\system32\dllcache\svchost.exe
- 2001-10-26 19:30:02 51,200 -c--a-w C:\windows\system32\dllcache\syncapp.exe
+ 2001-10-26 19:30:02 59,392 -c--a-w C:\WINDOWS\system32\dllcache\syncapp.exe
- 2008-04-14 20:51:44 73,728 -c--a-w C:\windows\system32\dllcache\sysinfo.exe
+ 2008-04-14 20:51:44 81,920 -c--a-w C:\WINDOWS\system32\dllcache\sysinfo.exe
- 2001-10-26 19:30:02 37,376 -c--a-w C:\windows\system32\dllcache\syskey.exe
+ 2001-10-26 19:30:02 45,568 -c--a-w C:\WINDOWS\system32\dllcache\syskey.exe
- 2008-04-14 20:51:44 107,008 -c--a-w C:\windows\system32\dllcache\sysocmgr.exe
+ 2008-04-14 20:51:44 115,200 -c--a-w C:\WINDOWS\system32\dllcache\sysocmgr.exe
- 2001-10-26 19:30:02 3,072 -c--a-w C:\windows\system32\dllcache\systray.exe
+ 2001-10-26 19:30:02 11,264 -c--a-w C:\WINDOWS\system32\dllcache\systray.exe
- 2008-04-14 20:51:46 78,848 -c--a-w C:\windows\system32\dllcache\taskkill.exe
+ 2008-04-14 20:51:46 87,040 -c--a-w C:\WINDOWS\system32\dllcache\taskkill.exe
- 2008-04-14 20:51:46 79,360 -c--a-w C:\windows\system32\dllcache\tasklist.exe
+ 2008-04-14 20:51:46 87,552 -c--a-w C:\WINDOWS\system32\dllcache\tasklist.exe
- 2001-10-26 19:30:02 15,360 -c--a-w C:\windows\system32\dllcache\taskman.exe
+ 2001-10-26 19:30:02 23,552 -c--a-w C:\WINDOWS\system32\dllcache\taskman.exe
- 2008-04-14 20:51:46 139,776 -c--a-w C:\windows\system32\dllcache\taskmgr.exe
+ 2008-04-14 20:51:46 147,968 -c--a-w C:\WINDOWS\system32\dllcache\taskmgr.exe
- 2001-10-26 19:30:02 13,312 -c--a-w C:\windows\system32\dllcache\tcmsetup.exe
+ 2001-10-26 19:30:02 21,504 -c--a-w C:\WINDOWS\system32\dllcache\tcmsetup.exe
- 2001-10-26 19:30:02 19,456 -c--a-w C:\windows\system32\dllcache\tcpsvcs.exe
+ 2001-10-26 19:30:02 27,648 -c--a-w C:\WINDOWS\system32\dllcache\tcpsvcs.exe
- 2008-04-14 20:51:46 77,824 -c--a-w C:\windows\system32\dllcache\telnet.exe
+ 2008-04-14 20:51:46 86,016 -c--a-w C:\WINDOWS\system32\dllcache\telnet.exe
- 2001-10-26 19:30:02 16,896 -c--a-w C:\windows\system32\dllcache\tftp.exe
+ 2001-10-26 19:30:02 25,088 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
- 2008-04-13 20:13:52 44,032 -c--a-w C:\windows\system32\dllcache\tintlphr.exe
+ 2008-04-13 20:13:52 52,224 -c--a-w C:\WINDOWS\system32\dllcache\tintlphr.exe
- 2008-04-13 20:13:54 455,168 -c--a-w C:\windows\system32\dllcache\tintsetp.exe
+ 2008-04-13 20:13:54 463,360 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe
- 2008-04-14 20:51:46 63,488 -c--a-w C:\windows\system32\dllcache\tlntadmn.exe
+ 2008-04-14 20:51:46 71,680 -c--a-w C:\WINDOWS\system32\dllcache\tlntadmn.exe
- 2008-04-14 20:51:46 80,384 -c--a-w C:\windows\system32\dllcache\tlntsess.exe
+ 2008-04-14 20:51:46 88,576 -c--a-w C:\WINDOWS\system32\dllcache\tlntsess.exe
- 2008-04-14 20:51:46 75,264 -c--a-w C:\windows\system32\dllcache\tlntsvr.exe
+ 2008-04-14 20:51:46 83,456 -c--a-w C:\WINDOWS\system32\dllcache\tlntsvr.exe
- 2008-04-14 20:51:46 347,136 -c--a-w C:\windows\system32\dllcache\tourstrt.exe
+ 2008-04-14 20:51:46 355,328 -c--a-w C:\WINDOWS\system32\dllcache\tourstrt.exe
- 2008-04-14 20:51:46 260,096 -c--a-w C:\windows\system32\dllcache\tracerpt.exe
+ 2008-04-14 20:51:46 268,288 -c--a-w C:\WINDOWS\system32\dllcache\tracerpt.exe
- 2008-04-14 20:51:46 12,800 -c--a-w C:\windows\system32\dllcache\tracert.exe
+ 2008-04-14 20:51:46 20,992 -c--a-w C:\WINDOWS\system32\dllcache\tracert.exe
- 2001-10-26 19:30:04 32,256 -c--a-w C:\windows\system32\dllcache\tracert6.exe
+ 2001-10-26 19:30:04 40,448 -c--a-w C:\WINDOWS\system32\dllcache\tracert6.exe
- 2001-10-26 19:30:04 15,360 -c--a-w C:\windows\system32\dllcache\tscon.exe
+ 2001-10-26 19:30:04 23,552 -c--a-w C:\WINDOWS\system32\dllcache\tscon.exe
- 2001-10-26 19:30:04 15,360 -c--a-w C:\windows\system32\dllcache\tsdiscon.exe
+ 2001-10-26 19:30:04 23,552 -c--a-w C:\WINDOWS\system32\dllcache\tsdiscon.exe
- 2001-10-26 19:30:04 16,384 -c--a-w C:\windows\system32\dllcache\tskill.exe
+ 2001-10-26 19:30:04 24,576 -c--a-w C:\WINDOWS\system32\dllcache\tskill.exe
- 2001-10-26 19:30:04 14,336 -c--a-w C:\windows\system32\dllcache\tsprof.exe
+ 2001-10-26 19:30:04 22,528 -c--a-w C:\WINDOWS\system32\dllcache\tsprof.exe
- 2001-10-26 19:30:04 17,920 -c--a-w C:\windows\system32\dllcache\tsshutdn.exe
+ 2001-10-26 19:30:04 26,112 -c--a-w C:\WINDOWS\system32\dllcache\tsshutdn.exe
- 2001-10-26 19:30:04 25,600 -c--a-w C:\windows\system32\dllcache\twunk_32.exe
+ 2001-10-26 19:30:04 33,792 -c--a-w C:\WINDOWS\system32\dllcache\twunk_32.exe
- 2001-10-26 19:30:04 36,864 -c--a-w C:\windows\system32\dllcache\typeperf.exe
+ 2001-10-26 19:30:04 45,056 -c--a-w C:\WINDOWS\system32\dllcache\typeperf.exe
- 2001-10-26 19:30:04 4,096 -c--a-w C:\windows\system32\dllcache\unlodctr.exe
+ 2001-10-26 19:30:04 12,288 -c--a-w C:\WINDOWS\system32\dllcache\unlodctr.exe
- 2008-04-14 20:51:46 208,896 -c--a-w C:\windows\system32\dllcache\unregmp2.exe
+ 2008-04-14 20:51:46 217,088 -c--a-w C:\WINDOWS\system32\dllcache\unregmp2.exe
- 2001-10-26 19:30:04 16,896 -c--a-w C:\windows\system32\dllcache\unsecapp.exe
+ 2001-10-26 19:30:04 25,088 -c--a-w C:\WINDOWS\system32\dllcache\unsecapp.exe
- 2008-04-14 20:51:46 151,040 -c--a-w C:\windows\system32\dllcache\uploadm.exe
+ 2008-04-14 20:51:46 159,232 -c--a-w C:\WINDOWS\system32\dllcache\uploadm.exe
- 2008-04-14 20:51:46 16,896 -c--a-w C:\windows\system32\dllcache\upnpcont.exe
+ 2008-04-14 20:51:46 25,088 -c--a-w C:\WINDOWS\system32\dllcache\upnpcont.exe
- 2008-04-14 20:51:46 18,432 -c--a-w C:\windows\system32\dllcache\ups.exe
+ 2008-04-14 20:51:46 26,624 -c--a-w C:\WINDOWS\system32\dllcache\ups.exe
- 2008-04-14 20:51:48 50,176 -c--a-w C:\windows\system32\dllcache\utilman.exe
+ 2008-04-14 20:51:48 58,368 -c--a-w C:\WINDOWS\system32\dllcache\utilman.exe
- 2001-10-26 19:30:04 102,400 -c--a-w C:\windows\system32\dllcache\verifier.exe
+ 2001-10-26 19:30:04 110,592 -c--a-w C:\WINDOWS\system32\dllcache\verifier.exe
- 2001-10-26 19:30:04 33,792 -c--a-w C:\windows\system32\dllcache\vssadmin.exe
+ 2001-10-26 19:30:04 41,984 -c--a-w C:\WINDOWS\system32\dllcache\vssadmin.exe
- 2008-04-14 20:51:48 291,840 -c--a-w C:\windows\system32\dllcache\vssvc.exe
+ 2008-04-14 20:51:48 300,032 -c--a-w C:\WINDOWS\system32\dllcache\vssvc.exe
- 2001-10-26 19:30:06 51,200 -c--a-w C:\windows\system32\dllcache\w32tm.exe
+ 2001-10-26 19:30:06 59,392 -c--a-w C:\WINDOWS\system32\dllcache\w32tm.exe
- 2008-04-14 20:51:48 46,080 -c--a-w C:\windows\system32\dllcache\wab.exe
+ 2008-04-14 20:51:48 54,272 -c--a-w C:\WINDOWS\system32\dllcache\wab.exe
- 2008-04-14 20:51:48 30,208 -c--a-w C:\windows\system32\dllcache\wabmig.exe
+ 2008-04-14 20:51:48 38,400 -c--a-w C:\WINDOWS\system32\dllcache\wabmig.exe
- 2001-10-26 19:30:06 12,288 -c--a-w C:\windows\system32\dllcache\wb32.exe
+ 2001-10-26 19:30:06 20,480 -c--a-w C:\WINDOWS\system32\dllcache\wb32.exe
- 2008-04-14 20:51:48 118,272 -c--a-w C:\windows\system32\dllcache\wbemtest.exe
+ 2008-04-14 20:51:48 126,464 -c--a-w C:\WINDOWS\system32\dllcache\wbemtest.exe
- 2008-04-14 20:51:48 66,048 -c--a-w C:\windows\system32\dllcache\wextract.exe
+ 2008-04-14 20:51:48 74,240 -c--a-w C:\WINDOWS\system32\dllcache\wextract.exe
- 2008-04-14 20:51:48 435,712 -c--a-w C:\windows\system32\dllcache\wiaacmgr.exe
+ 2008-04-14 20:51:48 443,904 -c--a-w C:\WINDOWS\system32\dllcache\wiaacmgr.exe
- 2008-04-14 20:51:50 285,696 -c--a-w C:\windows\system32\dllcache\winhlp32.exe
+ 2008-04-14 20:51:50 293,888 -c--a-w C:\WINDOWS\system32\dllcache\winhlp32.exe
- 2001-10-26 19:30:06 8,192 -c--a-w C:\windows\system32\dllcache\winhstb.exe
+ 2001-10-26 19:30:06 16,384 -c--a-w C:\WINDOWS\system32\dllcache\winhstb.exe
- 2008-04-14 20:51:50 510,464 -c--a-w C:\windows\system32\dllcache\winlogon.exe
+ 2008-04-14 20:51:50 518,656 -c--a-w C:\WINDOWS\system32\dllcache\winlogon.exe
- 2001-10-26 19:30:06 13,824 -c--a-w C:\windows\system32\dllcache\winmgmt.exe
+ 2001-10-26 19:30:06 22,016 -c--a-w C:\WINDOWS\system32\dllcache\winmgmt.exe
- 2001-10-26 19:30:06 119,808 -c--a-w C:\windows\system32\dllcache\winmine.exe
+ 2001-10-26 19:30:06 128,000 -c--a-w C:\WINDOWS\system32\dllcache\winmine.exe
- 2001-10-26 19:30:06 11,776 -c--a-w C:\windows\system32\dllcache\winmsd.exe
+ 2001-10-26 19:30:06 19,968 -c--a-w C:\WINDOWS\system32\dllcache\winmsd.exe
- 2008-04-14 20:51:50 5,632 -c--a-w C:\windows\system32\dllcache\winver.exe
+ 2008-04-14 20:51:50 13,824 -c--a-w C:\WINDOWS\system32\dllcache\winver.exe
- 2008-04-14 20:51:50 196,608 -c--a-w C:\windows\system32\dllcache\wmiadap.exe
+ 2008-04-14 20:51:50 204,800 -c--a-w C:\WINDOWS\system32\dllcache\wmiadap.exe
- 2008-04-14 20:51:50 126,464 -c--a-w C:\windows\system32\dllcache\wmiapsrv.exe
+ 2008-04-14 20:51:50 134,656 -c--a-w C:\WINDOWS\system32\dllcache\wmiapsrv.exe
- 2008-04-14 20:51:52 367,104 -c--a-w C:\windows\system32\dllcache\wmic.exe
+ 2008-04-14 20:51:52 375,296 -c--a-w C:\WINDOWS\system32\dllcache\wmic.exe
- 2008-04-14 20:51:52 218,112 -c--a-w C:\windows\system32\dllcache\wmiprvse.exe
+ 2008-04-14 20:51:52 226,304 -c--a-w C:\WINDOWS\system32\dllcache\wmiprvse.exe
- 2008-04-14 20:51:52 73,728 -c--a-w C:\windows\system32\dllcache\wmplayer.exe
+ 2008-04-14 20:51:52 81,920 -c--a-w C:\WINDOWS\system32\dllcache\wmplayer.exe
- 2008-04-14 20:51:52 217,088 -c--a-w C:\windows\system32\dllcache\wordpad.exe
+ 2008-04-14 20:51:52 225,280 -c--a-w C:\WINDOWS\system32\dllcache\wordpad.exe
- 2008-04-14 20:51:52 32,256 -c--a-w C:\windows\system32\dllcache\wpabaln.exe
+ 2008-04-14 20:51:52 40,448 -c--a-w C:\WINDOWS\system32\dllcache\wpabaln.exe
- 2008-04-14 20:51:52 11,776 -c--a-w C:\windows\system32\dllcache\wpnpinst.exe
+ 2008-04-14 20:51:52 19,968 -c--a-w C:\WINDOWS\system32\dllcache\wpnpinst.exe
- 2001-10-26 19:30:06 5,632 -c--a-w C:\windows\system32\dllcache\write.exe
+ 2001-10-26 19:30:06 13,824 -c--a-w C:\WINDOWS\system32\dllcache\write.exe
- 2008-04-14 20:51:52 13,824 -c--a-w C:\windows\system32\dllcache\wscntfy.exe
+ 2008-04-14 20:51:52 22,016 -c--a-w C:\WINDOWS\system32\dllcache\wscntfy.exe
- 2008-04-14 20:51:52 155,648 -c--a-w C:\windows\system32\dllcache\wscript.exe
+ 2008-04-14 20:51:52 163,840 -c--a-w C:\WINDOWS\system32\dllcache\wscript.exe
- 2008-04-14 20:51:52 168,960 -c--a-w C:\windows\system32\dllcache\wuauclt1.exe
+ 2008-04-14 20:51:52 177,152 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt1.exe
- 2001-10-26 19:30:06 32,256 -c--a-w C:\windows\system32\dllcache\wupdmgr.exe
+ 2001-10-26 19:30:06 40,448 -c--a-w C:\WINDOWS\system32\dllcache\wupdmgr.exe
- 2008-04-14 20:51:52 30,720 -c--a-w C:\windows\system32\dllcache\xcopy.exe
+ 2008-04-14 20:51:52 38,912 -c--a-w C:\WINDOWS\system32\dllcache\xcopy.exe
- 2001-10-26 19:30:06 36,937 -c--a-w C:\windows\system32\dllcache\zclientm.exe
+ 2001-10-26 19:30:06 45,129 -c--a-w C:\WINDOWS\system32\dllcache\zclientm.exe
- 2001-10-26 19:29:50 4,608 ----a-w C:\windows\system32\dllhst3g.exe
+ 2001-10-26 19:29:50 12,800 ----a-w C:\WINDOWS\system32\dllhst3g.exe
- 2008-04-14 20:51:14 15,872 ----a-w C:\windows\system32\dmremote.exe
+ 2008-04-14 20:51:14 24,064 ----a-w C:\WINDOWS\system32\dmremote.exe
- 2001-10-26 19:29:52 10,752 ----a-w C:\windows\system32\doskey.exe
+ 2001-10-26 19:29:52 18,944 ----a-w C:\WINDOWS\system32\doskey.exe
- 2008-04-14 20:51:14 29,696 ----a-w C:\windows\system32\dplaysvr.exe
+ 2008-04-14 20:51:14 37,888 ----a-w C:\WINDOWS\system32\dplaysvr.exe
- 2008-04-14 20:51:14 18,432 ----a-w C:\windows\system32\dpnsvr.exe
+ 2008-04-14 20:51:14 26,624 ----a-w C:\WINDOWS\system32\dpnsvr.exe
- 2008-04-14 20:51:14 83,456 ----a-w C:\windows\system32\dpvsetup.exe
+ 2008-04-14 20:51:14 91,648 ----a-w C:\WINDOWS\system32\dpvsetup.exe
- 2008-04-14 20:51:14 65,024 ----a-w C:\windows\system32\driverquery.exe
+ 2008-04-14 20:51:14 73,216 ----a-w C:\WINDOWS\system32\driverquery.exe
- 2001-10-26 20:03:24 57,856 ----a-w C:\windows\system32\dvdplay.exe
+ 2001-10-26 20:03:24 66,048 ----a-w C:\WINDOWS\system32\dvdplay.exe
- 2008-04-14 20:51:14 17,920 ----a-w C:\windows\system32\dvdupgrd.exe
+ 2008-04-14 20:51:14 26,112 ----a-w C:\WINDOWS\system32\dvdupgrd.exe
- 2008-04-14 20:51:14 1,298,432 ----a-w C:\windows\system32\dxdiag.exe
+ 2008-04-14 20:51:14 1,306,624 ----a-w C:\WINDOWS\system32\dxdiag.exe
- 2001-10-26 19:29:52 39,424 ----a-w C:\windows\system32\esentutl.exe
+ 2001-10-26 19:29:52 47,616 ----a-w C:\WINDOWS\system32\esentutl.exe
- 2008-04-14 20:51:16 194,048 ----a-w C:\windows\system32\eudcedit.exe
+ 2008-04-14 20:51:16 202,240 ----a-w C:\WINDOWS\system32\eudcedit.exe
- 2008-04-14 20:51:16 52,736 ----a-w C:\windows\system32\eventcreate.exe
+ 2008-04-14 20:51:16 60,928 ----a-w C:\WINDOWS\system32\eventcreate.exe
- 2008-04-14 20:51:16 86,016 ----a-w C:\windows\system32\eventtriggers.exe
+ 2008-04-14 20:51:16 94,208 ----a-w C:\WINDOWS\system32\eventtriggers.exe
- 2001-10-26 19:29:52 9,216 ----a-w C:\windows\system32\eventvwr.exe
+ 2001-10-26 19:29:52 17,408 ----a-w C:\WINDOWS\system32\eventvwr.exe
- 2001-10-26 19:29:52 16,384 ----a-w C:\windows\system32\expand.exe
+ 2001-10-26 19:29:52 24,576 ----a-w C:\WINDOWS\system32\expand.exe
- 2008-04-14 20:51:18 24,064 ----a-w C:\windows\system32\extrac32.exe
+ 2008-04-14 20:51:18 32,256 ----a-w C:\WINDOWS\system32\extrac32.exe
- 2008-04-14 20:51:18 20,992 ------w C:\windows\system32\faxpatch.exe
+ 2008-04-14 20:51:18 29,184 ------w C:\WINDOWS\system32\faxpatch.exe
- 2001-10-26 19:29:54 14,848 ----a-w C:\windows\system32\fc.exe
+ 2001-10-26 19:29:54 23,040 ----a-w C:\WINDOWS\system32\fc.exe
- 2001-10-26 19:29:54 9,728 ----a-w C:\windows\system32\finger.exe
+ 2001-10-26 19:29:54 17,920 ----a-w C:\WINDOWS\system32\finger.exe
- 2001-10-26 19:29:54 3,072 ----a-w C:\windows\system32\fixmapi.exe
+ 2001-10-26 19:29:54 11,264 ----a-w C:\WINDOWS\system32\fixmapi.exe
- 2008-04-14 20:51:18 23,040 ----a-w C:\windows\system32\fltMc.exe
+ 2008-04-14 20:51:18 31,232 ----a-w C:\WINDOWS\system32\fltMc.exe
- 2008-04-14 20:51:18 21,504 ----a-w C:\windows\system32\fontview.exe
+ 2008-04-14 20:51:18 29,696 ----a-w C:\WINDOWS\system32\fontview.exe
- 2008-04-14 20:51:18 7,680 ----a-w C:\windows\system32\forcedos.exe
+ 2008-04-14 20:51:18 15,872 ----a-w C:\WINDOWS\system32\forcedos.exe
- 2001-10-26 19:29:54 55,808 ----a-w C:\windows\system32\freecell.exe
+ 2001-10-26 19:29:54 64,000 ----a-w C:\WINDOWS\system32\freecell.exe
- 2008-04-14 20:51:18 193,024 ----a-w C:\windows\system32\fsquirt.exe
+ 2008-04-14 20:51:18 201,216 ----a-w C:\WINDOWS\system32\fsquirt.exe
- 2001-10-26 19:29:54 62,976 ----a-w C:\windows\system32\fsutil.exe
+ 2001-10-26 19:29:54 71,168 ----a-w C:\WINDOWS\system32\fsutil.exe
- 2008-04-14 20:51:18 44,544 ----a-w C:\windows\system32\ftp.exe
+ 2008-04-14 20:51:18 52,736 ----a-w C:\WINDOWS\system32\ftp.exe
- 2008-04-14 20:51:18 61,440 ----a-w C:\windows\system32\getmac.exe
+ 2008-04-14 20:51:18 69,632 ----a-w C:\WINDOWS\system32\getmac.exe
- 2008-04-14 20:51:18 123,904 ----a-w C:\windows\system32\gpresult.exe
+ 2008-04-14 20:51:18 132,096 ----a-w C:\WINDOWS\system32\gpresult.exe
- 2001-10-26 19:29:54 58,368 ----a-w C:\windows\system32\gpupdate.exe
+ 2001-10-26 19:29:54 66,560 ----a-w C:\WINDOWS\system32\gpupdate.exe
- 2008-04-14 20:51:20 15,872 ----a-w C:\windows\system32\help.exe
+ 2008-04-14 20:51:20 24,064 ----a-w C:\WINDOWS\system32\help.exe
- 2001-10-26 19:29:54 8,192 ----a-w C:\windows\system32\hostname.exe
+ 2001-10-26 19:29:54 16,384 ----a-w C:\WINDOWS\system32\hostname.exe
- 2008-04-14 20:51:20 34,304 ----a-w C:\windows\system32\ie4uinit.exe
+ 2008-04-14 20:51:20 42,496 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2008-04-14 20:51:20 114,688 ----a-w C:\windows\system32\iexpress.exe
+ 2008-04-14 20:51:20 122,880 ----a-w C:\WINDOWS\system32\iexpress.exe
- 2001-10-26 19:29:54 45,056 ----a-w C:\windows\system32\ipsec6.exe
+ 2001-10-26 19:29:54 53,248 ----a-w C:\WINDOWS\system32\ipsec6.exe
- 2008-04-14 20:51:22 53,248 ----a-w C:\windows\system32\ipv6.exe
+ 2008-04-14 20:51:22 61,440 ----a-w C:\WINDOWS\system32\ipv6.exe
- 2008-04-14 20:51:22 24,064 ----a-w C:\windows\system32\ipxroute.exe
+ 2008-04-14 20:51:22 32,256 ----a-w C:\WINDOWS\system32\ipxroute.exe
- 2008-06-09 23:21:01 135,168 ----a-w C:\windows\system32\java.exe
+ 2008-06-09 23:21:01 143,360 ----a-w C:\WINDOWS\system32\java.exe
- 2008-06-09 23:21:04 135,168 ----a-w C:\windows\system32\javaw.exe
+ 2008-06-09 23:21:04 143,360 ----a-w C:\WINDOWS\system32\javaw.exe
- 2008-06-10 00:32:34 139,264 ----a-w C:\windows\system32\javaws.exe
+ 2008-06-10 00:32:34 147,456 ----a-w C:\WINDOWS\system32\javaws.exe
- 2008-05-03 03:46:00 425,984 ----a-w C:\windows\system32\keystone.exe
+ 2008-05-03 03:46:00 434,176 ----a-w C:\WINDOWS\system32\keystone.exe
- 2001-10-26 19:29:54 9,728 ----a-w C:\windows\system32\label.exe
+ 2001-10-26 19:29:54 17,920 ----a-w C:\WINDOWS\system32\label.exe
- 2001-10-26 19:29:54 29,696 ----a-w C:\windows\system32\lights.exe
+ 2001-10-26 19:29:54 37,888 ----a-w C:\WINDOWS\system32\lights.exe
- 2001-10-26 19:29:54 26,624 ----a-w C:\windows\system32\lnkstub.exe
+ 2001-10-26 19:29:54 34,816 ----a-w C:\WINDOWS\system32\lnkstub.exe
- 2001-10-26 19:29:56 5,120 ----a-w C:\windows\system32\lodctr.exe
+ 2001-10-26 19:29:56 13,312 ----a-w C:\WINDOWS\system32\lodctr.exe
- 2005-01-28 11:44:28 96,768 ----a-w C:\windows\system32\logagent.exe
+ 2005-01-28 11:44:28 104,960 ----a-w C:\WINDOWS\system32\logagent.exe
- 2008-04-14 20:51:24 60,928 ----a-w C:\windows\system32\logman.exe
+ 2008-04-14 20:51:24 69,120 ----a-w C:\WINDOWS\system32\logman.exe
- 2001-10-26 19:29:56 15,872 ----a-w C:\windows\system32\logoff.exe
+ 2001-10-26 19:29:56 24,064 ----a-w C:\WINDOWS\system32\logoff.exe
- 2008-04-14 20:51:56 220,672 ----a-w C:\windows\system32\logon.scr
+ 2008-04-14 20:51:56 228,864 ----a-w C:\WINDOWS\system32\logon.scr
- 2001-10-26 19:29:56 6,144 ----a-w C:\windows\system32\lpq.exe
+ 2001-10-26 19:29:56 14,336 ----a-w C:\WINDOWS\system32\lpq.exe
- 2001-10-26 19:29:56 8,192 ----a-w C:\windows\system32\lpr.exe
+ 2001-10-26 19:29:56 16,384 ----a-w C:\WINDOWS\system32\lpr.exe
- 2008-09-24 22:00:01 70,264 ----a-w C:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-10-27 17:51:55 84,661 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
- 2008-04-14 20:51:24 73,216 ----a-w C:\windows\system32\magnify.exe
+ 2008-04-14 20:51:24 81,408 ----a-w C:\WINDOWS\system32\magnify.exe
- 2008-04-14 20:51:24 57,344 ----a-w C:\windows\system32\makecab.exe
+ 2008-04-14 20:51:24 65,536 ----a-w C:\WINDOWS\system32\makecab.exe
- 2001-10-26 19:29:56 52,224 ----a-w C:\windows\system32\migpwd.exe
+ 2001-10-26 19:29:56 60,416 ----a-w C:\WINDOWS\system32\migpwd.exe
- 2008-04-14 20:51:26 1,414,656 ----a-w C:\windows\system32\mmc.exe
+ 2008-04-14 20:51:26 1,422,848 ----a-w C:\WINDOWS\system32\mmc.exe
- 2008-04-14 20:51:26 33,792 ----a-w C:\windows\system32\mmcperf.exe
+ 2008-04-14 20:51:26 41,984 ----a-w C:\WINDOWS\system32\mmcperf.exe
- 2008-04-14 20:51:26 143,872 ----a-w C:\windows\system32\mobsync.exe
+ 2008-04-14 20:51:26 152,064 ----a-w C:\WINDOWS\system32\mobsync.exe
- 2001-10-26 19:29:56 8,192 ----a-w C:\windows\system32\mountvol.exe
+ 2001-10-26 19:29:56 16,384 ----a-w C:\WINDOWS\system32\mountvol.exe
- 2008-04-14 20:51:30 124,928 ----a-w C:\windows\system32\mplay32.exe
+ 2008-04-14 20:51:30 133,120 ----a-w C:\WINDOWS\system32\mplay32.exe
- 2001-10-26 19:29:58 22,016 ----a-w C:\windows\system32\mpnotify.exe
+ 2001-10-26 19:29:58 30,208 ----a-w C:\WINDOWS\system32\mpnotify.exe
- 2008-04-14 20:51:30 19,968 ----a-w C:\windows\system32\mqbkup.exe
+ 2008-04-14 20:51:30 28,160 ----a-w C:\WINDOWS\system32\mqbkup.exe
- 2008-04-14 20:51:30 4,608 ----a-w C:\windows\system32\mqsvc.exe
+ 2008-04-14 20:51:30 12,800 ----a-w C:\WINDOWS\system32\mqsvc.exe
- 2008-04-14 20:51:30 117,248 ----a-w C:\windows\system32\mqtgsvc.exe
+ 2008-04-14 20:51:30 125,440 ----a-w C:\WINDOWS\system32\mqtgsvc.exe
- 2001-10-26 19:29:58 13,824 ----a-w C:\windows\system32\mrinfo.exe
+ 2001-10-26 19:29:58 22,016 ----a-w C:\WINDOWS\system32\mrinfo.exe
- 2001-10-26 19:29:58 22,528 ----a-w C:\windows\system32\msg.exe
+ 2001-10-26 19:29:58 30,720 ----a-w C:\WINDOWS\system32\msg.exe
- 2008-04-14 20:51:30 29,184 ----a-w C:\windows\system32\mshta.exe
+ 2008-04-14 20:51:30 37,376 ----a-w C:\WINDOWS\system32\mshta.exe
- 2001-10-26 19:29:58 6,656 ----a-w C:\windows\system32\msswchx.exe
+ 2001-10-26 19:29:58 14,848 ----a-w C:\WINDOWS\system32\msswchx.exe
- 2008-04-14 20:51:32 12,288 ----a-w C:\windows\system32\mstinit.exe
+ 2008-04-14 20:51:32 20,480 ----a-w C:\WINDOWS\system32\mstinit.exe
- 2008-04-14 20:51:22 677,888 ----a-w C:\windows\system32\mstsc.exe
+ 2008-04-14 20:51:22 686,080 ----a-w C:\WINDOWS\system32\mstsc.exe
- 2008-04-14 20:51:32 176,640 ----a-w C:\windows\system32\napstat.exe
+ 2008-04-14 20:51:32 184,832 ----a-w C:\WINDOWS\system32\napstat.exe
- 2008-04-14 20:51:32 55,296 ----a-w C:\windows\system32\narrator.exe
+ 2008-04-14 20:51:32 63,488 ----a-w C:\WINDOWS\system32\narrator.exe
- 2001-10-26 19:29:58 21,504 ----a-w C:\windows\system32\nbtstat.exe
+ 2001-10-26 19:29:58 29,696 ----a-w C:\WINDOWS\system32\nbtstat.exe
- 2008-04-14 20:51:32 4,096 ----a-w C:\windows\system32\nddeapir.exe
+ 2008-04-14 20:51:32 12,288 ----a-w C:\WINDOWS\system32\nddeapir.exe
- 2008-04-14 20:51:32 124,928 ----a-w C:\windows\system32\net1.exe
+ 2008-04-14 20:51:32 133,120 ----a-w C:\WINDOWS\system32\net1.exe
- 2008-04-14 20:56:18 332,288 ----a-w C:\windows\system32\netsetup.exe
+ 2008-04-14 20:56:18 344,064 ----a-w C:\WINDOWS\system32\netsetup.exe
- 2008-04-14 20:51:32 38,400 ----a-w C:\windows\system32\netstat.exe
+ 2008-04-14 20:51:32 46,592 ----a-w C:\WINDOWS\system32\netstat.exe
- 2008-04-14 20:51:34 15,360 ----a-w C:\windows\system32\npp\nppagent.exe
+ 2008-04-14 20:51:34 23,552 ----a-w C:\WINDOWS\system32\npp\nppagent.exe
- 2008-04-14 20:51:34 79,872 ----a-w C:\windows\system32\nslookup.exe
+ 2008-04-14 20:51:34 88,064 ----a-w C:\WINDOWS\system32\nslookup.exe
- 2008-04-14 20:51:34 1,222,144 ----a-w C:\windows\system32\ntbackup.exe
+ 2008-04-14 20:51:34 1,230,336 ----a-w C:\WINDOWS\system32\ntbackup.exe
- 2001-10-26 19:30:00 31,744 ----a-w C:\windows\system32\ntsd.exe
+ 2001-10-26 19:30:00 39,936 ----a-w C:\WINDOWS\system32\ntsd.exe
- 2008-05-03 03:46:00 442,368 ----a-w C:\windows\system32\nvappbar.exe
+ 2008-05-03 03:46:00 450,560 ----a-w C:\WINDOWS\system32\nvappbar.exe
- 2008-05-03 03:46:00 147,456 ----a-w C:\windows\system32\nvcolor.exe
+ 2008-05-03 03:46:00 155,648 ----a-w C:\WINDOWS\system32\nvcolor.exe
- 2008-05-03 03:46:00 1,339,392 ----a-w C:\windows\system32\nvdspsch.exe
+ 2008-05-03 03:46:00 1,347,584 ----a-w C:\WINDOWS\system32\nvdspsch.exe
- 2008-05-03 03:46:00 442,368 ----a-w C:\windows\system32\nvudisp.exe
+ 2008-05-03 03:46:00 450,560 ----a-w C:\WINDOWS\system32\nvudisp.exe
- 2008-04-30 15:27:42 442,368 ----a-w C:\windows\system32\NVUNINST.EXE
+ 2008-04-30 15:27:42 450,560 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
- 2008-05-03 03:46:00 1,630,208 ----a-w C:\windows\system32\nwiz.exe
+ 2008-05-03 03:46:00 1,638,400 ----a-w C:\WINDOWS\system32\nwiz.exe
- 2001-10-26 19:30:00 128,512 ----a-w C:\windows\system32\nwscript.exe
+ 2001-10-26 19:30:00 136,704 ----a-w C:\WINDOWS\system32\nwscript.exe
- 2008-04-14 20:51:36 32,768 ----a-w C:\windows\system32\odbcad32.exe
+ 2008-04-14 20:51:36 40,960 ----a-w C:\WINDOWS\system32\odbcad32.exe
- 2008-04-14 20:51:36 69,632 ----a-w C:\windows\system32\odbcconf.exe
+ 2008-04-14 20:51:36 77,824 ----a-w C:\WINDOWS\system32\odbcconf.exe
- 2008-04-14 20:51:32 29,184 ----a-w C:\windows\system32\oobe\msoobe.exe
+ 2008-04-14 20:51:32 37,376 ----a-w C:\WINDOWS\system32\oobe\msoobe.exe
- 2008-04-14 20:51:36 51,712 ----a-w C:\windows\system32\oobe\oobebaln.exe
+ 2008-04-14 20:51:36 59,904 ----a-w C:\WINDOWS\system32\oobe\oobebaln.exe
- 2008-04-14 20:51:36 70,144 ----a-w C:\windows\system32\openfiles.exe
+ 2008-04-14 20:51:36 78,336 ----a-w C:\WINDOWS\system32\openfiles.exe
- 2008-04-14 20:51:36 216,064 ----a-w C:\windows\system32\osk.exe
+ 2008-04-14 20:51:36 224,256 ----a-w C:\WINDOWS\system32\osk.exe
- 2001-10-26 19:30:00 41,472 ----a-w C:\windows\system32\osuninst.exe
+ 2001-10-26 19:30:00 49,664 ----a-w C:\WINDOWS\system32\osuninst.exe
- 2008-04-14 20:51:36 59,392 ----a-w C:\windows\system32\packager.exe
+ 2008-04-14 20:51:36 67,584 ----a-w C:\WINDOWS\system32\packager.exe
- 2001-10-26 19:30:00 22,528 ----a-w C:\windows\system32\pathping.exe
+ 2001-10-26 19:30:00 30,720 ----a-w C:\WINDOWS\system32\pathping.exe
- 2001-10-26 19:30:00 15,360 ----a-w C:\windows\system32\pentnt.exe
+ 2001-10-26 19:30:00 23,552 ----a-w C:\WINDOWS\system32\pentnt.exe
- 2008-04-14 20:51:36 15,872 ----a-w C:\windows\system32\perfmon.exe
+ 2008-04-14 20:51:36 24,064 ----a-w C:\WINDOWS\system32\perfmon.exe
- 2001-10-26 19:30:00 33,792 ----a-w C:\windows\system32\ping6.exe
+ 2001-10-26 19:30:00 41,984 ----a-w C:\WINDOWS\system32\ping6.exe
- 2008-04-14 20:51:36 49,152 ----a-w C:\windows\system32\powercfg.exe
+ 2008-04-14 20:51:36 57,344 ----a-w C:\WINDOWS\system32\powercfg.exe
- 2001-10-26 19:30:00 9,216 ----a-w C:\windows\system32\print.exe
+ 2001-10-26 19:30:00 17,408 ----a-w C:\WINDOWS\system32\print.exe
- 2008-04-14 20:51:36 109,568 ----a-w C:\windows\system32\progman.exe
+ 2008-04-14 20:51:36 117,760 ----a-w C:\WINDOWS\system32\progman.exe
- 2008-04-14 20:51:36 50,688 ----a-w C:\windows\system32\proquota.exe
+ 2008-04-14 20:51:36 58,880 ----a-w C:\WINDOWS\system32\proquota.exe
- 2008-04-14 20:51:36 9,728 ----a-w C:\windows\system32\proxycfg.exe
+ 2008-04-14 20:51:36 17,920 ----a-w C:\WINDOWS\system32\proxycfg.exe
- 2001-10-26 19:30:00 17,408 ----a-w C:\windows\system32\qappsrv.exe
+ 2001-10-26 19:30:00 25,600 ----a-w C:\WINDOWS\system32\qappsrv.exe
- 2008-04-14 20:51:36 20,992 ----a-w C:\windows\system32\qprocess.exe
+ 2008-04-14 20:51:36 29,184 ----a-w C:\WINDOWS\system32\qprocess.exe
- 2001-10-26 19:30:00 22,528 ----a-w C:\windows\system32\qwinsta.exe
+ 2001-10-26 19:30:00 30,720 ----a-w C:\WINDOWS\system32\qwinsta.exe
- 2001-10-26 19:30:00 11,776 ----a-w C:\windows\system32\rasautou.exe
+ 2001-10-26 19:30:00 19,968 ----a-w C:\WINDOWS\system32\rasautou.exe
- 2001-10-26 19:30:00 11,776 ----a-w C:\windows\system32\rasdial.exe
+ 2001-10-26 19:30:00 19,968 ----a-w C:\WINDOWS\system32\rasdial.exe
- 2008-04-14 20:51:36 56,832 ----a-w C:\windows\system32\rasphone.exe
+ 2008-04-14 20:51:36 65,024 ----a-w C:\WINDOWS\system32\rasphone.exe
- 2008-04-14 20:51:36 35,840 ----a-w C:\windows\system32\rcimlby.exe
+ 2008-04-14 20:51:36 44,032 ----a-w C:\WINDOWS\system32\rcimlby.exe
- 2008-04-14 20:51:36 22,016 ----a-w C:\windows\system32\rcp.exe
+ 2008-04-14 20:51:36 30,208 ----a-w C:\WINDOWS\system32\rcp.exe
- 2008-04-14 20:51:36 62,976 ----a-w C:\windows\system32\rdpclip.exe
+ 2008-04-14 20:51:36 71,168 ----a-w C:\WINDOWS\system32\rdpclip.exe
- 2008-04-14 20:51:36 13,824 ----a-w C:\windows\system32\rdsaddin.exe
+ 2008-04-14 20:51:36 22,016 ----a-w C:\WINDOWS\system32\rdsaddin.exe
- 2008-04-14 20:51:38 67,072 ----a-w C:\windows\system32\rdshost.exe
+ 2008-04-14 20:51:38 75,264 ----a-w C:\WINDOWS\system32\rdshost.exe
- 2001-10-26 19:30:00 7,168 ----a-w C:\windows\system32\recover.exe
+ 2001-10-26 19:30:00 15,360 ----a-w C:\WINDOWS\system32\recover.exe
- 2008-04-14 20:51:38 53,248 ----a-w C:\windows\system32\reg.exe
+ 2008-04-14 20:51:38 61,440 ----a-w C:\WINDOWS\system32\reg.exe
- 2001-10-26 19:30:00 3,584 ----a-w C:\windows\system32\regedt32.exe
+ 2001-10-26 19:30:00 11,776 ----a-w C:\WINDOWS\system32\regedt32.exe
- 2001-10-26 19:30:00 33,792 ----a-w C:\windows\system32\regini.exe
+ 2001-10-26 19:30:00 41,984 ----a-w C:\WINDOWS\system32\regini.exe
- 2001-10-26 19:30:00 4,608 ----a-w C:\windows\system32\regwiz.exe
+ 2001-10-26 19:30:00 12,800 ----a-w C:\WINDOWS\system32\regwiz.exe
- 2001-10-26 19:30:00 33,792 ----a-w C:\windows\system32\relog.exe
+ 2001-10-26 19:30:00 41,984 ----a-w C:\WINDOWS\system32\relog.exe
- 2001-10-26 19:30:00 12,800 ----a-w C:\windows\system32\replace.exe
+ 2001-10-26 19:30:00 20,992 ----a-w C:\WINDOWS\system32\replace.exe
- 2001-10-26 19:30:00 9,728 ----a-w C:\windows\system32\reset.exe
+ 2001-10-26 19:30:00 17,920 ----a-w C:\WINDOWS\system32\reset.exe
- 2001-10-26 19:30:02 47,104 ----a-w C:\windows\system32\Restore\srdiag.exe
+ 2001-10-26 19:30:02 55,296 ----a-w C:\WINDOWS\system32\Restore\srdiag.exe
- 2008-04-14 20:51:38 14,336 ----a-w C:\windows\system32\rexec.exe
+ 2008-04-14 20:51:38 22,528 ----a-w C:\WINDOWS\system32\rexec.exe
- 2001-10-26 19:03:18 25,600 ----a-w C:\windows\system32\routemon.exe
+ 2001-10-26 19:03:18 33,792 ----a-w C:\WINDOWS\system32\routemon.exe
- 2008-04-14 20:51:38 15,360 ----a-w C:\windows\system32\rsh.exe
+ 2008-04-14 20:51:38 23,552 ----a-w C:\WINDOWS\system32\rsh.exe
- 2001-10-26 19:30:02 54,272 ----a-w C:\windows\system32\rsm.exe
+ 2001-10-26 19:30:02 62,464 ----a-w C:\WINDOWS\system32\rsm.exe
- 2001-10-26 19:30:02 24,576 ----a-w C:\windows\system32\rsmsink.exe
+ 2001-10-26 19:30:02 32,768 ----a-w C:\WINDOWS\system32\rsmsink.exe
- 2001-10-26 19:30:02 49,152 ----a-w C:\windows\system32\rsmui.exe
+ 2001-10-26 19:30:02 57,344 ----a-w C:\WINDOWS\system32\rsmui.exe
- 2008-04-14 20:51:38 107,520 ----a-w C:\windows\system32\rsnotify.exe
+ 2008-04-14 20:51:38 115,712 ----a-w C:\WINDOWS\system32\rsnotify.exe
- 2001-10-26 19:30:02 62,976 ----a-w C:\windows\system32\rsopprov.exe
+ 2001-10-26 19:30:02 71,168 ----a-w C:\WINDOWS\system32\rsopprov.exe
- 2008-04-14 20:51:38 77,824 ----a-w C:\windows\system32\rtcshare.exe
+ 2008-04-14 20:51:38 86,016 ----a-w C:\WINDOWS\system32\rtcshare.exe
- 2001-10-26 19:30:02 16,896 ----a-w C:\windows\system32\runas.exe
+ 2001-10-26 19:30:02 25,088 ----a-w C:\WINDOWS\system32\runas.exe
- 2001-10-26 19:30:02 16,384 ----a-w C:\windows\system32\rwinsta.exe
+ 2001-10-26 19:30:02 24,576 ----a-w C:\WINDOWS\system32\rwinsta.exe
- 2008-04-14 20:51:40 13,824 ----a-w C:\windows\system32\savedump.exe
+ 2008-04-14 20:51:40 22,016 ----a-w C:\WINDOWS\system32\savedump.exe
- 2001-10-26 19:30:02 31,232 ----a-w C:\windows\system32\sc.exe
+ 2001-10-26 19:30:02 39,424 ----a-w C:\WINDOWS\system32\sc.exe
- 2008-04-14 20:51:40 128,000 ----a-w C:\windows\system32\schtasks.exe
+ 2008-04-14 20:51:40 136,192 ----a-w C:\WINDOWS\system32\schtasks.exe
- 2008-04-14 20:51:56 9,216 ----a-w C:\windows\system32\scrnsave.scr
+ 2008-04-14 20:51:56 17,408 ----a-w C:\WINDOWS\system32\scrnsave.scr
- 2008-04-14 20:51:40 77,824 ----a-w C:\windows\system32\sdbinst.exe
+ 2008-04-14 20:51:40 86,016 ----a-w C:\WINDOWS\system32\sdbinst.exe
- 2008-04-14 20:51:40 19,456 ----a-w C:\windows\system32\secedit.exe
+ 2008-04-14 20:51:40 27,648 ----a-w C:\WINDOWS\system32\secedit.exe
- 2008-04-14 20:51:40 32,768 ----a-w C:\windows\system32\sethc.exe
+ 2008-04-14 20:51:40 40,960 ----a-w C:\WINDOWS\system32\sethc.exe
- 2008-04-14 20:51:40 23,040 ----a-w C:\windows\system32\setup.exe
+ 2008-04-14 20:51:40 31,232 ----a-w C:\WINDOWS\system32\setup.exe
- 2008-04-14 20:51:42 32,768 ----a-w C:\windows\system32\setupn.exe
+ 2008-04-14 20:51:42 40,960 ----a-w C:\WINDOWS\system32\setupn.exe
- 2001-10-26 19:30:02 9,728 ----a-w C:\windows\system32\sfc.exe
+ 2001-10-26 19:30:02 17,920 ----a-w C:\WINDOWS\system32\sfc.exe
- 2001-10-26 19:30:02 15,360 ----a-w C:\windows\system32\shadow.exe
+ 2001-10-26 19:30:02 23,552 ----a-w C:\WINDOWS\system32\shadow.exe
- 2008-04-14 20:51:42 45,056 ----a-w C:\windows\system32\shmgrate.exe
+ 2008-04-14 20:51:42 53,248 ----a-w C:\WINDOWS\system32\shmgrate.exe
- 2008-04-14 20:51:42 78,336 ----a-w C:\windows\system32\shrpubw.exe
+ 2008-04-14 20:51:42 86,528 ----a-w C:\WINDOWS\system32\shrpubw.exe
- 2008-04-14 20:51:42 20,480 ----a-w C:\windows\system32\shutdown.exe
+ 2008-04-14 20:51:42 28,672 ----a-w C:\WINDOWS\system32\shutdown.exe
- 2008-04-14 20:51:42 70,656 ----a-w C:\windows\system32\sigverif.exe
+ 2008-04-14 20:51:42 78,848 ----a-w C:\WINDOWS\system32\sigverif.exe
- 2008-04-14 20:51:42 26,112 ----a-w C:\windows\system32\skeys.exe
+ 2008-04-14 20:51:42 34,304 ----a-w C:\WINDOWS\system32\skeys.exe
- 2008-04-14 20:51:42 32,866 ------w C:\windows\system32\slrundll.exe
+ 2008-04-14 20:51:42 41,058 ------w C:\WINDOWS\system32\slrundll.exe
- 2008-04-14 20:51:42 73,796 ------w C:\windows\system32\slserv.exe
+ 2008-04-14 20:51:42 81,988 ------w C:\WINDOWS\system32\slserv.exe
- 2008-04-14 20:51:42 8,192 ----a-w C:\windows\system32\smbinst.exe
+ 2008-04-14 20:51:42 16,384 ----a-w C:\WINDOWS\system32\smbinst.exe
- 2008-04-14 20:51:44 132,608 ----a-w C:\windows\system32\sndrec32.exe
+ 2008-04-14 20:51:44 140,800 ----a-w C:\WINDOWS\system32\sndrec32.exe
- 2001-10-26 19:30:02 139,264 ----a-w C:\windows\system32\sndvol32.exe
+ 2001-10-26 19:30:02 147,456 ----a-w C:\WINDOWS\system32\sndvol32.exe
- 2001-10-26 19:30:02 57,344 ----a-w C:\windows\system32\sol.exe
+ 2001-10-26 19:30:02 65,536 ----a-w C:\WINDOWS\system32\sol.exe
- 2008-04-14 20:51:44 7,680 ----a-w C:\windows\system32\spdwnwxp.exe
+ 2008-04-14 20:51:44 15,872 ----a-w C:\WINDOWS\system32\spdwnwxp.exe
- 2008-04-13 22:13:32 12,800 ----a-w C:\windows\system32\spiisupd.exe
+ 2008-04-13 22:13:32 20,992 ----a-w C:\WINDOWS\system32\spiisupd.exe
- 2008-04-14 20:51:44 11,264 ----a-w C:\windows\system32\spnpinst.exe
+ 2008-04-14 20:51:44 19,456 ----a-w C:\WINDOWS\system32\spnpinst.exe
- 2007-03-22 18:25:42 677,376 ------w C:\windows\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe
+ 2007-03-22 18:25:42 685,568 ------w C:\WINDOWS\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe
- 2008-04-14 20:51:44 20,992 ------w C:\windows\system32\spupdwxp.exe
+ 2008-04-14 20:51:44 29,184 ------w C:\WINDOWS\system32\spupdwxp.exe
- 2008-04-14 20:51:56 708,608 ----a-w C:\windows\system32\ss3dfo.scr
+ 2008-04-14 20:51:56 716,800 ----a-w C:\WINDOWS\system32\ss3dfo.scr
- 2008-04-14 20:51:56 19,968 ----a-w C:\windows\system32\ssbezier.scr
+ 2008-04-14 20:51:56 28,160 ----a-w C:\WINDOWS\system32\ssbezier.scr
- 2008-04-14 20:51:56 393,216 ----a-w C:\windows\system32\ssflwbox.scr
+ 2008-04-14 20:51:56 401,408 ----a-w C:\WINDOWS\system32\ssflwbox.scr
- 2008-04-14 20:51:56 20,992 ----a-w C:\windows\system32\ssmarque.scr
+ 2008-04-14 20:51:56 29,184 ----a-w C:\WINDOWS\system32\ssmarque.scr
- 2008-04-14 20:51:56 47,104 ----a-w C:\windows\system32\ssmypics.scr
+ 2008-04-14 20:51:56 55,296 ----a-w C:\WINDOWS\system32\ssmypics.scr
- 2008-04-14 20:51:56 18,944 ----a-w C:\windows\system32\ssmyst.scr
+ 2008-04-14 20:51:56 27,136 ----a-w C:\WINDOWS\system32\ssmyst.scr
- 2008-04-14 20:51:56 610,304 ----a-w C:\windows\system32\sspipes.scr
+ 2008-04-14 20:51:56 618,496 ----a-w C:\WINDOWS\system32\sspipes.scr
- 2008-04-14 20:51:56 14,336 ----a-w C:\windows\system32\ssstars.scr
+ 2008-04-14 20:51:56 22,528 ----a-w C:\WINDOWS\system32\ssstars.scr
- 2008-04-14 20:51:58 679,936 ----a-w C:\windows\system32\sstext3d.scr
+ 2008-04-14 20:51:58 688,128 ----a-w C:\WINDOWS\system32\sstext3d.scr
- 2008-04-14 20:51:44 14,848 ----a-w C:\windows\system32\stimon.exe
+ 2008-04-14 20:51:44 23,040 ----a-w C:\WINDOWS\system32\stimon.exe
- 2001-10-26 19:30:02 9,216 ----a-w C:\windows\system32\subst.exe
+ 2001-10-26 19:30:02 17,408 ----a-w C:\WINDOWS\system32\subst.exe
- 2001-10-26 19:30:02 51,200 ----a-w C:\windows\system32\syncapp.exe
+ 2001-10-26 19:30:02 59,392 ----a-w C:\WINDOWS\system32\syncapp.exe
- 2001-10-26 19:30:02 37,376 ----a-w C:\windows\system32\syskey.exe
+ 2001-10-26 19:30:02 45,568 ----a-w C:\WINDOWS\system32\syskey.exe
- 2008-04-14 20:51:44 107,008 ----a-w C:\windows\system32\sysocmgr.exe
+ 2008-04-14 20:51:44 115,200 ----a-w C:\WINDOWS\system32\sysocmgr.exe
- 2008-04-14 20:51:44 73,728 ----a-w C:\windows\system32\systeminfo.exe
+ 2008-04-14 20:51:44 81,920 ----a-w C:\WINDOWS\system32\systeminfo.exe
- 2001-10-26 19:30:02 3,072 ----a-w C:\windows\system32\systray.exe
+ 2001-10-26 19:30:02 11,264 ----a-w C:\WINDOWS\system32\systray.exe
- 2008-04-14 20:51:46 78,848 ----a-w C:\windows\system32\taskkill.exe
+ 2008-04-14 20:51:46 87,040 ----a-w C:\WINDOWS\system32\taskkill.exe
- 2008-04-14 20:51:46 79,360 ----a-w C:\windows\system32\tasklist.exe
+ 2008-04-14 20:51:46 87,552 ----a-w C:\WINDOWS\system32\tasklist.exe
- 2001-10-26 19:30:02 15,360 ----a-w C:\windows\system32\taskman.exe
+ 2001-10-26 19:30:02 23,552 ----a-w C:\WINDOWS\system32\taskman.exe
- 2001-10-26 19:30:02 13,312 ----a-w C:\windows\system32\tcmsetup.exe
+ 2001-10-26 19:30:02 21,504 ----a-w C:\WINDOWS\system32\tcmsetup.exe
- 2001-10-26 19:30:02 19,456 ----a-w C:\windows\system32\tcpsvcs.exe
+ 2001-10-26 19:30:02 27,648 ----a-w C:\WINDOWS\system32\tcpsvcs.exe
- 2008-04-14 20:51:46 77,824 ----a-w C:\windows\system32\telnet.exe
+ 2008-04-14 20:51:46 86,016 ----a-w C:\WINDOWS\system32\telnet.exe
- 2001-10-26 19:30:02 16,896 ----a-w C:\windows\system32\tftp.exe
+ 2001-10-26 19:30:02 25,088 ----a-w C:\WINDOWS\system32\tftp.exe
- 2008-04-14 20:51:46 63,488 ----a-w C:\windows\system32\tlntadmn.exe
+ 2008-04-14 20:51:46 71,680 ----a-w C:\WINDOWS\system32\tlntadmn.exe
- 2008-04-14 20:51:46 80,384 ----a-w C:\windows\system32\tlntsess.exe
+ 2008-04-14 20:51:46 88,576 ----a-w C:\WINDOWS\system32\tlntsess.exe
- 2008-04-14 20:51:46 260,096 ----a-w C:\windows\system32\tracerpt.exe
+ 2008-04-14 20:51:46 268,288 ----a-w C:\WINDOWS\system32\tracerpt.exe
- 2008-04-14 20:51:46 12,800 ----a-w C:\windows\system32\tracert.exe
+ 2008-04-14 20:51:46 20,992 ----a-w C:\WINDOWS\system32\tracert.exe
- 2001-10-26 19:30:04 32,256 ----a-w C:\windows\system32\tracert6.exe
+ 2001-10-26 19:30:04 40,448 ----a-w C:\WINDOWS\system32\tracert6.exe
- 2001-10-26 19:30:04 15,360 ----a-w C:\windows\system32\tscon.exe
+ 2001-10-26 19:30:04 23,552 ----a-w C:\WINDOWS\system32\tscon.exe
- 2001-10-26 19:30:04 15,360 ----a-w C:\windows\system32\tsdiscon.exe
+ 2001-10-26 19:30:04 23,552 ----a-w C:\WINDOWS\system32\tsdiscon.exe
- 2001-10-26 19:30:04 16,384 ----a-w C:\windows\system32\tskill.exe
+ 2001-10-26 19:30:04 24,576 ----a-w C:\WINDOWS\system32\tskill.exe
- 2001-10-26 19:30:04 17,920 ----a-w C:\windows\system32\tsshutdn.exe
+ 2001-10-26 19:30:04 26,112 ----a-w C:\WINDOWS\system32\tsshutdn.exe
- 2007-10-09 10:58:20 16,896 ----a-w C:\windows\system32\tswpfwrp.exe
+ 2007-10-09 10:58:20 25,088 ----a-w C:\WINDOWS\system32\tswpfwrp.exe
- 2001-10-26 19:30:04 36,864 ----a-w C:\windows\system32\typeperf.exe
+ 2001-10-26 19:30:04 45,056 ----a-w C:\WINDOWS\system32\typeperf.exe
- 2008-04-14 20:51:46 60,416 ----a-w C:\windows\system32\tzchange.exe
+ 2008-04-14 20:51:46 68,608 ----a-w C:\WINDOWS\system32\tzchange.exe
- 2001-10-26 19:30:04 4,096 ----a-w C:\windows\system32\unlodctr.exe
+ 2001-10-26 19:30:04 12,288 ----a-w C:\WINDOWS\system32\unlodctr.exe
- 2008-04-14 20:51:46 16,896 ----a-w C:\windows\system32\upnpcont.exe
+ 2008-04-14 20:51:46 25,088 ----a-w C:\WINDOWS\system32\upnpcont.exe
- 2008-04-14 20:51:24 104,448 ----a-w C:\windows\system32\usmt\migload.exe
+ 2008-04-14 20:51:24 112,640 ----a-w C:\WINDOWS\system32\usmt\migload.exe
- 2008-04-14 20:51:24 241,152 ----a-w C:\windows\system32\usmt\migwiza.exe
+ 2008-04-14 20:51:24 249,344 ----a-w C:\WINDOWS\system32\usmt\migwiza.exe
- 2001-10-26 20:03:24 77,891 ----a-w C:\windows\system32\usrmlnka.exe
+ 2001-10-26 20:03:24 86,083 ----a-w C:\WINDOWS\system32\usrmlnka.exe
- 2001-10-26 20:03:24 61,508 ----a-w C:\windows\system32\usrprbda.exe
+ 2001-10-26 20:03:24 69,700 ----a-w C:\WINDOWS\system32\usrprbda.exe
- 2001-10-26 20:03:24 69,700 ----a-w C:\windows\system32\usrshuta.exe
+ 2001-10-26 20:03:24 77,892 ----a-w C:\WINDOWS\system32\usrshuta.exe
- 2008-04-14 20:51:48 50,176 ----a-w C:\windows\system32\utilman.exe
+ 2008-04-14 20:51:48 58,368 ----a-w C:\WINDOWS\system32\utilman.exe
- 2005-01-28 11:44:28 47,104 ----a-w C:\windows\system32\uwdf.exe
+ 2005-01-28 11:44:28 55,296 ----a-w C:\WINDOWS\system32\uwdf.exe
- 2001-10-26 19:30:04 102,400 ----a-w C:\windows\system32\verifier.exe
+ 2001-10-26 19:30:04 110,592 ----a-w C:\WINDOWS\system32\verifier.exe
- 2001-10-26 19:30:04 33,792 ----a-w C:\windows\system32\vssadmin.exe
+ 2001-10-26 19:30:04 41,984 ----a-w C:\WINDOWS\system32\vssadmin.exe
- 2001-10-26 19:30:06 51,200 ----a-w C:\windows\system32\w32tm.exe
+ 2001-10-26 19:30:06 59,392 ----a-w C:\WINDOWS\system32\w32tm.exe
- 2008-04-14 20:51:26 17,408 ----a-w C:\windows\system32\wbem\mofcomp.exe
+ 2008-04-14 20:51:26 25,600 ----a-w C:\WINDOWS\system32\wbem\mofcomp.exe
- 2008-04-14 20:51:40 36,352 ----a-w C:\windows\system32\wbem\scrcons.exe
+ 2008-04-14 20:51:40 44,544 ----a-w C:\WINDOWS\system32\wbem\scrcons.exe
- 2001-10-26 19:30:04 16,896 ----a-w C:\windows\system32\wbem\unsecapp.exe
+ 2001-10-26 19:30:04 25,088 ----a-w C:\WINDOWS\system32\wbem\unsecapp.exe
- 2008-04-14 20:51:48 118,272 ----a-w C:\windows\system32\wbem\wbemtest.exe
+ 2008-04-14 20:51:48 126,464 ----a-w C:\WINDOWS\system32\wbem\wbemtest.exe
- 2001-10-26 19:30:06 13,824 ----a-w C:\windows\system32\wbem\winmgmt.exe
+ 2001-10-26 19:30:06 22,016 ----a-w C:\WINDOWS\system32\wbem\winmgmt.exe
- 2008-04-14 20:51:52 367,104 ----a-w C:\windows\system32\wbem\wmic.exe
+ 2008-04-14 20:51:52 375,296 ----a-w C:\WINDOWS\system32\wbem\wmic.exe
- 2008-04-14 20:51:48 66,048 ----a-w C:\windows\system32\wextract.exe
+ 2008-04-14 20:51:48 74,240 ----a-w C:\WINDOWS\system32\wextract.exe
- 2008-04-14 20:51:48 435,712 ----a-w C:\windows\system32\wiaacmgr.exe
+ 2008-04-14 20:51:48 443,904 ----a-w C:\WINDOWS\system32\wiaacmgr.exe
- 2001-10-26 19:30:06 8,192 ----a-w C:\windows\system32\winhlp32.exe
+ 2001-10-26 19:30:06 16,384 ----a-w C:\WINDOWS\system32\winhlp32.exe
- 2001-10-26 19:30:06 119,808 ----a-w C:\windows\system32\winmine.exe
+ 2001-10-26 19:30:06 128,000 ----a-w C:\WINDOWS\system32\winmine.exe
- 2001-10-26 19:30:06 11,776 ----a-w C:\windows\system32\winmsd.exe
+ 2001-10-26 19:30:06 19,968 ----a-w C:\WINDOWS\system32\winmsd.exe
- 2008-04-14 20:51:50 5,632 ----a-w C:\windows\system32\winver.exe
+ 2008-04-14 20:51:50 13,824 ----a-w C:\WINDOWS\system32\winver.exe
- 2008-04-14 20:51:52 32,256 ----a-w C:\windows\system32\wpabaln.exe
+ 2008-04-14 20:51:52 40,448 ----a-w C:\WINDOWS\system32\wpabaln.exe
- 2008-04-14 20:51:52 11,776 ----a-w C:\windows\system32\wpnpinst.exe
+ 2008-04-14 20:51:52 19,968 ----a-w C:\WINDOWS\system32\wpnpinst.exe
- 2001-10-26 19:30:06 5,632 ----a-w C:\windows\system32\write.exe
+ 2001-10-26 19:30:06 13,824 ----a-w C:\WINDOWS\system32\write.exe
- 2008-04-14 20:51:52 13,824 ----a-w C:\windows\system32\wscntfy.exe
+ 2008-04-14 20:51:52 22,016 ----a-w C:\WINDOWS\system32\wscntfy.exe
- 2008-04-14 20:51:52 155,648 ----a-w C:\windows\system32\wscript.exe
+ 2008-04-14 20:51:52 163,840 ----a-w C:\WINDOWS\system32\wscript.exe
- 2008-04-14 20:51:52 168,960 ----a-w C:\windows\system32\wuauclt1.exe
+ 2008-04-14 20:51:52 177,152 ----a-w C:\WINDOWS\system32\wuauclt1.exe
- 2001-10-26 19:30:06 32,256 ----a-w C:\windows\system32\wupdmgr.exe
+ 2001-10-26 19:30:06 40,448 ----a-w C:\WINDOWS\system32\wupdmgr.exe
- 2008-04-14 20:51:52 30,720 ----a-w C:\windows\system32\xcopy.exe
+ 2008-04-14 20:51:52 38,912 ----a-w C:\WINDOWS\system32\xcopy.exe
- 2001-10-26 19:30:02 15,360 ----a-w C:\windows\TASKMAN.EXE
+ 2001-10-26 19:30:02 23,552 ----a-w C:\WINDOWS\TASKMAN.EXE
- 2001-10-26 19:30:04 25,600 ----a-w C:\windows\twunk_32.exe
+ 2001-10-26 19:30:04 33,792 ----a-w C:\WINDOWS\twunk_32.exe
.
-- Migawka wyzerowana --
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "C:\Program Files\AskBarDis\bar\bin\askBar.dll" [2008-10-02 325000]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-08-08 499144]
"GoD"="C:\Documents and Settings\Marek\Moje dokumenty\GoD\GoD.exe" [2008-10-25 2525696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-03 13529088]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-03 86016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 163840]
"NvSvc"="C:\WINDOWS\system32\nvsvc32.exe" [2008-10-27 64000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 23552]
C:\Documents and Settings\Karolina\Menu Start\Programy\Autostart\
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 401408]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\WINDOWS\\system32\\nvsvc32.exe"=
S4 ASKService;ASKService;C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-10-02 460168]
.
- - - - USUNIĘTO PUSTE WPISY - - - -
BHO-{12E53E44-9875-478E-833C-80E39CE46316} - C:\WINDOWS\system32\opnNDSmL.dll
SafeBoot-Winsd36.sys
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-28 18:36:13
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
detected NTDLL code modification:
ZwOpenFile
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
Czas ukończenia: 2008-10-28 18:38:55
ComboFix-quarantined-files.txt 2008-10-28 17:38:07
ComboFix2.txt 2008-10-27 18:29:07
ComboFix3.txt 2008-10-27 17:51:22
Przed: 8 051 920 896 bajtów wolnych
Po: 8,040,304,640 bajtów wolnych
2232
#6
ordynat
-
-
- 804 postów
Zaawansowany użytkownik
Napisano 28 10 2008 - 20:49
Wklej do Notatnika:
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe
-->
Ma się rozpocząć usuwanie. (i powstanie log).
Daj ten log, który powstanie w trakcie usuwania.
Po restarcie usuń ręcznie folder C:\Qoobox.
ordynat
File:: C:\WINDOWS\system32\111.tmp C:\WINDOWS\system32\110.tmp C:\WINDOWS\system32\112.tmp C:\WINDOWS\system32\eolgskyv.exe C:\WINDOWS\system32\2.tmp C:\WINDOWS\system32\5.tmp>>Plik>>Zapisz jako... >>> CFScript
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe
-->
Ma się rozpocząć usuwanie. (i powstanie log).
Daj ten log, który powstanie w trakcie usuwania.
Po restarcie usuń ręcznie folder C:\Qoobox.
ordynat
#7
Filozoph
-
-
- 6 postów
Obserwator
Napisano 28 10 2008 - 23:35
ComboFix 08-10-28.01 - Marek 2008-10-28 22:25:51.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.691 [GMT 1:00]
Uruchomiony z: C:\Documents and Settings\Marek\Pulpit\ComboFix.exe
Użyto następujących komend :: C:\Documents and Settings\Marek\Pulpit\CFScript.txt
* Utworzono nowy punkt przywracania
FILE ::
C:\WINDOWS\system32\110.tmp
C:\WINDOWS\system32\111.tmp
C:\WINDOWS\system32\112.tmp
C:\WINDOWS\system32\2.tmp
C:\WINDOWS\system32\5.tmp
C:\WINDOWS\system32\eolgskyv.exe
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\110.tmp
C:\WINDOWS\system32\111.tmp
C:\WINDOWS\system32\112.tmp
C:\WINDOWS\system32\2.tmp
C:\WINDOWS\system32\5.tmp
C:\WINDOWS\system32\eolgskyv.exe
.
((((((((((((((((((((((((( Pliki utworzone od 2008-09-28 do 2008-10-28 )))))))))))))))))))))))))))))))
.
2008-10-28 19:27 . 2008-10-28 19:28 <DIR> d-------- C:\Program Files\WorldOfGoo
2008-10-28 19:25 . 2008-10-28 19:25 <DIR> d-------- C:\WINDOWS\LastGood
2008-10-28 19:25 . 2008-10-28 19:25 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-10-28 19:25 . 2008-10-28 19:25 <DIR> d-------- C:\Program Files\D-Tools
2008-10-28 19:25 . 2004-08-22 16:31 155,136 --a------ C:\WINDOWS\system32\drivers\d347bus.sys
2008-10-28 19:25 . 2004-08-22 16:31 5,248 --a------ C:\WINDOWS\system32\drivers\d347prt.sys
2008-10-28 07:27 . 2008-10-28 07:27 <DIR> d-------- C:\Documents and Settings\Karolina\Dane aplikacji\Malwarebytes
2008-10-28 01:19 . 2008-10-28 01:19 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\2DBoy
2008-10-27 19:57 . 2008-10-27 19:57 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-27 19:57 . 2008-10-27 19:57 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\Malwarebytes
2008-10-27 19:57 . 2008-10-27 19:57 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2008-10-27 19:57 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-27 19:57 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-27 19:39 . 2008-10-27 19:39 64,000 --a------ C:\WINDOWS\system32\nvsvc32.exe
2008-10-27 18:48 . 2008-10-28 22:29 <DIR> d--h----- C:\Documents and Settings\Administrator\Ustawienia lokalne
2008-10-27 18:48 . 2008-09-24 23:03 <DIR> d-------- C:\Documents and Settings\Administrator\Ulubione
2008-10-27 18:48 . 2008-09-24 21:13 <DIR> d--h----- C:\Documents and Settings\Administrator\Szablony
2008-10-27 18:48 . 2008-09-24 23:03 <DIR> d-------- C:\Documents and Settings\Administrator\Pulpit
2008-10-27 18:48 . 2008-09-24 23:03 <DIR> d-------- C:\Documents and Settings\Administrator\Moje dokumenty
2008-10-27 18:48 . 2008-09-24 23:03 <DIR> dr------- C:\Documents and Settings\Administrator\Menu Start
2008-10-27 18:48 . 2008-09-24 23:03 <DIR> dr-h----- C:\Documents and Settings\Administrator\Dane aplikacji
2008-10-27 18:48 . 2008-10-27 18:48 <DIR> d-------- C:\Documents and Settings\Administrator
2008-10-27 18:23 . 2008-10-27 18:23 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\Gadu-Gadu
2008-10-25 14:01 . 2008-10-25 14:01 <DIR> d-------- C:\Documents and Settings\Karolina\Dane aplikacji\TmpRecentIcons
2008-10-25 13:37 . 2008-10-25 13:55 <DIR> d-------- C:\Program Files\HDTVNetworks
2008-10-25 13:35 . 2008-04-14 21:51 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-10-22 14:20 . 2008-10-22 14:20 <DIR> d-------- C:\Documents and Settings\Karolina\Dane aplikacji\BESTplayer
2008-10-20 22:10 . 2008-10-20 22:38 <DIR> d-------- C:\Muzyka
2008-10-20 21:36 . 2008-10-28 19:25 <DIR> d-------- C:\Program Files\DAEMON Tools Toolbar
2008-10-20 21:26 . 2008-10-20 21:26 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\Ahead
2008-10-20 21:19 . 2008-10-20 21:19 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-10-20 21:19 . 2008-10-20 21:19 <DIR> d-------- C:\Program Files\Ahead
2008-10-20 21:19 . 2001-07-06 13:41 569,344 --a------ C:\WINDOWS\system32\imagr5.dll
2008-10-20 21:19 . 2001-07-06 11:44 544,768 --a------ C:\WINDOWS\system32\imagx5.dll
2008-10-20 21:19 . 2001-07-06 17:24 283,920 --a------ C:\WINDOWS\system32\ImagXpr5.dll
2008-10-20 21:19 . 2001-07-09 10:50 163,840 --a------ C:\WINDOWS\system32\NeroCheck.exe
2008-10-20 21:19 . 2003-03-29 15:45 89,184 --a------ C:\WINDOWS\system32\drivers\imagedrv.sys
2008-10-20 21:19 . 2003-07-22 15:29 57,344 --a------ C:\WINDOWS\system32\ImageDrive.cpl
2008-10-20 21:19 . 2001-06-26 07:15 38,912 --a------ C:\WINDOWS\system32\picn20.dll
2008-10-20 21:15 . 2008-10-20 21:15 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\DAEMON Tools
2008-10-20 21:15 . 2008-10-20 21:15 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-10-20 20:31 . 2008-10-20 20:31 <DIR> d-------- C:\Program Files\AskBarDis
2008-10-20 20:31 . 2008-10-20 21:29 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\Azureus
2008-10-20 20:31 . 2008-10-20 20:31 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Azureus
2008-10-20 20:27 . 2008-10-20 20:28 <DIR> d-------- C:\Program Files\Vuze
2008-10-20 20:27 . 2008-06-10 01:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-10-20 20:26 . 2008-10-20 20:27 <DIR> d-------- C:\Program Files\Java
2008-10-20 20:24 . 2008-10-20 20:24 <DIR> d-------- C:\Program Files\Common Files\Java
2008-10-19 19:03 . 2008-10-19 20:54 <DIR> d-------- C:\Documents and Settings\Karolina\Dane aplikacji\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a>
2008-10-19 18:23 . 2008-10-19 18:23 <DIR> d-------- C:\Program Files\Super Torrent Search
2008-10-19 18:14 . 2008-10-19 18:33 <DIR> d-------- C:\Program Files\uTorrent
2008-10-19 18:14 . 2008-10-25 13:37 <DIR> d-------- C:\Documents and Settings\Karolina\Dane aplikacji\uTorrent
2008-10-19 18:02 . 2008-10-19 18:02 <DIR> d-------- C:\Documents and Settings\Karolina\Dane aplikacji\Ventrilo
2008-10-15 15:31 . 2008-10-15 15:31 <DIR> d-------- C:\Program Files\GoldWave
2008-10-13 22:19 . 2008-10-13 22:19 <DIR> d-------- C:\Program Files\Ventrilo
2008-10-13 22:19 . 2008-10-13 22:19 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-13 22:19 . 2008-10-13 22:20 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\Ventrilo
2008-10-13 21:00 . 2008-10-13 21:00 <DIR> d--h----- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
2008-10-13 21:00 . 2006-12-25 21:00 198,656 --a------ C:\WINDOWS\system32\CNMLM8R.DLL
2008-10-13 20:57 . 2008-04-13 23:15 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-10-13 20:57 . 2008-04-13 23:15 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-10-13 20:53 . 2008-10-13 20:53 <DIR> d-------- C:\Program Files\Canon
2008-10-13 20:53 . 2008-04-13 23:17 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-10-13 20:53 . 2008-04-13 23:17 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-10-13 20:52 . 2008-04-13 23:15 32,128 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-10-13 20:52 . 2008-04-13 23:15 32,128 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-10-12 18:33 . 2008-04-13 23:15 26,368 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-10-10 17:54 . 2008-10-28 07:34 <DIR> d-------- C:\Documents and Settings\Karolina\Dane aplikacji\OpenOffice.org2
2008-10-09 18:58 . 2008-10-09 18:58 <DIR> d-------- C:\FPC
2008-10-05 17:48 . 2008-10-05 17:48 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\Toribash
2008-10-05 17:47 . 2008-10-05 17:47 <DIR> d-------- C:\Games
2008-10-01 21:26 . 2008-10-24 14:59 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\OpenOffice.org2
2008-10-01 21:19 . 2008-10-01 21:21 <DIR> d-------- C:\Program Files\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a>
2008-10-01 21:19 . 2008-10-01 21:21 <DIR> d-------- C:\Documents and Settings\Marek\Dane aplikacji\<a href="http://www.download.net.pl/1/Winamp/">Winamp</a>
2008-10-01 20:42 . 2008-10-01 20:42 <DIR> d-------- C:\Program Files\OpenOffice.org 2.4
2008-09-30 19:44 . 2008-09-30 19:44 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-29 14:51 . 2008-09-29 14:51 <DIR> d-------- C:\Program Files\Razor
2008-09-29 14:43 . 2008-09-29 14:43 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2008-09-29 14:43 . 2008-09-29 14:43 <DIR> d-------- C:\Program Files\Reference Assemblies
2008-09-29 14:43 . 2008-09-29 14:43 <DIR> d-------- C:\Program Files\MSBuild
2008-09-29 14:42 . 2006-06-29 12:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2008-09-29 14:25 . 2008-09-29 14:28 <DIR> d-------- C:\Program Files\RegCleaner
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-27 18:44 --------- d-----w C:\Program Files\Opera
2008-10-23 16:42 138,280 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-10-23 16:42 111,928 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-10-01 20:16 --------- d-----w C:\Program Files\InstallShield Installation Information
2008-09-27 20:46 --------- d-----w C:\Documents and Settings\Karolina\Dane aplikacji\Gadu-Gadu
2008-09-25 18:09 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-09-25 13:30 --------- d-----w C:\Program Files\IrfanView
2008-09-24 22:42 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-24 22:28 --------- d-----w C:\Program Files\Gadu-Gadu
2008-09-24 21:13 --------- d-----w C:\Program Files\C-Media 3D Audio
2008-09-24 20:18 --------- d-----w C:\Program Files\microsoft frontpage
2008-09-24 20:16 --------- d-----w C:\Program Files\Usługi online
2008-08-06 13:29 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-08-06 13:27 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-07-31 08:41 68,616 ----a-w C:\WINDOWS\system32\XAPOFX1_1.dll
2008-07-31 08:41 238,088 ----a-w C:\WINDOWS\system32\xactengine3_2.dll
2008-07-31 08:40 509,448 ----a-w C:\WINDOWS\system32\XAudio2_2.dll
2001-11-23 10:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.
------- Sigcheck -------
2008-04-14 21:51 1043456 0c81a3099f86c345147dd3f3a77acb80 C:\WINDOWS\explorer.exe
2008-04-14 21:51 1043456 60ac00a36996ef3c7b1b20c4d64b9a0e C:\WINDOWS\ServicePackFiles\i386\explorer.exe
2008-04-14 21:51 1043456 9b8f81bf8212246c59e47b5bc8711b90 C:\WINDOWS\system32\dllcache\explorer.exe
2008-04-14 21:51 23552 3c74e9c08078e209d951ecc19eae72af C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe
2008-04-14 21:51 23552 651fe132c83e83c63abb47f9dfcefeb7 C:\WINDOWS\system32\ctfmon.exe
2008-04-14 21:51 23552 dcc9c3a0dab5b6419a151e75f3cb0f92 C:\WINDOWS\system32\dllcache\ctfmon.exe
2008-04-14 21:51 66048 18ca9190c6f8008895fe699fafca9ebf C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe
2008-04-14 21:51 66048 df96765a96c267b845e20f2b783de25b C:\WINDOWS\system32\spoolsv.exe
2008-04-14 21:51 66048 b573ab129c0e19f02a65e91e00e9d0f9 C:\WINDOWS\system32\dllcache\spoolsv.exe
2008-04-14 21:51 120320 bd9c12b2cdb32df1a4fc30717bbf5463 C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe
2008-04-14 21:51 120320 b90f344567849326d380fdb811a95bc8 C:\WINDOWS\system32\wuauclt.exe
2008-04-14 21:51 120320 197bf0b1a7afd56a7e9d980bd9883be3 C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-04-14 21:51 34816 ebeaeade004c9c9947d8d7e1ed927460 C:\WINDOWS\ServicePackFiles\i386\userinit.exe
2008-04-14 21:51 34816 53dc709e97d8f201dba64c155d1122c4 C:\WINDOWS\system32\userinit.exe
2008-04-14 21:51 34816 f355cfda01e48132dcf59da18080bd38 C:\WINDOWS\system32\dllcache\userinit.exe
.
((((((((((((((((((((((((((((( snapshot_2008-10-28_18.37.44,57 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-08-22 16:04:56 69,120 ----a-w C:\WINDOWS\daemon.dll
- 2000-08-31 07:00:00 38,912 ----a-w C:\WINDOWS\NIRCMD.exe
+ 2000-08-31 07:00:00 28,672 ----a-w C:\WINDOWS\NIRCMD.exe
- 2000-08-31 07:00:00 170,496 ----a-w C:\WINDOWS\SWREG.exe
+ 2000-08-31 07:00:00 161,792 ----a-w C:\WINDOWS\SWREG.exe
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "C:\Program Files\AskBarDis\bar\bin\askBar.dll" [2008-10-02 325000]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 2127296]
"GoD"="C:\Documents and Settings\Marek\Moje dokumenty\GoD\GoD.exe" [2008-10-25 2525696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-03 13529088]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-03 86016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 163840]
"NvSvc"="C:\WINDOWS\system32\nvsvc32.exe" [2008-10-27 64000]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2004-08-22 81920]
"services"="C:\WINDOWS\services.exe" [2008-10-28 40960]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 23552]
C:\Documents and Settings\Karolina\Menu Start\Programy\Autostart\
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 401408]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\WINDOWS\\system32\\nvsvc32.exe"=
S4 ASKService;ASKService;C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-10-02 460168]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-28 22:29:35
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
detected NTDLL code modification:
ZwOpenFile
skanowanie ukrytych procesów ...
skanowanie ukrytych wpisów autostartu ...
skanowanie ukrytych plików ...
C:\WINDOWS\file.bat
skanowanie pomyślnie ukończone
ukryte pliki: 1
**************************************************************************
.
Czas ukończenia: 2008-10-28 22:31:26
ComboFix-quarantined-files.txt 2008-10-28 21:31:03
ComboFix2.txt 2008-10-28 17:38:56
ComboFix3.txt 2008-10-27 18:29:07
ComboFix4.txt 2008-10-27 17:51:22
Przed: 7 917 920 256 bajtów wolnych
Po: 7,907,147,776 bajtów wolnych
212
#8
ordynat
-
-
- 804 postów
Zaawansowany użytkownik
Napisano 29 10 2008 - 00:03
Wklej do Notatnika:
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe
? podobnie jak na tym obrazku -->
Ma się rozpocząć usuwanie. (i powstanie log)
Po restarcie usuń ręcznie folder C:\Qoobox.
Daj ten log, króry powstanie w trakcie usuwania.
Trzeba sprawdzić, czy to VIRUT, czy jakiś Twój program zmodyfikował "NTDLL.dll".
ordynat
File:: C:\WINDOWS\services.exe C:\WINDOWS\file.bat Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "services"=->>Plik>>Zapisz jako... >>> CFScript
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe
? podobnie jak na tym obrazku -->
Ma się rozpocząć usuwanie. (i powstanie log)
Po restarcie usuń ręcznie folder C:\Qoobox.
Daj ten log, króry powstanie w trakcie usuwania.
To może być modyfikacja wirusa VIRUT, a w takim przypadku będzie Cię czekać sformatowanie dysku.detected NTDLL code modification:
ZwOpenFile
Trzeba sprawdzić, czy to VIRUT, czy jakiś Twój program zmodyfikował "NTDLL.dll".
Użyj -->.Dr. Web CureIt (niżej na stronie linku)
Ustaw go na pełny scan i po początkowym, wstępnym scanie kliknij strzałkę po prawej, by zacząć scan właściwy.
Daj z niego raport.
ordynat
#9
Filozoph
-
-
- 6 postów
Obserwator
Napisano 29 10 2008 - 16:32
Po 4 minutach znaleziono 70 programów zainfekowanych Virut'em...
Do kasacji idzie wszystko, czy moge przerzucić najważniejsze rzeczy na linuxa?
Do kasacji idzie wszystko, czy moge przerzucić najważniejsze rzeczy na linuxa?
#10
ordynat
-
-
- 804 postów
Zaawansowany użytkownik
Napisano 29 10 2008 - 18:28
Chyba tak, ale pod warunkiem, że nie będzie żadnego *.exe.!
ordynat
ordynat
Użytkownicy przeglądający ten temat: 0
0 użytkowników, 0 gości, 0 anonimowych
