├── README.md ├── 949A2A6D.md ├── B50C3DF2.md ├── A3150A5E.md └── 8C777025.md /README.md: -------------------------------------------------------------------------------- 1 | # av-fingerprints 2 | 3 | This is a partial replication of results of the "[AVLeak: 4 | Fingerprinting Antivirus Emulators Through Black-Box Testing](https://www.usenix.org/system/files/conference/woot16/woot16-paper-blackthorne_update.pdf)" paper that was presented at WOOT '16 and Black Hat USA 2016. Techniques from the paper are used to leak "fingerprints" from the x86 Windows emulators of various AV software. This can be used to develop and detect evasive malware. 5 | 6 | Special thanks to Alexei Bulazel ([@0xAlexei](https://twitter.com/0xAlexei)) for his assistance. 7 | 8 | | | [8C777025](8C777025.md) | [949A2A6D](949A2A6D.md) | [A3150A5E](A3150A5E.md) | [B50C3DF2](B50C3DF2.md) | 9 | |:--|:-----------------------:|:-----------------------:|:-----------------------:|:-----------------------:| 10 | | **Environmental Artifacts** | [3](8C777025.md#environmental-artifacts) | [3](949A2A6D.md#environmental-artifacts) | [4](A3150A5E.md#environmental-artifacts) | [3](B50C3DF2.md#environmental-artifacts) | 11 | | **OS API Inconsistency** | 0 | [2](949A2A6D.md#os-api-inconsistency) | 0 | [1](B50C3DF2.md#os-api-inconsistency) | 12 | | **Network Emulation** | 0 | 0 | 0 | 0 | 13 | | **Timing** | 0 | 0 | 0 | 0 | 14 | | **Process Introspection** | 0 | 0 | 0 | 0 | 15 | | **CPU “Red Pills”** | 0 | 0 | 0 | 0 | 16 | -------------------------------------------------------------------------------- /949A2A6D.md: -------------------------------------------------------------------------------- 1 | # 949A2A6D v4.00.09 2 | 3 | ## Environmental Artifacts 4 | 5 | ### argv[0] 6 | 7 | ``` 8 | C:\Documents and Settings\Administrator\Desktop\Analysis.exe 9 | ``` 10 | 11 | ### GetEnvironmentStrings 12 | 13 | ``` 14 | ALLUSERSPROFILE=C:\Documents and Settings\All Users 15 | APPDATA=C:\Documents and Settings\Administrator\Application Data 16 | CLIENTNAME=Console 17 | CommonProgramFiles=C:\Program Files\Common Files 18 | COMPUTERNAME=Ikar-Sys-Sim-PC 19 | ComSpec=C:\Windows\System32\cmd.exe 20 | FP_NO_HOST_CHECK=NO 21 | HOMEDRIVE=C: 22 | HOMEPATH=\Documents and Settings\Administrator 23 | LOGONSERVER=\\Ikar-Sys-Sim-PC 24 | NUMBER_OF_PROCESSORS=1 25 | OS=Windows_NT 26 | Path=C:\Windows\System32;C:\Windows 27 | PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH 28 | PROCESSOR_ARCHITECTURE=x86 29 | PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 8, GenuineIntel 30 | PROCESSOR_LEVEL=6 31 | PROCESSOR_REVISION=0f08 32 | ProgramFiles=C:\Program Files 33 | PROMPT=$P$G 34 | SESSIONNAME=Console 35 | SystemDrive=C: 36 | SystemRoot=C:\Windows 37 | TEMP=C:\Windows\Temp 38 | TMP=C:\Windows\Temp 39 | USERDOMAIN= 40 | USERNAME=Administrator 41 | USERPROFILE=C:\Documents and Settings\Administrator 42 | windir=C:\Windows 43 | ``` 44 | 45 | ### CreateToolhelp32Snapshot 46 | 47 | ``` 48 | PPID PID Process Name 49 | 0 0 System Idle Process 50 | 0 4 System 51 | 4 548 smss.exe 52 | 548 604 csrss.exe 53 | 548 628 winlogon.exe 54 | 628 672 services.exe 55 | 672 880 svchost.exe 56 | 672 1324 spoolsv.exe 57 | 672 1248 alg.exe 58 | 628 684 lsass.exe 59 | 0 1688 explorer.exe 60 | 1688 1800 iexplore.exe 61 | 1688 1964 cmd.exe 62 | 1688 1984 Analysis.exe 63 | ``` 64 | 65 | ## OS API Inconsistency 66 | 67 | ### GetSystemRegistryQuota 68 | 69 | `pdwQuotaAllowed` and `pdwQuotaUsed` are not supposed to be `null`. 70 | 71 | ``` 72 | DWORD pdwQuotaAllowed = 0x00000000; 73 | DWORD pdwQuotaUsed = 0x00000000; 74 | ``` 75 | 76 | ### GetProcessVersion 77 | 78 | `0x00050002`: Windows Server 2003 R2, Windows Server 2003, Windows XP 64-Bit Edition. 79 | 80 | ```c 81 | DWORD process_version = GetProcessVersion(0); // => 0x00050002 82 | ``` 83 | -------------------------------------------------------------------------------- /B50C3DF2.md: -------------------------------------------------------------------------------- 1 | # B50C3DF2 v13.0.3114 2 | 3 | ## Environmental Artifacts 4 | 5 | ### argv[0] 6 | 7 | The executable name is 6 randomly generated lower-alphabetic characters. 8 | 9 | ``` 10 | C:\Documents and Settings\Administrator\My Documents\cbfrxd.exe 11 | C:\Documents and Settings\Administrator\My Documents\gdtfwl.exe 12 | C:\Documents and Settings\Administrator\My Documents\kswymt.exe 13 | C:\Documents and Settings\Administrator\My Documents\anlbux.exe 14 | C:\Documents and Settings\Administrator\My Documents\dsjtfc.exe 15 | ``` 16 | 17 | ### GetEnvironmentStrings 18 | 19 | ``` 20 | ALLUSERSPROFILE=C:\Documents and Settings\All Users 21 | APPDATA=C:\Documents and Settings\Administrator\Application Data 22 | CLIENTNAME=Console 23 | CommonProgramFiles=C:\Program Files\Common Files 24 | COMPUTERNAME=ELICZ 25 | ComSpec=C:\WINDOWS\system32\cmd.exe 26 | FP_NO_HOST_CHECK=NO 27 | HOMEDRIVE=C: 28 | HOMEPATH=\Documents and Settings\Administrator 29 | LOGONSERVER=\\ELICZ 30 | NUMBER_OF_PROCESSORS=2 31 | OS=Windows_NT 32 | Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem 33 | PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH 34 | PROCESSOR_ARCHITECTURE=x86 35 | PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 3, AuthenticAMD 36 | PROCESSOR_LEVEL=15 37 | PROCESSOR_REVISION=0403 38 | ProgramFiles=C:\Program Files 39 | SESSIONNAME=Console 40 | SystemDrive=C: 41 | SystemRoot=C:\WINDOWS 42 | TEMP=C:\WINDOWS\Temp 43 | TMP=C:\WINDOWS\Temp 44 | USERDOMAIN=ELICZ 45 | USERNAME=Administrator 46 | USERPROFILE=C:\Documents and Settings\Administrator 47 | windir=C:\WINDOWS 48 | ``` 49 | 50 | ### CreateToolhelp32Snapshot 51 | 52 | ``` 53 | PPID PID Process Name 54 | 0 0 [System Process] 55 | 0 4 System 56 | 4 12 smss.exe 57 | 12 20 csrss.exe 58 | 12 28 winlogon.exe 59 | 28 36 services.exe 60 | 28 44 lsass.exe 61 | 36 52 svchost.exe 62 | 36 60 spoolsv.exe 63 | 65524 68 explorer.exe 64 | 36 76 AVP.EXE 65 | 36 84 PCCTOOL.EXE 66 | 36 92 TMPROXY.EXE 67 | 36 100 OUTPOST.EXE 68 | 36 108 VSSERV.EXE 69 | 36 116 ZAPRO.EXE 70 | 36 124 REALMON.EXE 71 | 36 132 VETMSG.EXE 72 | 36 140 VETTRAY.EXE 73 | 36 148 ZLCLIENTE.EXE 74 | 36 156 ZONEALARM.EXE 75 | 36 164 ZLCLIENT.EXE 76 | 36 172 CCAPP.EXE 77 | 36 180 CCSETMGR.EXE 78 | 36 188 CCEVTMGR.EXE 79 | 36 196 SCCOMM.EXE 80 | 36 204 CCCPROXY.EXE 81 | 36 212 NAVW32.EXE 82 | 36 220 NAVAPSVC.EXE 83 | 36 228 NPFMNTOR.EXE 84 | 36 236 CPDCLNT.EXE 85 | 36 244 PCCNTUPD.EXE 86 | 36 252 TMNTSRV.EXE 87 | 36 260 PAVPRSRV.EXE 88 | 36 268 PADMIN.EXE 89 | 36 276 PAVPROT.EXE 90 | 36 284 PANDAAV.EXE 91 | 36 292 AVENGINE.EXE 92 | 36 300 APVXDWIN.EXE 93 | 36 308 AVGUARD.EXE 94 | 36 316 AVGNT.EXE 95 | 36 324 AVSCHED32.EXE 96 | 36 332 NOD32KRN.EXE 97 | 36 340 NOD32.EXE 98 | 36 348 GBPSV.EXE 99 | 36 356 NOD32KUI.EXE 100 | 36 364 KAV.EXE 101 | 36 372 KAVMM.EXE 102 | 36 380 KAVPF.EXE 103 | 36 388 AVGEMC.EXE 104 | 36 396 AVGCC.EXE 105 | 36 404 AVGAMSVR.EXE 106 | 36 412 AVGUPSVC.EXE 107 | 36 420 AVGW.EXE 108 | 36 428 ASHWEBSV.EXE 109 | 36 436 ASHDISP.EXE 110 | 36 444 ASHMAISV.EXE 111 | 36 452 ASHSERV.EXE 112 | 36 460 ASHUPDSV.EXE 113 | 36 468 EWIDOCTRL.EXE 114 | 36 476 GUARD.EXE 115 | 36 484 GCASDTSERV.EXE 116 | 36 492 MSMPENG.EXE 117 | 36 500 MCAFEE.EXE 118 | 68 508 iexplore.exe 119 | 68 516 firefox.exe 120 | 68 524 opera.exe 121 | 68 532 safari.exe 122 | 68 936 vzrbaa.exe 123 | 68 936 jtpyzc.exe 124 | 68 936 pukfco.exe 125 | 68 936 twyzmg.exe 126 | 68 936 jtbtwy.exe 127 | 68 936 and so on... 128 | ``` 129 | 130 | ## OS API Inconsistency 131 | 132 | ### GetSystemRegistryQuota 133 | 134 | `pdwQuotaAllowed` and `pdwQuotaUsed` are not supposed to be `null`. 135 | 136 | ``` 137 | DWORD pdwQuotaAllowed = 0x00000000; 138 | DWORD pdwQuotaUsed = 0x00000000; 139 | ``` 140 | -------------------------------------------------------------------------------- /A3150A5E.md: -------------------------------------------------------------------------------- 1 | # A3150A5E v18.6.3983.0 2 | 3 | ## Environmental Artifacts 4 | 5 | ### argv[0] 6 | 7 | The executable name is 6 randomly generated lower-alphabetic characters. 8 | 9 | ``` 10 | C:\Documents and Settings\Administrator\My Documents\cbfrxd.exe 11 | C:\Documents and Settings\Administrator\My Documents\gdtfwl.exe 12 | C:\Documents and Settings\Administrator\My Documents\kswymt.exe 13 | C:\Documents and Settings\Administrator\My Documents\anlbux.exe 14 | C:\Documents and Settings\Administrator\My Documents\dsjtfc.exe 15 | ``` 16 | 17 | ### GetEnvironmentStrings 18 | 19 | ``` 20 | ALLUSERSPROFILE=C:\Documents and Settings\All Users 21 | APPDATA=C:\Documents and Settings\Administrator\Application Data 22 | CLIENTNAME=Console 23 | CommonProgramFiles=C:\Program Files\Common Files 24 | COMPUTERNAME=ELICZ 25 | ComSpec=C:\WINDOWS\system32\cmd.exe 26 | FP_NO_HOST_CHECK=NO 27 | HOMEDRIVE=C: 28 | HOMEPATH=\Documents and Settings\Administrator 29 | LOGONSERVER=\\ELICZ 30 | NUMBER_OF_PROCESSORS=2 31 | OS=Windows_NT 32 | Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem 33 | PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH 34 | PROCESSOR_ARCHITECTURE=x86 35 | PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 3, AuthenticAMD 36 | PROCESSOR_LEVEL=15 37 | PROCESSOR_REVISION=0403 38 | ProgramFiles=C:\Program Files 39 | SESSIONNAME=Console 40 | SystemDrive=C: 41 | SystemRoot=C:\WINDOWS 42 | TEMP=C:\WINDOWS\Temp 43 | TMP=C:\WINDOWS\Temp 44 | USERDOMAIN=ELICZ 45 | USERNAME=Administrator 46 | USERPROFILE=C:\Documents and Settings\Administrator 47 | windir=C:\WINDOWS 48 | ``` 49 | 50 | ### CreateToolhelp32Snapshot 51 | 52 | ``` 53 | Index PPID PID Process Name 54 | 0000 0 0 [System Process] 55 | 0001 0 4 System 56 | 0002 4 12 smss.exe 57 | 0003 12 20 csrss.exe 58 | 0004 12 28 winlogon.exe 59 | 0005 28 36 services.exe 60 | 0006 28 44 lsass.exe 61 | 0007 36 52 svchost.exe 62 | 0008 36 60 spoolsv.exe 63 | 0009 65524 68 explorer.exe 64 | 0010 36 540 msascui.exe 65 | 0011 36 76 AVP.EXE 66 | 0012 36 84 PCCTOOL.EXE 67 | 0013 36 92 TMPROXY.EXE 68 | 0014 36 100 OUTPOST.EXE 69 | 0015 36 108 VSSERV.EXE 70 | 0016 36 116 ZAPRO.EXE 71 | 0017 36 124 REALMON.EXE 72 | 0018 36 132 VETMSG.EXE 73 | 0019 36 140 VETTRAY.EXE 74 | 0020 36 148 ZLCLIENTE.EXE 75 | 0021 36 156 ZONEALARM.EXE 76 | 0022 36 164 ZLCLIENT.EXE 77 | 0023 36 172 CCAPP.EXE 78 | 0024 36 180 CCSETMGR.EXE 79 | 0025 36 188 CCEVTMGR.EXE 80 | 0026 36 196 SCCOMM.EXE 81 | 0027 36 204 CCCPROXY.EXE 82 | 0028 36 212 NAVW32.EXE 83 | 0029 36 220 NAVAPSVC.EXE 84 | 0030 36 228 NPFMNTOR.EXE 85 | 0031 36 236 CPDCLNT.EXE 86 | 0032 36 244 PCCNTUPD.EXE 87 | 0033 36 252 TMNTSRV.EXE 88 | 0034 36 260 PAVPRSRV.EXE 89 | 0035 36 268 PADMIN.EXE 90 | 0036 36 276 PAVPROT.EXE 91 | 0037 36 284 PANDAAV.EXE 92 | 0038 36 292 AVENGINE.EXE 93 | 0039 36 300 APVXDWIN.EXE 94 | 0040 36 308 AVGUARD.EXE 95 | 0041 36 316 AVGNT.EXE 96 | 0042 36 324 AVSCHED32.EXE 97 | 0043 36 332 NOD32KRN.EXE 98 | 0044 36 340 NOD32.EXE 99 | 0045 36 348 GBPSV.EXE 100 | 0046 36 356 NOD32KUI.EXE 101 | 0047 36 364 KAV.EXE 102 | 0048 36 372 KAVMM.EXE 103 | 0049 36 380 KAVPF.EXE 104 | 0050 36 388 AVGEMC.EXE 105 | 0051 36 396 AVGCC.EXE 106 | 0052 36 404 AVGAMSVR.EXE 107 | 0053 36 412 AVGUPSVC.EXE 108 | 0054 36 420 AVGW.EXE 109 | 0055 36 428 ASHWEBSV.EXE 110 | 0056 36 436 ASHDISP.EXE 111 | 0057 36 444 ASHMAISV.EXE 112 | 0058 36 452 ASHSERV.EXE 113 | 0059 36 460 ASWUPDSV.EXE 114 | 0060 36 468 EWIDOCTRL.EXE 115 | 0061 36 476 GUARD.EXE 116 | 0062 36 484 GCASDTSERV.EXE 117 | 0063 36 492 MSMPENG.EXE 118 | 0064 36 500 MCAFEE.EXE 119 | 0065 68 508 iexplore.exe 120 | 0066 68 516 firefox.exe 121 | 0067 68 524 opera.exe 122 | 0068 68 532 safari.exe 123 | 0069 68 936 sjnkfw.exe 124 | 0070 68 936 qiepks.exe 125 | 0071 68 936 anzmgd.exe 126 | 0072 68 936 wymtbt.exe 127 | 0073 68 936 uxrmtm.exe 128 | 0074 68 936 qvdecb.exe 129 | 0075 68 936 aaangq.exe 130 | 0076 68 936 fswlie.exe 131 | .... 68 936 and so on... 132 | ``` 133 | 134 | ## FindNextFile 135 | 136 | The executable names in `C:\Documents and Settings\Administrator\My Documents` are 6 randomly generated lower-alphabetic characters. 137 | 138 | ``` 139 | Directory of C: 140 | 141 | 02/13/2008 11:24 AM Documents and Settings 142 | 02/13/2008 11:24 AM Program Files 143 | 02/13/2008 11:24 AM RECYCLER 144 | 02/13/2008 11:24 AM System Volume Information 145 | 02/13/2008 11:24 AM WINDOWS 146 | 147 | Directory of C:\Documents and Settings 148 | 149 | 02/13/2008 11:24 AM . 150 | 02/13/2008 11:24 AM .. 151 | 02/13/2008 11:24 AM Administrator 152 | 02/13/2008 11:24 AM All Users 153 | 02/13/2008 11:24 AM Default User 154 | 155 | Directory of C:\Documents and Settings\Administrator 156 | 157 | 02/13/2008 11:24 AM . 158 | 02/13/2008 11:24 AM .. 159 | 02/13/2008 11:24 AM Application Data 160 | 02/13/2008 11:24 AM Cookies 161 | 02/13/2008 11:24 AM Desktop 162 | 02/13/2008 11:24 AM Local Settings 163 | 02/13/2008 11:24 AM My Documents 164 | 02/13/2008 11:24 AM Start Menu 165 | 166 | Directory of C:\Documents and Settings\Administrator\Application Data 167 | 168 | 02/13/2008 11:24 AM . 169 | 02/13/2008 11:24 AM .. 170 | 02/13/2008 11:24 AM Microsoft 171 | 172 | Directory of C:\Documents and Settings\Administrator\Application Data\Microsoft 173 | 174 | 02/13/2008 11:24 AM . 175 | 02/13/2008 11:24 AM .. 176 | 02/13/2008 11:24 AM AddIns 177 | 178 | Directory of C:\Documents and Settings\Administrator\Application Data\Microsoft\AddIns 179 | 180 | 02/13/2008 11:24 AM . 181 | 02/13/2008 11:24 AM .. 182 | 183 | Directory of C:\Documents and Settings\Administrator\Cookies 184 | 185 | 02/13/2008 11:24 AM . 186 | 02/13/2008 11:24 AM .. 187 | 188 | Directory of C:\Documents and Settings\Administrator\Desktop 189 | 190 | 02/13/2008 11:24 AM . 191 | 02/13/2008 11:24 AM .. 192 | 02/13/2008 11:24 AM 65,536 victim.doc 193 | 02/13/2008 11:24 AM 65,536 victim.jpg 194 | 02/13/2008 11:24 AM 512 victim.txt 195 | 02/13/2008 11:24 AM 65,536 victim.xls 196 | 197 | Directory of C:\Documents and Settings\Administrator\Local Settings 198 | 199 | 02/13/2008 11:24 AM . 200 | 02/13/2008 11:24 AM .. 201 | 02/13/2008 11:24 AM Application Data 202 | 02/13/2008 11:24 AM Temp 203 | 02/13/2008 11:24 AM Temporary Internet Files 204 | 205 | Directory of C:\Documents and Settings\Administrator\Local Settings\Application Data 206 | 207 | 02/13/2008 11:24 AM . 208 | 02/13/2008 11:24 AM .. 209 | 210 | Directory of C:\Documents and Settings\Administrator\Local Settings\Temp 211 | 212 | 02/13/2008 11:24 AM . 213 | 02/13/2008 11:24 AM .. 214 | 215 | Directory of C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files 216 | 217 | 02/13/2008 11:24 AM . 218 | 02/13/2008 11:24 AM .. 219 | 02/13/2008 11:24 AM Content.IE5 220 | 221 | Directory of C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 222 | 223 | 02/13/2008 11:24 AM . 224 | 02/13/2008 11:24 AM .. 225 | 226 | Directory of C:\Documents and Settings\Administrator\My Documents 227 | 228 | 02/13/2008 11:24 AM . 229 | 02/13/2008 11:24 AM .. 230 | 09/12/2016 12:13 PM 3,584 hkfwli.exe 231 | 09/12/2016 12:13 PM 3,584 lmtfgd.exe 232 | 09/12/2016 12:13 PM 3,584 kfhfva.exe 233 | 09/12/2016 12:13 PM 3,584 mgqirn.exe 234 | 09/12/2016 12:13 PM 3,584 sjjnkf.exe 235 | 09/12/2016 12:13 PM 3,584 abcdef.exe (continues forever) 236 | 237 | Directory of C:\Documents and Settings\Administrator\Start Menu 238 | 239 | 02/13/2008 11:24 AM . 240 | 02/13/2008 11:24 AM .. 241 | 02/13/2008 11:24 AM Programs 242 | 243 | Directory of C:\Documents and Settings\Administrator\Start Menu\Programs 244 | 245 | 02/13/2008 11:24 AM . 246 | 02/13/2008 11:24 AM .. 247 | 02/13/2008 11:24 AM Startup 248 | 249 | Directory of C:\Documents and Settings\Administrator\Start Menu\Programs\Startup 250 | 251 | 02/13/2008 11:24 AM . 252 | 02/13/2008 11:24 AM .. 253 | 254 | Directory of C:\Documents and Settings\All Users 255 | 256 | 02/13/2008 11:24 AM . 257 | 02/13/2008 11:24 AM .. 258 | 02/13/2008 11:24 AM Application Data 259 | 02/13/2008 11:24 AM Desktop 260 | 02/13/2008 11:24 AM Start Menu 261 | 262 | Directory of C:\Documents and Settings\All Users\Application Data 263 | 264 | 02/13/2008 11:24 AM . 265 | 02/13/2008 11:24 AM .. 266 | 267 | Directory of C:\Documents and Settings\All Users\Desktop 268 | 269 | 02/13/2008 11:24 AM . 270 | 02/13/2008 11:24 AM .. 271 | 272 | Directory of C:\Documents and Settings\All Users\Start Menu 273 | 274 | 02/13/2008 11:24 AM . 275 | 02/13/2008 11:24 AM .. 276 | 02/13/2008 11:24 AM Programs 277 | 278 | Directory of C:\Documents and Settings\All Users\Start Menu\Programs 279 | 280 | 02/13/2008 11:24 AM . 281 | 02/13/2008 11:24 AM .. 282 | 02/13/2008 11:24 AM Startup 283 | 284 | Directory of C:\Documents and Settings\All Users\Start Menu\Programs\Startup 285 | 286 | 02/13/2008 11:24 AM . 287 | 02/13/2008 11:24 AM .. 288 | 289 | Directory of C:\Documents and Settings\Default User 290 | 291 | 02/13/2008 11:24 AM . 292 | 02/13/2008 11:24 AM .. 293 | 02/13/2008 11:24 AM Application Data 294 | 02/13/2008 11:24 AM Start Menu 295 | 296 | Directory of C:\Documents and Settings\Default User\Application Data 297 | 298 | 02/13/2008 11:24 AM . 299 | 02/13/2008 11:24 AM .. 300 | 301 | Directory of C:\Documents and Settings\Default User\Start Menu 302 | 303 | 02/13/2008 11:24 AM . 304 | 02/13/2008 11:24 AM .. 305 | 02/13/2008 11:24 AM Programs 306 | 307 | Directory of C:\Documents and Settings\Default User\Start Menu\Programs 308 | 309 | 02/13/2008 11:24 AM . 310 | 02/13/2008 11:24 AM .. 311 | 02/13/2008 11:24 AM Startup 312 | 313 | Directory of C:\Documents and Settings\Default User\Start Menu\Programs\Startup 314 | 315 | 02/13/2008 11:24 AM . 316 | 02/13/2008 11:24 AM .. 317 | 318 | Directory of C:\Program Files 319 | 320 | 02/13/2008 11:24 AM . 321 | 02/13/2008 11:24 AM .. 322 | 02/13/2008 11:24 AM Common Files 323 | 02/13/2008 11:24 AM Internet Explorer 324 | 02/13/2008 11:24 AM Windows Media Player 325 | 326 | Directory of C:\Program Files\Common Files 327 | 328 | 02/13/2008 11:24 AM . 329 | 02/13/2008 11:24 AM .. 330 | 02/13/2008 11:24 AM Microsoft Shared 331 | 02/13/2008 11:24 AM System 332 | 333 | Directory of C:\Program Files\Common Files\Microsoft Shared 334 | 335 | 02/13/2008 11:24 AM . 336 | 02/13/2008 11:24 AM .. 337 | 338 | Directory of C:\Program Files\Common Files\System 339 | 340 | 02/13/2008 11:24 AM . 341 | 02/13/2008 11:24 AM .. 342 | 343 | Directory of C:\Program Files\Internet Explorer 344 | 345 | 02/13/2008 11:24 AM . 346 | 02/13/2008 11:24 AM .. 347 | 348 | Directory of C:\Program Files\Windows Media Player 349 | 350 | 02/13/2008 11:24 AM . 351 | 02/13/2008 11:24 AM .. 352 | 353 | Directory of C:\RECYCLER 354 | 355 | 02/13/2008 11:24 AM . 356 | 02/13/2008 11:24 AM .. 357 | 02/13/2008 11:24 AM S-1-5-21-0-0-0-500 358 | 359 | Directory of C:\RECYCLER\S-1-5-21-0-0-0-500 360 | 361 | 02/13/2008 11:24 AM . 362 | 02/13/2008 11:24 AM .. 363 | 364 | Directory of C:\System Volume Information 365 | 366 | 02/13/2008 11:24 AM . 367 | 02/13/2008 11:24 AM .. 368 | 369 | Directory of C:\WINDOWS 370 | 371 | 02/13/2008 11:24 AM . 372 | 02/13/2008 11:24 AM .. 373 | 02/13/2008 11:24 AM Fonts 374 | 02/13/2008 11:24 AM Installer 375 | 02/13/2008 11:24 AM Microsoft.NET 376 | 02/13/2008 11:24 AM Tasks 377 | 02/13/2008 11:24 AM Temp 378 | 02/13/2008 11:24 AM system 379 | 02/13/2008 11:24 AM system32 380 | 381 | Directory of C:\WINDOWS\Fonts 382 | 383 | 02/13/2008 11:24 AM . 384 | 02/13/2008 11:24 AM .. 385 | 386 | Directory of C:\WINDOWS\Installer 387 | 388 | 02/13/2008 11:24 AM . 389 | 02/13/2008 11:24 AM .. 390 | 391 | Directory of C:\WINDOWS\Microsoft.NET 392 | 393 | 02/13/2008 11:24 AM . 394 | 02/13/2008 11:24 AM .. 395 | 02/13/2008 11:24 AM Framework 396 | 397 | Directory of C:\WINDOWS\Microsoft.NET\Framework 398 | 399 | 02/13/2008 11:24 AM . 400 | 02/13/2008 11:24 AM .. 401 | 402 | Directory of C:\WINDOWS\Tasks 403 | 404 | 02/13/2008 11:24 AM . 405 | 02/13/2008 11:24 AM .. 406 | 407 | Directory of C:\WINDOWS\Temp 408 | 409 | 02/13/2008 11:24 AM . 410 | 02/13/2008 11:24 AM .. 411 | 412 | Directory of C:\WINDOWS\system 413 | 414 | 02/13/2008 11:24 AM . 415 | 02/13/2008 11:24 AM .. 416 | 417 | Directory of C:\WINDOWS\system32 418 | 419 | 02/13/2008 11:24 AM . 420 | 02/13/2008 11:24 AM .. 421 | 02/13/2008 11:24 AM dllcache 422 | 02/13/2008 11:24 AM drivers 423 | 02/13/2008 11:24 AM 989,696 kernel32.dll 424 | 02/13/2008 11:24 AM 706,048 ntdll.dll 425 | 02/13/2008 11:24 AM 1,048,576 victim.exe 426 | 02/13/2008 11:24 AM wbem 427 | 428 | Directory of C:\WINDOWS\system32\dllcache 429 | 430 | 02/13/2008 11:24 AM . 431 | 02/13/2008 11:24 AM .. 432 | 433 | Directory of C:\WINDOWS\system32\drivers 434 | 435 | 02/13/2008 11:24 AM . 436 | 02/13/2008 11:24 AM .. 437 | 02/13/2008 11:24 AM etc 438 | 439 | Directory of C:\WINDOWS\system32\drivers\etc 440 | 441 | 02/13/2008 11:24 AM . 442 | 02/13/2008 11:24 AM .. 443 | 444 | Directory of C:\WINDOWS\system32\wbem 445 | 446 | 02/13/2008 11:24 AM . 447 | 02/13/2008 11:24 AM .. 448 | ``` 449 | -------------------------------------------------------------------------------- /8C777025.md: -------------------------------------------------------------------------------- 1 | # 8C777025 v1.1.12805.0 2 | 3 | ## Environmental Artifacts 4 | 5 | ### argv[0] 6 | 7 | ``` 8 | C:\myapp.exe 9 | ``` 10 | 11 | ### GetEnvironmentStrings 12 | 13 | ``` 14 | ALLUSERSPROFILE=C:\Documents and Settings\All Users 15 | APPDATA=C:\Documents and Settings\Administrator\Application Data 16 | CLIENTNAME=Console 17 | COMSPEC=C:\WINDOWS\system32\cmd.exe 18 | FP_NO_HOST_CHECK=NO 19 | HOMEDRIVE=C: 20 | HOMEPATH=\Documents and Settings\Administrator 21 | NUMBER_OF_PROCESSORS=1 22 | PATH=C:\WINDOWS;C:\Program Files\Common Files\Microsoft Shared 23 | PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH 24 | ProgramFiles=C:\Program Files 25 | TEMP=C:\TEMP 26 | TMP=C:\TEMP 27 | SYSTEMDRIVE=C: 28 | SystemRoot=C:\WINDOWS 29 | USERPROFILE=C:\Documents and Settings\Administrator 30 | ``` 31 | 32 | ### CreateToolhelp32Snapshot 33 | 34 | ``` 35 | Index PPID PID Process Name 36 | 0000 0 0 [System Process] 37 | 0001 0 4 System 38 | 0002 0 356 smss.exe 39 | 0003 356 608 csrss.exe 40 | 0004 356 624 winlogon.exe 41 | 0005 624 676 services.exe 42 | 0006 676 856 svchost.exe 43 | 0007 676 1084 svchost.exe 44 | 0008 676 1268 spoolsv.exe 45 | 0009 624 680 lsass.exe 46 | 0010 624 700 kav.exe 47 | 0011 624 704 avpcc.exe 48 | 0012 624 708 _avpm.exe 49 | 0013 624 712 avp32.exe 50 | 0014 624 716 avp.exe 51 | 0015 624 720 antivirus.exe 52 | 0016 624 724 fsav.exe 53 | 0017 624 728 norton.exe 54 | 0018 624 732 msmpeng.exe 55 | 0019 624 736 msmpsvc.exe 56 | 0020 624 740 mrt.exe 57 | 0021 624 744 outpost.exe 58 | 0022 0 1768 explorer.exe 59 | 0023 1768 1796 iexplore.exe 60 | 0024 1768 1800 outlook.exe 61 | 0025 1768 1804 msimn.exe 62 | 0026 1768 1808 firefox.exe 63 | 0027 1768 1812 icq.exe 64 | 0028 1768 1816 yahoomessenger.exe 65 | 0029 1768 1820 msnmsgr.exe 66 | 0030 1768 1824 far.exe 67 | 0031 1768 1828 trillian.exe 68 | 0032 1768 1832 skype.exe 69 | 0033 1768 1836 googletalk.exe 70 | 0034 1768 1840 notepad.exe 71 | 0035 1768 1844 wmplayer.exe 72 | 0036 4097 1848 net.exe 73 | 0037 4097 1852 spawned.exe 74 | 0038 1768 4008 myapp.exe 75 | 0039 1768 3760 myapp.exe 76 | 0040 1768 4012 myapp.exe 77 | 0041 1768 3860 myapp.exe 78 | 0042 1768 3608 myapp.exe 79 | 0043 1768 3972 myapp.exe 80 | 0044 1768 3724 myapp.exe 81 | 0045 1768 3568 myapp.exe 82 | 0046 1768 3840 myapp.exe 83 | 0047 1768 3940 myapp.exe 84 | 0048 1768 3696 myapp.exe 85 | 0049 1768 4056 myapp.exe 86 | .... 1768 .... and so on... 87 | ``` 88 | 89 | ### FindNextFile 90 | 91 | ``` 92 | Directory of C: 93 | 94 | 01/23/2003 04:03 PM 1 config.sys 95 | 01/23/2003 04:03 PM Documents and Settings 96 | 01/23/2003 04:03 PM 3,584 IndexerVolumeGuid 97 | 01/23/2003 04:03 PM INTERNAL 98 | 01/23/2003 04:03 PM Mirc 99 | 01/23/2003 04:03 PM 3,584 myapp.exe 100 | 01/23/2003 04:03 PM 1 ntldr 101 | 01/23/2003 04:03 PM Program Files 102 | 01/23/2003 04:03 PM System Volume Information 103 | 01/23/2003 04:03 PM TEMP 104 | 01/23/2003 04:03 PM 1 tssafeedit.dat 105 | 01/23/2003 04:03 PM UserData 106 | 01/23/2003 04:03 PM WINDOWS 107 | 108 | Directory of C:\Documents and Settings 109 | 110 | 01/23/2003 04:03 PM . 111 | 01/23/2003 04:03 PM .. 112 | 01/23/2003 04:03 PM Administrator 113 | 01/23/2003 04:03 PM All Users 114 | 01/23/2003 04:03 PM JohnDoe 115 | 116 | Directory of C:\Documents and Settings\Administrator 117 | 118 | 01/23/2003 04:03 PM . 119 | 01/23/2003 04:03 PM .. 120 | 01/23/2003 04:03 PM Local Settings 121 | 122 | Directory of C:\Documents and Settings\Administrator\Local Settings 123 | 124 | 01/23/2003 04:03 PM . 125 | 01/23/2003 04:03 PM .. 126 | 01/23/2003 04:03 PM Application Data 127 | 128 | Directory of C:\Documents and Settings\Administrator\Local Settings\Application Data 129 | 130 | 01/23/2003 04:03 PM . 131 | 01/23/2003 04:03 PM .. 132 | 01/23/2003 04:03 PM Microsoft 133 | 134 | Directory of C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft 135 | 136 | 01/23/2003 04:03 PM . 137 | 01/23/2003 04:03 PM .. 138 | 01/23/2003 04:03 PM CD Burning 139 | 140 | Directory of C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\CD Burning 141 | 142 | 01/23/2003 04:03 PM . 143 | 01/23/2003 04:03 PM .. 144 | 01/23/2003 04:03 PM 1 __empty 145 | 146 | Directory of C:\Documents and Settings\All Users 147 | 148 | 01/23/2003 04:03 PM . 149 | 01/23/2003 04:03 PM .. 150 | 01/23/2003 04:03 PM Application Data 151 | 152 | Directory of C:\Documents and Settings\All Users\Application Data 153 | 154 | 01/23/2003 04:03 PM . 155 | 01/23/2003 04:03 PM .. 156 | 01/23/2003 04:03 PM Microsoft 157 | 158 | Directory of C:\Documents and Settings\All Users\Application Data\Microsoft 159 | 160 | 01/23/2003 04:03 PM . 161 | 01/23/2003 04:03 PM .. 162 | 01/23/2003 04:03 PM 1 __empty 163 | 164 | Directory of C:\Documents and Settings\JohnDoe 165 | 166 | 01/23/2003 04:03 PM . 167 | 01/23/2003 04:03 PM .. 168 | 01/23/2003 04:03 PM Application Data 169 | 01/23/2003 04:03 PM Desktop 170 | 01/23/2003 04:03 PM Local Settings 171 | 172 | Directory of C:\Documents and Settings\JohnDoe\Application Data 173 | 174 | 01/23/2003 04:03 PM . 175 | 01/23/2003 04:03 PM .. 176 | 01/23/2003 04:03 PM Microsoft 177 | 01/23/2003 04:03 PM 1 __empty 178 | 179 | Directory of C:\Documents and Settings\JohnDoe\Application Data\Microsoft 180 | 181 | 01/23/2003 04:03 PM . 182 | 01/23/2003 04:03 PM .. 183 | 01/23/2003 04:03 PM 1 __empty 184 | 185 | Directory of C:\Documents and Settings\JohnDoe\Desktop 186 | 187 | 01/23/2003 04:03 PM . 188 | 01/23/2003 04:03 PM .. 189 | 01/23/2003 04:03 PM 1 __empty 190 | 191 | Directory of C:\Documents and Settings\JohnDoe\Local Settings 192 | 193 | 01/23/2003 04:03 PM . 194 | 01/23/2003 04:03 PM .. 195 | 01/23/2003 04:03 PM Application Data 196 | 01/23/2003 04:03 PM Temporary Internet Files 197 | 198 | Directory of C:\Documents and Settings\JohnDoe\Local Settings\Application Data 199 | 200 | 01/23/2003 04:03 PM . 201 | 01/23/2003 04:03 PM .. 202 | 01/23/2003 04:03 PM Microsoft 203 | 204 | Directory of C:\Documents and Settings\JohnDoe\Local Settings\Application Data\Microsoft 205 | 206 | 01/23/2003 04:03 PM . 207 | 01/23/2003 04:03 PM .. 208 | 01/23/2003 04:03 PM Windows 209 | 210 | Directory of C:\Documents and Settings\JohnDoe\Local Settings\Application Data\Microsoft\Windows 211 | 212 | 01/23/2003 04:03 PM . 213 | 01/23/2003 04:03 PM .. 214 | 01/23/2003 04:03 PM 1 __empty 215 | 216 | Directory of C:\Documents and Settings\JohnDoe\Local Settings\Temporary Internet Files 217 | 218 | 01/23/2003 04:03 PM . 219 | 01/23/2003 04:03 PM .. 220 | 01/23/2003 04:03 PM 1 __empty 221 | 222 | Directory of C:\INTERNAL 223 | 224 | 01/23/2003 04:03 PM . 225 | 01/23/2003 04:03 PM .. 226 | 01/23/2003 04:03 PM 1 __empty 227 | 228 | Directory of C:\Mirc 229 | 230 | 01/23/2003 04:03 PM . 231 | 01/23/2003 04:03 PM .. 232 | 01/23/2003 04:03 PM 35 mirc.ini 233 | 01/23/2003 04:03 PM 18 script.ini 234 | 235 | Directory of C:\Program Files 236 | 237 | 01/23/2003 04:03 PM . 238 | 01/23/2003 04:03 PM .. 239 | 01/23/2003 04:03 PM Common Files 240 | 01/23/2003 04:03 PM Internet Explorer 241 | 01/23/2003 04:03 PM WebMoney 242 | 243 | Directory of C:\Program Files\Common Files 244 | 245 | 01/23/2003 04:03 PM . 246 | 01/23/2003 04:03 PM .. 247 | 01/23/2003 04:03 PM Microsoft Shared 248 | 01/23/2003 04:03 PM System 249 | 250 | Directory of C:\Program Files\Common Files\Microsoft Shared 251 | 252 | 01/23/2003 04:03 PM . 253 | 01/23/2003 04:03 PM .. 254 | 01/23/2003 04:03 PM 1 __empty 255 | 256 | Directory of C:\Program Files\Common Files\System 257 | 258 | 01/23/2003 04:03 PM . 259 | 01/23/2003 04:03 PM .. 260 | 01/23/2003 04:03 PM 1 __empty 261 | 01/23/2003 04:03 PM 1 wab32.dll 262 | 263 | Directory of C:\Program Files\Internet Explorer 264 | 265 | 01/23/2003 04:03 PM . 266 | 01/23/2003 04:03 PM .. 267 | 01/23/2003 04:03 PM 41,472 Iexplore.exe 268 | 01/23/2003 04:03 PM SIGNUP 269 | 01/23/2003 04:03 PM 1 __empty 270 | 271 | Directory of C:\Program Files\Internet Explorer\SIGNUP 272 | 273 | 01/23/2003 04:03 PM . 274 | 01/23/2003 04:03 PM .. 275 | 01/23/2003 04:03 PM 1 INSTALL.INS 276 | 277 | Directory of C:\Program Files\WebMoney 278 | 279 | 01/23/2003 04:03 PM . 280 | 01/23/2003 04:03 PM .. 281 | 01/23/2003 04:03 PM 1 __empty 282 | 283 | Directory of C:\System Volume Information 284 | 285 | 01/23/2003 04:03 PM . 286 | 01/23/2003 04:03 PM .. 287 | 01/23/2003 04:03 PM 1 __empty 288 | 289 | Directory of C:\TEMP 290 | 291 | 01/23/2003 04:03 PM . 292 | 01/23/2003 04:03 PM .. 293 | 01/23/2003 04:03 PM 1 __empty 294 | 295 | Directory of C:\UserData 296 | 297 | 01/23/2003 04:03 PM . 298 | 01/23/2003 04:03 PM .. 299 | 01/23/2003 04:03 PM 178,280 default.wab 300 | 301 | Directory of C:\WINDOWS 302 | 303 | 01/23/2003 04:03 PM . 304 | 01/23/2003 04:03 PM .. 305 | 01/23/2003 04:03 PM Debug 306 | 01/23/2003 04:03 PM FONTS 307 | 01/23/2003 04:03 PM 35,840 IEXPLORE.EXE 308 | 01/23/2003 04:03 PM Inf 309 | 01/23/2003 04:03 PM Media 310 | 01/23/2003 04:03 PM SYSTEM32 311 | 01/23/2003 04:03 PM System 312 | 01/23/2003 04:03 PM TEMP 313 | 01/23/2003 04:03 PM 2,560 TWAIN.DLL 314 | 01/23/2003 04:03 PM 1,024 TWAIN_32.DLL 315 | 01/23/2003 04:03 PM Web 316 | 01/23/2003 04:03 PM 239,104 explorer.exe 317 | 01/23/2003 04:03 PM 8,704 hh.exe 318 | 01/23/2003 04:03 PM 417 msdfmap.ini 319 | 01/23/2003 04:03 PM 9,216 notepad.exe 320 | 01/23/2003 04:03 PM 9,216 regedit.exe 321 | 01/23/2003 04:03 PM 8,704 taskman.exe 322 | 01/23/2003 04:03 PM 9,216 twunk_16.exe 323 | 01/23/2003 04:03 PM 8,704 twunk_32.exe 324 | 01/23/2003 04:03 PM 552 win.ini 325 | 01/23/2003 04:03 PM 8,704 winhelp.exe 326 | 01/23/2003 04:03 PM 8,704 winhlp32.exe 327 | 328 | Directory of C:\WINDOWS\Debug 329 | 330 | 01/23/2003 04:03 PM . 331 | 01/23/2003 04:03 PM .. 332 | 01/23/2003 04:03 PM 1 PASSWD.LOG 333 | 334 | Directory of C:\WINDOWS\FONTS 335 | 336 | 01/23/2003 04:03 PM . 337 | 01/23/2003 04:03 PM .. 338 | 01/23/2003 04:03 PM 1 __empty 339 | 340 | Directory of C:\WINDOWS\Inf 341 | 342 | 01/23/2003 04:03 PM . 343 | 01/23/2003 04:03 PM .. 344 | 01/23/2003 04:03 PM 1 __empty 345 | 346 | Directory of C:\WINDOWS\Media 347 | 348 | 01/23/2003 04:03 PM . 349 | 01/23/2003 04:03 PM .. 350 | 01/23/2003 04:03 PM 1 __empty 351 | 01/23/2003 04:03 PM 45 tada.wav 352 | 353 | Directory of C:\WINDOWS\SYSTEM32 354 | 355 | 01/23/2003 04:03 PM . 356 | 01/23/2003 04:03 PM .. 357 | 01/23/2003 04:03 PM 1025 358 | 01/23/2003 04:03 PM 1028 359 | 01/23/2003 04:03 PM 1031 360 | 01/23/2003 04:03 PM 1033 361 | 01/23/2003 04:03 PM 1037 362 | 01/23/2003 04:03 PM 1041 363 | 01/23/2003 04:03 PM 1042 364 | 01/23/2003 04:03 PM 1054 365 | 01/23/2003 04:03 PM 1 12520437.cpx 366 | 01/23/2003 04:03 PM 1 12520850.cpx 367 | 01/23/2003 04:03 PM 2052 368 | 01/23/2003 04:03 PM 3076 369 | 01/23/2003 04:03 PM 71,680 AACLIENT.DLL 370 | 01/23/2003 04:03 PM 2,048 ACLEDIT.DLL 371 | 01/23/2003 04:03 PM 48,640 ACLUI.DLL 372 | 01/23/2003 04:03 PM 54,784 ACTIVEDS.DLL 373 | 01/23/2003 04:03 PM 33,792 ACTXPRXY.DLL 374 | 01/23/2003 04:03 PM 44,032 ADMPARSE.DLL 375 | 01/23/2003 04:03 PM 4,608 ADPTIF.DLL 376 | 01/23/2003 04:03 PM 171,520 ADSLDP.DLL 377 | 01/23/2003 04:03 PM 91,648 ADSLDPC.DLL 378 | 01/23/2003 04:03 PM 12,288 ADSMSEXT.DLL 379 | 01/23/2003 04:03 PM 182,784 ADSNT.DLL 380 | 01/23/2003 04:03 PM 405,504 ADVAPI32.DLL 381 | 01/23/2003 04:03 PM 24,064 ADVPACK.DLL 382 | 01/23/2003 04:03 PM 71,680 AMSTREAM.DLL 383 | 01/23/2003 04:03 PM 3,072 API-MS-WIN-CORE-HEAP-L1-1-0.DLL 384 | 01/23/2003 04:03 PM 3,072 API-MS-WIN-CORE-IO-L1-1-0.DLL 385 | 01/23/2003 04:03 PM 3,072 API-MS-WIN-CORE-LOCALIZATION-L1-1-0.DLL 386 | 01/23/2003 04:03 PM 3,072 API-MS-WIN-CORE-NAMEDPIPE-L1-1-0.DLL 387 | 01/23/2003 04:03 PM 3,072 API-MS-WIN-CORE-PROCESSENVIRONMENT-L1-1-0.DLL 388 | 01/23/2003 04:03 PM 3,072 API-MS-WIN-CORE-PROCESSTHREADS-L1-1-0.DLL 389 | 01/23/2003 04:03 PM 125,952 APPHELP.DLL 390 | 01/23/2003 04:03 PM 4,096 APPMGMTS.DLL 391 | 01/23/2003 04:03 PM 3,072 APPWIZ.CPL 392 | 01/23/2003 04:03 PM 44,032 ASYCFILT.DLL 393 | 01/23/2003 04:03 PM 124,928 ATL.DLL 394 | 01/23/2003 04:03 PM 2,560 ATL100.DLL 395 | 01/23/2003 04:03 PM 55,296 ATMLIB.DLL 396 | 01/23/2003 04:03 PM 33,280 AUTHZ.DLL 397 | 01/23/2003 04:03 PM 1 AUTOEXEC.NT 398 | 01/23/2003 04:03 PM 74,240 AVICAP32.DLL 399 | 01/23/2003 04:03 PM 84,480 AVIFIL32.DLL 400 | 01/23/2003 04:03 PM 185,344 AZROLES.DLL 401 | 01/23/2003 04:03 PM 2,048 BASESRV.DLL 402 | 01/23/2003 04:03 PM 17,408 BATMETER.DLL 403 | 01/23/2003 04:03 PM 17,408 BIDISPL.DLL 404 | 01/23/2003 04:03 PM 1,024 BITSPRX2.DLL 405 | 01/23/2003 04:03 PM 1,024 BITSPRX3.DLL 406 | 01/23/2003 04:03 PM 17,408 BLACKBOX.DLL 407 | 01/23/2003 04:03 PM 1,024 BOOTVID.DLL 408 | 01/23/2003 04:03 PM 3,584 BROWSEUI.DLL 409 | 01/23/2003 04:03 PM 29,696 BTPANUI.DLL 410 | 01/23/2003 04:03 PM 74,240 CABINET.DLL 411 | 01/23/2003 04:03 PM 20,480 CABVIEW.DLL 412 | 01/23/2003 04:03 PM 2,048 CARDS.DLL 413 | 01/23/2003 04:03 PM 179,200 CATSRV.DLL 414 | 01/23/2003 04:03 PM 3,584 CATSRVPS.DLL 415 | 01/23/2003 04:03 PM 438,784 CATSRVUT.DLL 416 | 01/23/2003 04:03 PM 711,168 CDOSYS.DLL 417 | 01/23/2003 04:03 PM 153,600 CERTCLI.DLL 418 | 01/23/2003 04:03 PM 121,856 CERTMGR.DLL 419 | 01/23/2003 04:03 PM 32,768 CEWMDM.DLL 420 | 01/23/2003 04:03 PM 34,816 CFGBKEND.DLL 421 | 01/23/2003 04:03 PM 16,384 CFGMGR32.DLL 422 | 01/23/2003 04:03 PM 136,704 CIC.DLL 423 | 01/23/2003 04:03 PM 2,048 CLB.DLL 424 | 01/23/2003 04:03 PM 315,392 CLBCATQ.DLL 425 | 01/23/2003 04:03 PM 49,152 CLICONFG.DLL 426 | 01/23/2003 04:03 PM 7,680 CLUSAPI.DLL 427 | 01/23/2003 04:03 PM 13,824 CMCFG32.DLL 428 | 01/23/2003 04:03 PM 198,144 CMDIAL32.DLL 429 | 01/23/2003 04:03 PM 13,824 CMPBK32.DLL 430 | 01/23/2003 04:03 PM 42,496 CMUTIL.DLL 431 | 01/23/2003 04:03 PM 23,552 CNVFAT.DLL 432 | 01/23/2003 04:03 PM 59,392 COLBACT.DLL 433 | 01/23/2003 04:03 PM 4,096 COMCAT.DLL 434 | 01/23/2003 04:03 PM 592,896 COMCTL32.DLL 435 | 01/23/2003 04:03 PM 201,216 COMDLG32.DLL 436 | 01/23/2003 04:03 PM 36,864 COMPSTUI.DLL 437 | 01/23/2003 04:03 PM 15,872 COMREPL.DLL 438 | 01/23/2003 04:03 PM 132,096 COMSNAP.DLL 439 | 01/23/2003 04:03 PM 53,760 COMSVCS.DLL 440 | 01/23/2003 04:03 PM 219,648 COMUID.DLL 441 | 01/23/2003 04:03 PM 1 CONFIG.NT 442 | 01/23/2003 04:03 PM 1 CONFIG.TMP 443 | 01/23/2003 04:03 PM 28,672 CONSOLE.DLL 444 | 01/23/2003 04:03 PM 12,288 CREDSSP.DLL 445 | 01/23/2003 04:03 PM 132,608 CREDUI.DLL 446 | 01/23/2003 04:03 PM 31,744 CRTDLL.DLL 447 | 01/23/2003 04:03 PM 699,392 CRYPT32.DLL 448 | 01/23/2003 04:03 PM 58,880 CRYPTDLG.DLL 449 | 01/23/2003 04:03 PM 3,584 CRYPTDLL.DLL 450 | 01/23/2003 04:03 PM 40,960 CRYPTEXT.DLL 451 | 01/23/2003 04:03 PM 68,608 CRYPTNET.DLL 452 | 01/23/2003 04:03 PM 4,096 CRYPTSVC.DLL 453 | 01/23/2003 04:03 PM 102,400 CRYPTUI.DLL 454 | 01/23/2003 04:03 PM 4,096 CSRSRV.DLL 455 | 01/23/2003 04:03 PM 16,384 CTL3D32.DLL 456 | 01/23/2003 04:03 PM 9,216 CYGWIN1.DLL 457 | 01/23/2003 04:03 PM CatRoot 458 | 01/23/2003 04:03 PM CatRoot2 459 | 01/23/2003 04:03 PM 52,224 D3D10.DLL 460 | 01/23/2003 04:03 PM 185,856 D3D8.DLL 461 | 01/23/2003 04:03 PM 6,144 D3D8THK.DLL 462 | 01/23/2003 04:03 PM 139,264 D3D9.DLL 463 | 01/23/2003 04:03 PM 309,760 D3DIM.DLL 464 | 01/23/2003 04:03 PM 50,176 D3DIM700.DLL 465 | 01/23/2003 04:03 PM 648,704 D3DRAMP.DLL 466 | 01/23/2003 04:03 PM 18,432 D3DX9_30.DLL 467 | 01/23/2003 04:03 PM 10,240 D3DXOF.DLL 468 | 01/23/2003 04:03 PM 3,072 DATACLEN.DLL 469 | 01/23/2003 04:03 PM 25,088 DAVCLNT.DLL 470 | 01/23/2003 04:03 PM 18,944 DBGENG.DLL 471 | 01/23/2003 04:03 PM 182,784 DBGHELP.DLL 472 | 01/23/2003 04:03 PM 3,072 DBMSRPCN.DLL 473 | 01/23/2003 04:03 PM 71,168 DBNETLIB.DLL 474 | 01/23/2003 04:03 PM 14,848 DBNMPNTW.DLL 475 | 01/23/2003 04:03 PM 2,560 DCIMAN32.DLL 476 | 01/23/2003 04:03 PM 6,144 DDRAW.DLL 477 | 01/23/2003 04:03 PM 23,552 DDRAWEX.DLL 478 | 01/23/2003 04:03 PM 19,968 DESK.CPL 479 | 01/23/2003 04:03 PM 11,264 DESKMON.DLL 480 | 01/23/2003 04:03 PM 8,192 DESKPERF.DLL 481 | 01/23/2003 04:03 PM 48,128 DEVENUM.DLL 482 | 01/23/2003 04:03 PM 95,232 DEVMGR.DLL 483 | 01/23/2003 04:03 PM 16,384 DFSSHLEX.DLL 484 | 01/23/2003 04:03 PM 17,408 DHCPCSVC.DLL 485 | 01/23/2003 04:03 PM 8,704 DHCPSAPI.DLL 486 | 01/23/2003 04:03 PM 37,376 DIMSROAM.DLL 487 | 01/23/2003 04:03 PM 20,992 DINPUT.DLL 488 | 01/23/2003 04:03 PM 87,040 DINPUT8.DLL 489 | 01/23/2003 04:03 PM 3,072 DISKCOPY.DLL 490 | 01/23/2003 04:03 PM 19,968 DISPEX.DLL 491 | 01/23/2003 04:03 PM 24,576 DMBAND.DLL 492 | 01/23/2003 04:03 PM 45,568 DMCOMPOS.DLL 493 | 01/23/2003 04:03 PM 28,672 DMDLGS.DLL 494 | 01/23/2003 04:03 PM 97,792 DMDSKMGR.DLL 495 | 01/23/2003 04:03 PM 156,672 DMIME.DLL 496 | 01/23/2003 04:03 PM 18,432 DMINTF.DLL 497 | 01/23/2003 04:03 PM 16,384 DMLOADER.DLL 498 | 01/23/2003 04:03 PM 18,432 DMOCX.DLL 499 | 01/23/2003 04:03 PM 12,800 DMSCRIPT.DLL 500 | 01/23/2003 04:03 PM 7,680 DMSTYLE.DLL 501 | 01/23/2003 04:03 PM 10,240 DMSYNTH.DLL 502 | 01/23/2003 04:03 PM 15,360 DMUSIC.DLL 503 | 01/23/2003 04:03 PM 14,336 DMUTIL.DLL 504 | 01/23/2003 04:03 PM 2,560 DMVIEW.OCX 505 | 01/23/2003 04:03 PM 71,680 DNSAPI.DLL 506 | 01/23/2003 04:03 PM 24,064 DOCPROP.DLL 507 | 01/23/2003 04:03 PM 37,376 DOT3GPCLNT.DLL 508 | 01/23/2003 04:03 PM 57,344 DOT3MSM.DLL 509 | 01/23/2003 04:03 PM 6,656 DOT3UI.DLL 510 | 01/23/2003 04:03 PM 103,936 DPLAYX.DLL 511 | 01/23/2003 04:03 PM 16,384 DPMODEMX.DLL 512 | 01/23/2003 04:03 PM 270,848 DPNET.DLL 513 | 01/23/2003 04:03 PM 34,304 DPNHPAST.DLL 514 | 01/23/2003 04:03 PM 3,072 DPNHUPNP.DLL 515 | 01/23/2003 04:03 PM 39,936 DPWSOCKX.DLL 516 | 01/23/2003 04:03 PM 93,696 DRMV2CLT.DLL 517 | 01/23/2003 04:03 PM 13,824 DRPROV.DLL 518 | 01/23/2003 04:03 PM 3,584 DSAUTH.DLL 519 | 01/23/2003 04:03 PM 92,160 DSDMO.DLL 520 | 01/23/2003 04:03 PM 14,848 DSKQUOTA.DLL 521 | 01/23/2003 04:03 PM 7,168 DSKQUOUI.DLL 522 | 01/23/2003 04:03 PM 379,904 DSOUND.DLL 523 | 01/23/2003 04:03 PM 12,800 DSPROP.DLL 524 | 01/23/2003 04:03 PM 17,408 DSQUERY.DLL 525 | 01/23/2003 04:03 PM 44,544 DSSEC.DLL 526 | 01/23/2003 04:03 PM 11,264 DSSENH.DLL 527 | 01/23/2003 04:03 PM 11,776 DSUIEXT.DLL 528 | 01/23/2003 04:03 PM 27,136 DSWAVE.DLL 529 | 01/23/2003 04:03 PM 116,224 DUSER.DLL 530 | 01/23/2003 04:03 PM 26,624 DXDIAGN.DLL 531 | 01/23/2003 04:03 PM 51,200 DXTMSFT.DLL 532 | 01/23/2003 04:03 PM 224,768 DXTRANS.DLL 533 | 01/23/2003 04:03 PM 5,120 DXVA2.DLL 534 | 01/23/2003 04:03 PM DirectX 535 | 01/23/2003 04:03 PM 35,328 EAPP3HST.DLL 536 | 01/23/2003 04:03 PM 35,328 EAPPCFG.DLL 537 | 01/23/2003 04:03 PM 25,600 EAPPGNUI.DLL 538 | 01/23/2003 04:03 PM 32,256 EAPPHOST.DLL 539 | 01/23/2003 04:03 PM 40,960 EAPPPRXY.DLL 540 | 01/23/2003 04:03 PM 40,960 EAPQEC.DLL 541 | 01/23/2003 04:03 PM 23,552 EFSADU.DLL 542 | 01/23/2003 04:03 PM 160,256 ELS.DLL 543 | 01/23/2003 04:03 PM 17,920 ENCAPI.DLL 544 | 01/23/2003 04:03 PM 18,944 ENCDEC.DLL 545 | 01/23/2003 04:03 PM 108,032 ES.DLL 546 | 01/23/2003 04:03 PM 228,864 ESENT.DLL 547 | 01/23/2003 04:03 PM 19,456 ESENTPRF.DLL 548 | 01/23/2003 04:03 PM 20,480 EVENTCLS.DLL 549 | 01/23/2003 04:03 PM 248,320 EXPSRV.DLL 550 | 01/23/2003 04:03 PM 11,776 FAULTREP.DLL 551 | 01/23/2003 04:03 PM 25,088 FDE.DLL 552 | 01/23/2003 04:03 PM 11,776 FDEPLOY.DLL 553 | 01/23/2003 04:03 PM 20,480 FECLIENT.DLL 554 | 01/23/2003 04:03 PM 202,752 FILEMGMT.DLL 555 | 01/23/2003 04:03 PM 10,752 FLTLIB.DLL 556 | 01/23/2003 04:03 PM 16,384 FMIFS.DLL 557 | 01/23/2003 04:03 PM 52,736 FONTEXT.DLL 558 | 01/23/2003 04:03 PM 12,800 FONTSUB.DLL 559 | 01/23/2003 04:03 PM 46,592 FWCFG.DLL 560 | 01/23/2003 04:03 PM 2,560 G711CODC.AX 561 | 01/23/2003 04:03 PM 10,752 GCDEF.DLL 562 | 01/23/2003 04:03 PM 294,912 GDI32.DLL 563 | 01/23/2003 04:03 PM 29,696 GDIPLUS.DLL 564 | 01/23/2003 04:03 PM 122,368 GLMF32.DLL 565 | 01/23/2003 04:03 PM 73,728 GLU32.DLL 566 | 01/23/2003 04:03 PM 514,560 GPEDIT.DLL 567 | 01/23/2003 04:03 PM 24,064 GPTEXT.DLL 568 | 01/23/2003 04:03 PM 104,960 HAL.DLL 569 | 01/23/2003 04:03 PM 19,968 HDWWIZ.CPL 570 | 01/23/2003 04:03 PM 3,072 HHCTRL.OCX 571 | 01/23/2003 04:03 PM 43,008 HHSETUP.DLL 572 | 01/23/2003 04:03 PM 24,576 HID.DLL 573 | 01/23/2003 04:03 PM 11,264 HLINK.DLL 574 | 01/23/2003 04:03 PM 120,320 HNETCFG.DLL 575 | 01/23/2003 04:03 PM 8,192 HTTPAPI.DLL 576 | 01/23/2003 04:03 PM 29,696 HTUI.DLL 577 | 01/23/2003 04:03 PM 5,632 IASACCT.DLL 578 | 01/23/2003 04:03 PM 26,624 IASADS.DLL 579 | 01/23/2003 04:03 PM 7,680 IASHLPR.DLL 580 | 01/23/2003 04:03 PM 11,776 IASNAP.DLL 581 | 01/23/2003 04:03 PM 14,848 IASPOLCY.DLL 582 | 01/23/2003 04:03 PM 30,720 IASRAD.DLL 583 | 01/23/2003 04:03 PM 20,480 IASRECST.DLL 584 | 01/23/2003 04:03 PM 15,872 IASSAM.DLL 585 | 01/23/2003 04:03 PM 32,256 IASSDO.DLL 586 | 01/23/2003 04:03 PM 6,656 IASSVCS.DLL 587 | 01/23/2003 04:03 PM 7,168 ICCVID.DLL 588 | 01/23/2003 04:03 PM 11,264 ICM32.DLL 589 | 01/23/2003 04:03 PM 2,560 ICMP.DLL 590 | 01/23/2003 04:03 PM 13,312 ICMUI.DLL 591 | 01/23/2003 04:03 PM 3,072 IEAKENG.DLL 592 | 01/23/2003 04:03 PM 94,208 IEDKCS32.DLL 593 | 01/23/2003 04:03 PM 30,208 IEPEERS.DLL 594 | 01/23/2003 04:03 PM 46,080 IERNONCE.DLL 595 | 01/23/2003 04:03 PM 6,656 IESETUP.DLL 596 | 01/23/2003 04:03 PM 11,776 IFMON.DLL 597 | 01/23/2003 04:03 PM 8,704 IFSUTIL.DLL 598 | 01/23/2003 04:03 PM 163,328 IMAGEHLP.DLL 599 | 01/23/2003 04:03 PM IME 600 | 01/23/2003 04:03 PM 34,816 IMGUTIL.DLL 601 | 01/23/2003 04:03 PM 16,896 IMM32.DLL 602 | 01/23/2003 04:03 PM 98,816 INETCOMM.DLL 603 | 01/23/2003 04:03 PM 15,872 INETCPL.CPL 604 | 01/23/2003 04:03 PM 8,704 INETMIB1.DLL 605 | 01/23/2003 04:03 PM 15,872 INPUT.DLL 606 | 01/23/2003 04:03 PM 16,384 INSENG.DLL 607 | 01/23/2003 04:03 PM 3,072 IOLOGMSG.DLL 608 | 01/23/2003 04:03 PM 95,744 IPHLPAPI.DLL 609 | 01/23/2003 04:03 PM 3,072 IPRTPRIO.DLL 610 | 01/23/2003 04:03 PM 33,280 IPRTRMGR.DLL 611 | 01/23/2003 04:03 PM 28,160 IPSECSNP.DLL 612 | 01/23/2003 04:03 PM 195,584 IPSMSNAP.DLL 613 | 01/23/2003 04:03 PM 45,568 IR41_QC.DLL 614 | 01/23/2003 04:03 PM 8,192 IR41_QCX.DLL 615 | 01/23/2003 04:03 PM 349,184 IR50_32.DLL 616 | 01/23/2003 04:03 PM 9,728 IR50_QC.DLL 617 | 01/23/2003 04:03 PM 10,752 IR50_QCX.DLL 618 | 01/23/2003 04:03 PM 6,144 IRPROPS.CPL 619 | 01/23/2003 04:03 PM 24,064 ITIRCL.DLL 620 | 01/23/2003 04:03 PM 14,848 ITSS.DLL 621 | 01/23/2003 04:03 PM 3,072 IVFSRC.AX 622 | 01/23/2003 04:03 PM 12,800 IYUV_32.DLL 623 | 01/23/2003 04:03 PM 2,560 JOY.CPL 624 | 01/23/2003 04:03 PM 89,088 JSCRIPT.DLL 625 | 01/23/2003 04:03 PM 11,264 JSPROXY.DLL 626 | 01/23/2003 04:03 PM 3,584 KBDBU.DLL 627 | 01/23/2003 04:03 PM 4,096 KBDFR.DLL 628 | 01/23/2003 04:03 PM 3,584 KBDGR.DLL 629 | 01/23/2003 04:03 PM 3,584 KBDGR1.DLL 630 | 01/23/2003 04:03 PM 3,072 KBDSG.DLL 631 | 01/23/2003 04:03 PM 419,328 KERNEL32.DLL 632 | 01/23/2003 04:03 PM 4,096 KERNELBASE.DLL 633 | 01/23/2003 04:03 PM 26,624 KEYMGR.DLL 634 | 01/23/2003 04:03 PM 3,072 LIBGCC_S_DW2-1.DLL 635 | 01/23/2003 04:03 PM 3,072 LIBGCJ-12.DLL 636 | 01/23/2003 04:03 PM 22,528 LINKINFO.DLL 637 | 01/23/2003 04:03 PM 18,432 LOADPERF.DLL 638 | 01/23/2003 04:03 PM 30,208 LOCALSEC.DLL 639 | 01/23/2003 04:03 PM 51,200 LOGHOURS.DLL 640 | 01/23/2003 04:03 PM 21,504 LPK.DLL 641 | 01/23/2003 04:03 PM 1,536 LZ32.DLL 642 | 01/23/2003 04:03 PM 2,560 MAIN.CPL 643 | 01/23/2003 04:03 PM 48,128 MAPI32.DLL 644 | 01/23/2003 04:03 PM 20,480 MAPISTUB.DLL 645 | 01/23/2003 04:03 PM 10,752 MCIAVI32.DLL 646 | 01/23/2003 04:03 PM 4,096 MCICDA.DLL 647 | 01/23/2003 04:03 PM 3,072 MCIOLE32.DLL 648 | 01/23/2003 04:03 PM 19,968 MCIQTZ32.DLL 649 | 01/23/2003 04:03 PM 22,016 MCISEQ.DLL 650 | 01/23/2003 04:03 PM 17,408 MCIWAVE.DLL 651 | 01/23/2003 04:03 PM 39,936 MDMINST.DLL 652 | 01/23/2003 04:03 PM 43,008 MF3216.DLL 653 | 01/23/2003 04:03 PM 132,608 MFC100.DLL 654 | 01/23/2003 04:03 PM 133,120 MFC100U.DLL 655 | 01/23/2003 04:03 PM 160,256 MFC40.DLL 656 | 01/23/2003 04:03 PM 86,016 MFC40U.DLL 657 | 01/23/2003 04:03 PM 1,028,096 MFC42.DLL 658 | 01/23/2003 04:03 PM 981,760 MFC42U.DLL 659 | 01/23/2003 04:03 PM 101,376 MFC71.DLL 660 | 01/23/2003 04:03 PM 101,376 MFC71U.DLL 661 | 01/23/2003 04:03 PM 103,424 MFC80.DLL 662 | 01/23/2003 04:03 PM 103,424 MFC80U.DLL 663 | 01/23/2003 04:03 PM 132,096 MFC90.DLL 664 | 01/23/2003 04:03 PM 132,096 MFC90U.DLL 665 | 01/23/2003 04:03 PM 2,560 MFCSUBS.DLL 666 | 01/23/2003 04:03 PM 14,848 MGMTAPI.DLL 667 | 01/23/2003 04:03 PM 9,216 MICROSOFT.VISUALBASIC.DLL 668 | 01/23/2003 04:03 PM 28,160 MLANG.DLL 669 | 01/23/2003 04:03 PM 834,048 MMCNDMGR.DLL 670 | 01/23/2003 04:03 PM 48,128 MMCSHEXT.DLL 671 | 01/23/2003 04:03 PM 267,264 MMSYS.CPL 672 | 01/23/2003 04:03 PM 4,096 MODEMUI.DLL 673 | 01/23/2003 04:03 PM 3,072 MORICONS.DLL 674 | 01/23/2003 04:03 PM 189,440 MPADVFN.DLL 675 | 01/23/2003 04:03 PM 5,120 MPG2SPLT.AX 676 | 01/23/2003 04:03 PM 6,656 MPR.DLL 677 | 01/23/2003 04:03 PM 58,880 MPRAPI.DLL 678 | 01/23/2003 04:03 PM 4,608 MPRDDM.DLL 679 | 01/23/2003 04:03 PM 2,560 MPRDIM.DLL 680 | 01/23/2003 04:03 PM 76,800 MPRMSG.DLL 681 | 01/23/2003 04:03 PM 3,072 MQPERF.DLL 682 | 01/23/2003 04:03 PM 4,096 MQRT.DLL 683 | 01/23/2003 04:03 PM 2,048 MQSEC.DLL 684 | 01/23/2003 04:03 PM 2,048 MQUTIL.DLL 685 | 01/23/2003 04:03 PM 138,240 MSAATEXT.DLL 686 | 01/23/2003 04:03 PM 6,144 MSACM32.DLL 687 | 01/23/2003 04:03 PM 79,360 MSADO15.DLL 688 | 01/23/2003 04:03 PM 14,848 MSASN1.DLL 689 | 01/23/2003 04:03 PM 6,656 MSCAT32.DLL 690 | 01/23/2003 04:03 PM 22,528 MSCMS.DLL 691 | 01/23/2003 04:03 PM 3,584 MSCOREE.DLL 692 | 01/23/2003 04:03 PM 90,112 MSCORLIB.DLL 693 | 01/23/2003 04:03 PM 19,968 MSCPXL32.DLL 694 | 01/23/2003 04:03 PM 117,760 MSCTF.DLL 695 | 01/23/2003 04:03 PM 39,936 MSCTFP.DLL 696 | 01/23/2003 04:03 PM 4,608 MSDART.DLL 697 | 01/23/2003 04:03 PM 11,264 MSDMO.DLL 698 | 01/23/2003 04:03 PM 159,744 MSDTCPRX.DLL 699 | 01/23/2003 04:03 PM 33,280 MSDTCUIU.DLL 700 | 01/23/2003 04:03 PM 3,584 MSDXM.OCX 701 | 01/23/2003 04:03 PM 360,448 MSEXCH40.DLL 702 | 01/23/2003 04:03 PM 28,672 MSEXCL40.DLL 703 | 01/23/2003 04:03 PM 121,856 MSFTEDIT.DLL 704 | 01/23/2003 04:03 PM 3,072 MSGINA.DLL 705 | 01/23/2003 04:03 PM 124,928 MSHTML.DLL 706 | 01/23/2003 04:03 PM 3,072 MSHTMLED.DLL 707 | 01/23/2003 04:03 PM 195,584 MSI.DLL 708 | 01/23/2003 04:03 PM 39,936 MSIDENT.DLL 709 | 01/23/2003 04:03 PM 31,744 MSIHND.DLL 710 | 01/23/2003 04:03 PM 2,560 MSIMG32.DLL 711 | 01/23/2003 04:03 PM 8,704 MSINET.OCX 712 | 01/23/2003 04:03 PM 12,288 MSISIP.DLL 713 | 01/23/2003 04:03 PM 118,272 MSJET40.DLL 714 | 01/23/2003 04:03 PM 40,960 MSJETOLEDB40.DLL 715 | 01/23/2003 04:03 PM 18,432 MSJTER40.DLL 716 | 01/23/2003 04:03 PM 2,560 MSLS31.DLL 717 | 01/23/2003 04:03 PM 4,096 MSNETOBJ.DLL 718 | 01/23/2003 04:03 PM 114,176 MSOEACCT.DLL 719 | 01/23/2003 04:03 PM 3,072 MSOERT2.DLL 720 | 01/23/2003 04:03 PM 137,216 MSORCL32.DLL 721 | 01/23/2003 04:03 PM 28,160 MSPATCHA.DLL 722 | 01/23/2003 04:03 PM 32,256 MSPBDE40.DLL 723 | 01/23/2003 04:03 PM 3,584 MSPMSNSV.DLL 724 | 01/23/2003 04:03 PM 9,216 MSPORTS.DLL 725 | 01/23/2003 04:03 PM 4,608 MSRATING.DLL 726 | 01/23/2003 04:03 PM 28,672 MSRD2X40.DLL 727 | 01/23/2003 04:03 PM 30,720 MSRD3X40.DLL 728 | 01/23/2003 04:03 PM 65,024 MSREPL40.DLL 729 | 01/23/2003 04:03 PM 13,824 MSRLE32.DLL 730 | 01/23/2003 04:03 PM 43,520 MSSCP.DLL 731 | 01/23/2003 04:03 PM 3,584 MSSCRIPT.OCX 732 | 01/23/2003 04:03 PM 39,424 MSSHA.DLL 733 | 01/23/2003 04:03 PM 5,120 MSSIGN32.DLL 734 | 01/23/2003 04:03 PM 2,560 MSSIP32.DLL 735 | 01/23/2003 04:03 PM 2,560 MSSWCH.DLL 736 | 01/23/2003 04:03 PM 25,600 MSTEXT40.DLL 737 | 01/23/2003 04:03 PM 447,488 MSTIME.DLL 738 | 01/23/2003 04:03 PM 547,328 MSTSCAX.DLL 739 | 01/23/2003 04:03 PM 32,256 MSUTB.DLL 740 | 01/23/2003 04:03 PM 41,472 MSVBVM50.DLL 741 | 01/23/2003 04:03 PM 1,392,671 MSVBVM60.DLL 742 | 01/23/2003 04:03 PM 2,560 MSVCIRT.DLL 743 | 01/23/2003 04:03 PM 267,264 MSVCP100.DLL 744 | 01/23/2003 04:03 PM 267,264 MSVCP110.DLL 745 | 01/23/2003 04:03 PM 267,264 MSVCP120.DLL 746 | 01/23/2003 04:03 PM 211,968 MSVCP50.DLL 747 | 01/23/2003 04:03 PM 413,696 MSVCP60.DLL 748 | 01/23/2003 04:03 PM 343,552 MSVCP70.DLL 749 | 01/23/2003 04:03 PM 499,712 MSVCP71.DLL 750 | 01/23/2003 04:03 PM 349,184 MSVCP80.DLL 751 | 01/23/2003 04:03 PM 351,744 MSVCP90.DLL 752 | 01/23/2003 04:03 PM 83,456 MSVCR100.DLL 753 | 01/23/2003 04:03 PM 83,456 MSVCR100D.DLL 754 | 01/23/2003 04:03 PM 95,744 MSVCR110.DLL 755 | 01/23/2003 04:03 PM 83,456 MSVCR110D.DLL 756 | 01/23/2003 04:03 PM 95,744 MSVCR120.DLL 757 | 01/23/2003 04:03 PM 83,456 MSVCR120D.DLL 758 | 01/23/2003 04:03 PM 35,840 MSVCR70.DLL 759 | 01/23/2003 04:03 PM 348,160 MSVCR71.DLL 760 | 01/23/2003 04:03 PM 62,976 MSVCR80.DLL 761 | 01/23/2003 04:03 PM 62,976 MSVCR80D.DLL 762 | 01/23/2003 04:03 PM 62,464 MSVCR90.DLL 763 | 01/23/2003 04:03 PM 62,976 MSVCR90D.DLL 764 | 01/23/2003 04:03 PM 503,808 MSVCRT.DLL 765 | 01/23/2003 04:03 PM 63,488 MSVCRT20.DLL 766 | 01/23/2003 04:03 PM 69,632 MSVCRT40.DLL 767 | 01/23/2003 04:03 PM 8,192 MSVFW32.DLL 768 | 01/23/2003 04:03 PM 21,504 MSVIDC32.DLL 769 | 01/23/2003 04:03 PM 19,456 MSVIDCTL.DLL 770 | 01/23/2003 04:03 PM 25,600 MSWMDM.DLL 771 | 01/23/2003 04:03 PM 68,608 MSWSOCK.DLL 772 | 01/23/2003 04:03 PM 36,864 MSXBDE40.DLL 773 | 01/23/2003 04:03 PM 119,296 MSXML3.DLL 774 | 01/23/2003 04:03 PM 247,808 MSXML6.DLL 775 | 01/23/2003 04:03 PM 23,040 MSYUV.DLL 776 | 01/23/2003 04:03 PM 27,136 MTXDM.DLL 777 | 01/23/2003 04:03 PM 3,072 MTXLEGIH.DLL 778 | 01/23/2003 04:03 PM 4,096 MYCOMPUT.DLL 779 | 01/23/2003 04:03 PM Microsoft 780 | 01/23/2003 04:03 PM 23,552 NAPIPSEC.DLL 781 | 01/23/2003 04:03 PM 24,576 NAPMONTR.DLL 782 | 01/23/2003 04:03 PM 35,328 NCOBJAPI.DLL 783 | 01/23/2003 04:03 PM 1,024 NDDEAPI.DLL 784 | 01/23/2003 04:03 PM 13,824 NDIS.SYS 785 | 01/23/2003 04:03 PM 67,584 NETAPI32.DLL 786 | 01/23/2003 04:03 PM 406,528 NETCFGX.DLL 787 | 01/23/2003 04:03 PM 28,672 NETID.DLL 788 | 01/23/2003 04:03 PM 20,992 NETPLWIZ.DLL 789 | 01/23/2003 04:03 PM 2,048 NETSH.EXE 790 | 01/23/2003 04:03 PM 549,376 NETSHELL.DLL 791 | 01/23/2003 04:03 PM 18,432 NEWDEV.DLL 792 | 01/23/2003 04:03 PM 116,736 NLHTML.DLL 793 | 01/23/2003 04:03 PM 4,096 NPPTOOLS.DLL 794 | 01/23/2003 04:03 PM 1,536 NPWMSDRM.DLL 795 | 01/23/2003 04:03 PM 2,560 NSI.DLL 796 | 01/23/2003 04:03 PM 648,704 NTDLL.DLL 797 | 01/23/2003 04:03 PM 47,616 NTDSAPI.DLL 798 | 01/23/2003 04:03 PM 42,496 NTLANMAN.DLL 799 | 01/23/2003 04:03 PM 23,040 NTLANUI2.DLL 800 | 01/23/2003 04:03 PM 80,384 NTMARTA.DLL 801 | 01/23/2003 04:03 PM 1,205,248 NTOSKRNL.EXE 802 | 01/23/2003 04:03 PM 11,776 NTPRINT.DLL 803 | 01/23/2003 04:03 PM 10,752 NTSHRUI.DLL 804 | 01/23/2003 04:03 PM 125,440 OBJSEL.DLL 805 | 01/23/2003 04:03 PM 11,776 OCCACHE.DLL 806 | 01/23/2003 04:03 PM 57,856 ODBC32.DLL 807 | 01/23/2003 04:03 PM 13,312 ODBCBCP.DLL 808 | 01/23/2003 04:03 PM 53,248 ODBCCONF.DLL 809 | 01/23/2003 04:03 PM 83,456 ODBCCP32.DLL 810 | 01/23/2003 04:03 PM 27,136 ODBCJT32.DLL 811 | 01/23/2003 04:03 PM 69,632 ODBCTRAC.DLL 812 | 01/23/2003 04:03 PM 3,072 ODFOX32.DLL 813 | 01/23/2003 04:03 PM 3,072 ODPDX32.DLL 814 | 01/23/2003 04:03 PM 3,072 OFFFILT.DLL 815 | 01/23/2003 04:03 PM 1,077,760 OLE32.DLL 816 | 01/23/2003 04:03 PM 113,664 OLEACC.DLL 817 | 01/23/2003 04:03 PM 492,032 OLEAUT32.DLL 818 | 01/23/2003 04:03 PM 11,776 OLECLI32.DLL 819 | 01/23/2003 04:03 PM 14,336 OLEDLG.DLL 820 | 01/23/2003 04:03 PM 3,584 OLEPRO32.DLL 821 | 01/23/2003 04:03 PM 19,968 OLESVR32.DLL 822 | 01/23/2003 04:03 PM 74,240 OPENGL32.DLL 823 | 01/23/2003 04:03 PM 1 OUTLPERF.H 824 | 01/23/2003 04:03 PM 98,816 P2P.DLL 825 | 01/23/2003 04:03 PM 23,552 P2PGRAPH.DLL 826 | 01/23/2003 04:03 PM 187,392 PDH.DLL 827 | 01/23/2003 04:03 PM 20,992 PERFCTRS.DLL 828 | 01/23/2003 04:03 PM 20,992 PERFDISK.DLL 829 | 01/23/2003 04:03 PM 16,384 PERFOS.DLL 830 | 01/23/2003 04:03 PM 12,800 PERFPROC.DLL 831 | 01/23/2003 04:03 PM 9,216 PERFTS.DLL 832 | 01/23/2003 04:03 PM 2,560 PID.DLL 833 | 01/23/2003 04:03 PM 2,560 PNGFILT.DLL 834 | 01/23/2003 04:03 PM 39,424 PNRPNSP.DLL 835 | 01/23/2003 04:03 PM 6,144 POLSTORE.DLL 836 | 01/23/2003 04:03 PM 3,072 POWERCFG.CPL 837 | 01/23/2003 04:03 PM 20,992 POWRPROF.DLL 838 | 01/23/2003 04:03 PM 3,072 PRFLBMSG.DLL 839 | 01/23/2003 04:03 PM 55,808 PRINTUI.DLL 840 | 01/23/2003 04:03 PM 10,752 PSAPI.DLL 841 | 01/23/2003 04:03 PM 24,064 PSTOREC.DLL 842 | 01/23/2003 04:03 PM 30,208 PSTORSVC.DLL 843 | 01/23/2003 04:03 PM 1 PerfStringBackup.INI 844 | 01/23/2003 04:03 PM 33,792 QAGENT.DLL 845 | 01/23/2003 04:03 PM 199,168 QASF.DLL 846 | 01/23/2003 04:03 PM 174,080 QCAP.DLL 847 | 01/23/2003 04:03 PM 44,032 QCLIPROV.DLL 848 | 01/23/2003 04:03 PM 224,256 QDV.DLL 849 | 01/23/2003 04:03 PM 182,784 QDVD.DLL 850 | 01/23/2003 04:03 PM 64,512 QEDIT.DLL 851 | 01/23/2003 04:03 PM 13,824 QMGRPRXY.DLL 852 | 01/23/2003 04:03 PM 182,784 QUARTZ.DLL 853 | 01/23/2003 04:03 PM 97,280 QUERY.DLL 854 | 01/23/2003 04:03 PM 26,112 RACPLDLG.DLL 855 | 01/23/2003 04:03 PM 6,144 RASAPI32.DLL 856 | 01/23/2003 04:03 PM 2,560 RASCHAP.DLL 857 | 01/23/2003 04:03 PM 2,048 RASCTRS.DLL 858 | 01/23/2003 04:03 PM 4,608 RASDLG.DLL 859 | 01/23/2003 04:03 PM 10,240 RASMAN.DLL 860 | 01/23/2003 04:03 PM 3,072 RASMONTR.DLL 861 | 01/23/2003 04:03 PM 28,672 RASMXS.DLL 862 | 01/23/2003 04:03 PM 74,240 RASPPP.DLL 863 | 01/23/2003 04:03 PM 11,264 RASSER.DLL 864 | 01/23/2003 04:03 PM 25,600 RASTAPI.DLL 865 | 01/23/2003 04:03 PM 70,144 RASTLS.DLL 866 | 01/23/2003 04:03 PM 38,912 REGAPI.DLL 867 | 01/23/2003 04:03 PM 16,896 REMOTEPG.DLL 868 | 01/23/2003 04:03 PM 47,616 RESUTILS.DLL 869 | 01/23/2003 04:03 PM 122,880 RICHED20.DLL 870 | 01/23/2003 04:03 PM 5,120 RPCNS4.DLL 871 | 01/23/2003 04:03 PM 211,456 RPCRT4.DLL 872 | 01/23/2003 04:03 PM 5,120 RSAENH.DLL 873 | 01/23/2003 04:03 PM 8,192 RSHX32.DLL 874 | 01/23/2003 04:03 PM 243,200 RTL60.BPL 875 | 01/23/2003 04:03 PM 2,560 RTM.DLL 876 | 01/23/2003 04:03 PM 41,472 RTUTILS.DLL 877 | 01/23/2003 04:03 PM Restore 878 | 01/23/2003 04:03 PM 63,488 SAMLIB.DLL 879 | 01/23/2003 04:03 PM 2,560 SAMSRV.DLL 880 | 01/23/2003 04:03 PM 290,304 SBE.DLL 881 | 01/23/2003 04:03 PM 163,328 SBEIO.DLL 882 | 01/23/2003 04:03 PM 9,728 SCARDDLG.DLL 883 | 01/23/2003 04:03 PM 112,640 SCECLI.DLL 884 | 01/23/2003 04:03 PM 31,744 SCESRV.DLL 885 | 01/23/2003 04:03 PM 13,824 SCHANNEL.DLL 886 | 01/23/2003 04:03 PM 21,504 SCROBJ.DLL 887 | 01/23/2003 04:03 PM 80,384 SCRRUN.DLL 888 | 01/23/2003 04:03 PM 6,656 SECUR32.DLL 889 | 01/23/2003 04:03 PM 5,632 SECURITY.DLL 890 | 01/23/2003 04:03 PM 18,944 SENDMAIL.DLL 891 | 01/23/2003 04:03 PM 1,024 SENSAPI.DLL 892 | 01/23/2003 04:03 PM 10,240 SERIALUI.DLL 893 | 01/23/2003 04:03 PM 11,264 SERWVDRV.DLL 894 | 01/23/2003 04:03 PM 1,111,552 SETUPAPI.DLL 895 | 01/23/2003 04:03 PM 2,560 SFC.DLL 896 | 01/23/2003 04:03 PM 2,560 SFC_OS.DLL 897 | 01/23/2003 04:03 PM 175,104 SHDOCVW.DLL 898 | 01/23/2003 04:03 PM 1,102,336 SHELL32.DLL 899 | 01/23/2003 04:03 PM 2,048 SHFOLDER.DLL 900 | 01/23/2003 04:03 PM 2,560 SHIMGVW.DLL 901 | 01/23/2003 04:03 PM 307,712 SHLWAPI.DLL 902 | 01/23/2003 04:03 PM 124,416 SHSVCS.DLL 903 | 01/23/2003 04:03 PM 11,776 SISBKUP.DLL 904 | 01/23/2003 04:03 PM 17,920 SNMPAPI.DLL 905 | 01/23/2003 04:03 PM 3,072 SOFTPUB.DLL 906 | 01/23/2003 04:03 PM 10,240 SPOOLSS.DLL 907 | 01/23/2003 04:03 PM 40,448 SQLSRV32.DLL 908 | 01/23/2003 04:03 PM 88,576 SQLUNIRL.DLL 909 | 01/23/2003 04:03 PM 3,584 SQLWID.DLL 910 | 01/23/2003 04:03 PM 19,968 SQLWOA.DLL 911 | 01/23/2003 04:03 PM 37,888 SRCLIENT.DLL 912 | 01/23/2003 04:03 PM 33,280 SSDPAPI.DLL 913 | 01/23/2003 04:03 PM 65,024 STCLIENT.DLL 914 | 01/23/2003 04:03 PM 10,240 STI.DLL 915 | 01/23/2003 04:03 PM 30,208 STORPROP.DLL 916 | 01/23/2003 04:03 PM 9,728 SXS.DLL 917 | 01/23/2003 04:03 PM 2,560 SYNCENG.DLL 918 | 01/23/2003 04:03 PM 14,336 SYNCUI.DLL 919 | 01/23/2003 04:03 PM 3,072 SYSDM.CPL 920 | 01/23/2003 04:03 PM 6,656 SYSTEM.DATA.DLL 921 | 01/23/2003 04:03 PM 21,504 SYSTEM.DLL 922 | 01/23/2003 04:03 PM 7,168 SYSTEM.DRAWING.DLL 923 | 01/23/2003 04:03 PM 3,584 SYSTEM.RUNTIME.DLL 924 | 01/23/2003 04:03 PM 4,096 SYSTEM.RUNTIME.INTEROPSERVICES.WINDOWSRUNTIME.DLL 925 | 01/23/2003 04:03 PM 14,848 SYSTEM.WINDOWS.FORMS.DLL 926 | 01/23/2003 04:03 PM 3,072 SYSTEM.XML.DLL 927 | 01/23/2003 04:03 PM Setup 928 | 01/23/2003 04:03 PM ShellExt 929 | 01/23/2003 04:03 PM 1,024 T2EMBED.DLL 930 | 01/23/2003 04:03 PM 75,264 TAPI3.DLL 931 | 01/23/2003 04:03 PM 32,768 TAPI32.DLL 932 | 01/23/2003 04:03 PM 34,816 TAPISRV.DLL 933 | 01/23/2003 04:03 PM 3,584 TCPIP.SYS 934 | 01/23/2003 04:03 PM 2,560 TDC.OCX 935 | 01/23/2003 04:03 PM 4,608 TDI.SYS 936 | 01/23/2003 04:03 PM 62,464 TERMMGR.DLL 937 | 01/23/2003 04:03 PM 19,968 THEMEUI.DLL 938 | 01/23/2003 04:03 PM 3,072 TIMEDATE.CPL 939 | 01/23/2003 04:03 PM 38,400 TRAFFIC.DLL 940 | 01/23/2003 04:03 PM 7,680 TSBYUV.DLL 941 | 01/23/2003 04:03 PM 21,504 TSGQEC.DLL 942 | 01/23/2003 04:03 PM 44,032 TSPKG.DLL 943 | 01/23/2003 04:03 PM 23,040 TWEXT.DLL 944 | 01/23/2003 04:03 PM 9,728 TXFLOG.DLL 945 | 01/23/2003 04:03 PM 12,800 UDHISAPI.DLL 946 | 01/23/2003 04:03 PM 10,752 UFAT.DLL 947 | 01/23/2003 04:03 PM 29,696 ULIB.DLL 948 | 01/23/2003 04:03 PM 17,408 UMDMXFRM.DLL 949 | 01/23/2003 04:03 PM 65,536 UNIMDMAT.DLL 950 | 01/23/2003 04:03 PM 12,800 UNIPLAT.DLL 951 | 01/23/2003 04:03 PM 340,480 UNKNOWNDLL.DLL 952 | 01/23/2003 04:03 PM 1,024 UNKNOWNSYS.DLL 953 | 01/23/2003 04:03 PM 24,064 UNTFS.DLL 954 | 01/23/2003 04:03 PM 33,792 UPNP.DLL 955 | 01/23/2003 04:03 PM 23,552 UPNPHOST.DLL 956 | 01/23/2003 04:03 PM 23,040 UREG.DLL 957 | 01/23/2003 04:03 PM 3,072 URL.DLL 958 | 01/23/2003 04:03 PM 124,416 URLMON.DLL 959 | 01/23/2003 04:03 PM 46,592 USBUI.DLL 960 | 01/23/2003 04:03 PM 920,576 USER32.DLL 961 | 01/23/2003 04:03 PM 5,120 USERENV.DLL 962 | 01/23/2003 04:03 PM 5,120 USP10.DLL 963 | 01/23/2003 04:03 PM 3,584 UTILDLL.DLL 964 | 01/23/2003 04:03 PM 24,064 UXTHEME.DLL 965 | 01/23/2003 04:03 PM 1 VBAEN32.OLB 966 | 01/23/2003 04:03 PM 1 VBAEND32.OLB 967 | 01/23/2003 04:03 PM 18,944 VBAJET32.DLL 968 | 01/23/2003 04:03 PM 1,024 VBAME.DLL 969 | 01/23/2003 04:03 PM 164,352 VBSCRIPT.DLL 970 | 01/23/2003 04:03 PM 5,632 VCCORLIB110.DLL 971 | 01/23/2003 04:03 PM 23,552 VDMDBG.DLL 972 | 01/23/2003 04:03 PM 1 VEN2232.OLB 973 | 01/23/2003 04:03 PM 3,072 VERIFIER.DLL 974 | 01/23/2003 04:03 PM 15,872 VERSION.DLL 975 | 01/23/2003 04:03 PM 150,016 VSSAPI.DLL 976 | 01/23/2003 04:03 PM 11,264 VSS_PS.DLL 977 | 01/23/2003 04:03 PM 3,072 W32TIME.DLL 978 | 01/23/2003 04:03 PM 25,088 W32TOPL.DLL 979 | 01/23/2003 04:03 PM 1,024 WAB32.DLL 980 | 01/23/2003 04:03 PM 107,520 WAVEMSP.DLL 981 | 01/23/2003 04:03 PM 4,608 WBEMPROX.DLL 982 | 01/23/2003 04:03 PM 9,728 WDIGEST.DLL 983 | 01/23/2003 04:03 PM 28,672 WEBCHECK.DLL 984 | 01/23/2003 04:03 PM 7,680 WEBCLNT.DLL 985 | 01/23/2003 04:03 PM 70,656 WIADEFUI.DLL 986 | 01/23/2003 04:03 PM 7,680 WIADSS.DLL 987 | 01/23/2003 04:03 PM 8,192 WIASHEXT.DLL 988 | 01/23/2003 04:03 PM 3,584 WIAVIDEO.DLL 989 | 01/23/2003 04:03 PM 3,584 WINBRAND.DLL 990 | 01/23/2003 04:03 PM 5,120 WINDOWS.DLL 991 | 01/23/2003 04:03 PM 35,840 WINDOWSCODECS.DLL 992 | 01/23/2003 04:03 PM 14,336 WINDOWSCODECSEXT.DLL 993 | 01/23/2003 04:03 PM 4,096 WINFAX.DLL 994 | 01/23/2003 04:03 PM 8,192 WINHTTP.DLL 995 | 01/23/2003 04:03 PM 601,600 WININET.DLL 996 | 01/23/2003 04:03 PM 1,024 WINIPSEC.DLL 997 | 01/23/2003 04:03 PM 186,368 WINMM.DLL 998 | 01/23/2003 04:03 PM 14,848 WINRNR.DLL 999 | 01/23/2003 04:03 PM 8,192 WINSCARD.DLL 1000 | 01/23/2003 04:03 PM 146,944 WINSPOOL.DRV 1001 | 01/23/2003 04:03 PM 7,168 WINSTA.DLL 1002 | 01/23/2003 04:03 PM 158,720 WINTRUST.DLL 1003 | 01/23/2003 04:03 PM 6,144 WLANAPI.DLL 1004 | 01/23/2003 04:03 PM 17,920 WLDAP32.DLL 1005 | 01/23/2003 04:03 PM 117,248 WMADMOD.DLL 1006 | 01/23/2003 04:03 PM 32,256 WMADMOE.DLL 1007 | 01/23/2003 04:03 PM 30,208 WMASF.DLL 1008 | 01/23/2003 04:03 PM 27,136 WMDMLOG.DLL 1009 | 01/23/2003 04:03 PM 19,968 WMDMPS.DLL 1010 | 01/23/2003 04:03 PM 3,584 WMI.DLL 1011 | 01/23/2003 04:03 PM 3,072 WMIDX.DLL 1012 | 01/23/2003 04:03 PM 24,064 WMIPROP.DLL 1013 | 01/23/2003 04:03 PM 53,760 WMNETMGR.DLL 1014 | 01/23/2003 04:03 PM 28,672 WMP.DLL 1015 | 01/23/2003 04:03 PM 35,328 WMPDXM.DLL 1016 | 01/23/2003 04:03 PM 15,872 WMPSHELL.DLL 1017 | 01/23/2003 04:03 PM 43,008 WMSDMOD.DLL 1018 | 01/23/2003 04:03 PM 22,528 WMSPDMOD.DLL 1019 | 01/23/2003 04:03 PM 40,960 WMSPDMOE.DLL 1020 | 01/23/2003 04:03 PM 94,720 WMVCORE.DLL 1021 | 01/23/2003 04:03 PM 3,072 WOW32.DLL 1022 | 01/23/2003 04:03 PM 2,048 WS2HELP.DLL 1023 | 01/23/2003 04:03 PM 107,520 WS2_32.DLL 1024 | 01/23/2003 04:03 PM 119,296 WSECEDIT.DLL 1025 | 01/23/2003 04:03 PM 16,384 WSHCON.DLL 1026 | 01/23/2003 04:03 PM 15,360 WSHEXT.DLL 1027 | 01/23/2003 04:03 PM 2,560 WSHIP6.DLL 1028 | 01/23/2003 04:03 PM 41,984 WSHOM.OCX 1029 | 01/23/2003 04:03 PM 29,184 WSNMP32.DLL 1030 | 01/23/2003 04:03 PM 12,800 WSOCK32.DLL 1031 | 01/23/2003 04:03 PM 4,608 WTSAPI32.DLL 1032 | 01/23/2003 04:03 PM 49,664 WUAPI.DLL 1033 | 01/23/2003 04:03 PM 29,184 WUPS.DLL 1034 | 01/23/2003 04:03 PM 1 WindowsLogon.manifest 1035 | 01/23/2003 04:03 PM 16,384 XMLLITE.DLL 1036 | 01/23/2003 04:03 PM 16,896 XMLPROVI.DLL 1037 | 01/23/2003 04:03 PM 11,264 XOLEHLP.DLL 1038 | 01/23/2003 04:03 PM 32,256 ZIPFLDR.DLL 1039 | 01/23/2003 04:03 PM 1 accwiz.exe 1040 | 01/23/2003 04:03 PM 1 acelpdec.ax 1041 | 01/23/2003 04:03 PM 1 activeds.tlb 1042 | 01/23/2003 04:03 PM 1 actmovie.exe 1043 | 01/23/2003 04:03 PM 8,704 ahui.exe 1044 | 01/23/2003 04:03 PM 8,704 alg.exe 1045 | 01/23/2003 04:03 PM 1 amcompat.tlb 1046 | 01/23/2003 04:03 PM 8,704 append.exe 1047 | 01/23/2003 04:03 PM 8,704 arp.exe 1048 | 01/23/2003 04:03 PM 1 asr_fmt.exe 1049 | 01/23/2003 04:03 PM 1 asr_ldm.exe 1050 | 01/23/2003 04:03 PM 1 asr_pfu.exe 1051 | 01/23/2003 04:03 PM 8,704 at.exe 1052 | 01/23/2003 04:03 PM 1 ativdaxx.ax 1053 | 01/23/2003 04:03 PM 1 ativmvxx.ax 1054 | 01/23/2003 04:03 PM 1 atmadm.exe 1055 | 01/23/2003 04:03 PM 13,312 attrib.exe 1056 | 01/23/2003 04:03 PM 1 auditusr.exe 1057 | 01/23/2003 04:03 PM 8,704 autochk.exe 1058 | 01/23/2003 04:03 PM 46,080 autoconv.exe 1059 | 01/23/2003 04:03 PM 54,272 autofmt.exe 1060 | 01/23/2003 04:03 PM 1 autolfn.exe 1061 | 01/23/2003 04:03 PM 1 bios1.rom 1062 | 01/23/2003 04:03 PM 1 bios4.rom 1063 | 01/23/2003 04:03 PM bits 1064 | 01/23/2003 04:03 PM 1 blastcln.exe 1065 | 01/23/2003 04:03 PM 52,224 bootcfg.exe 1066 | 01/23/2003 04:03 PM 1 bootok.exe 1067 | 01/23/2003 04:03 PM 1 bootvrfy.exe 1068 | 01/23/2003 04:03 PM 1 bopomofo.uce 1069 | 01/23/2003 04:03 PM 1 c_737.nls 1070 | 01/23/2003 04:03 PM 1 cacls.exe 1071 | 01/23/2003 04:03 PM 74,752 calc.exe 1072 | 01/23/2003 04:03 PM 1 cdplayer.exe.manifest 1073 | 01/23/2003 04:03 PM 512 certmgr.msc 1074 | 01/23/2003 04:03 PM 239,104 charmap.exe 1075 | 01/23/2003 04:03 PM 10,752 chcp.com 1076 | 01/23/2003 04:03 PM 13,312 chkdsk.exe 1077 | 01/23/2003 04:03 PM 15,360 chkntfs.exe 1078 | 01/23/2003 04:03 PM 1 ciadv.msc 1079 | 01/23/2003 04:03 PM 1 cidaemon.exe 1080 | 01/23/2003 04:03 PM 21,504 cipher.exe 1081 | 01/23/2003 04:03 PM 1 cisvc.exe 1082 | 01/23/2003 04:03 PM 1 ckcnv.exe 1083 | 01/23/2003 04:03 PM 21,504 cleanmgr.exe 1084 | 01/23/2003 04:03 PM 16,896 cliconfg.exe 1085 | 01/23/2003 04:03 PM 1 cliconfg.rll 1086 | 01/23/2003 04:03 PM 1 clipbrd.exe 1087 | 01/23/2003 04:03 PM 1 clipsrv.exe 1088 | 01/23/2003 04:03 PM 21,504 cmd.exe 1089 | 01/23/2003 04:03 PM 21,504 cmdl32.exe 1090 | 01/23/2003 04:03 PM 1 cmdlib.wsc 1091 | 01/23/2003 04:03 PM 1 cmmgr32.hlp 1092 | 01/23/2003 04:03 PM 1 cmmon32.exe 1093 | 01/23/2003 04:03 PM 1 cmos.ram 1094 | 01/23/2003 04:03 PM 1 cmstp.exe 1095 | 01/23/2003 04:03 PM com 1096 | 01/23/2003 04:03 PM 1 comm.drv 1097 | 01/23/2003 04:03 PM 1 command.com 1098 | 01/23/2003 04:03 PM 15,872 comp.exe 1099 | 01/23/2003 04:03 PM 9,216 compact.exe 1100 | 01/23/2003 04:03 PM 1 compmgmt.msc 1101 | 01/23/2003 04:03 PM 1 comsdupd.exe 1102 | 01/23/2003 04:03 PM config 1103 | 01/23/2003 04:03 PM 1 conime.exe 1104 | 01/23/2003 04:03 PM 8,704 control.exe 1105 | 01/23/2003 04:03 PM 1 convert.exe 1106 | 01/23/2003 04:03 PM 17,408 cscript.exe 1107 | 01/23/2003 04:03 PM 9,216 csrss.exe 1108 | 01/23/2003 04:03 PM 9,216 ctfmon.exe 1109 | 01/23/2003 04:03 PM 1 ctype.nls 1110 | 01/23/2003 04:03 PM 1 dcache.bin 1111 | 01/23/2003 04:03 PM 1 dcomcnfg.exe 1112 | 01/23/2003 04:03 PM 1 ddeshare.exe 1113 | 01/23/2003 04:03 PM 8,704 debug.exe 1114 | 01/23/2003 04:03 PM 1 defrag.exe 1115 | 01/23/2003 04:03 PM 1 desktop.ini 1116 | 01/23/2003 04:03 PM 514 devmgmt.msc 1117 | 01/23/2003 04:03 PM 103 dfrg.msc 1118 | 01/23/2003 04:03 PM 11,264 dfrgfat.exe 1119 | 01/23/2003 04:03 PM 1 dfrgntfs.exe 1120 | 01/23/2003 04:03 PM dhcp 1121 | 01/23/2003 04:03 PM 1 diantz.exe 1122 | 01/23/2003 04:03 PM 13,312 diskcomp.com 1123 | 01/23/2003 04:03 PM 8,704 diskcopy.com 1124 | 01/23/2003 04:03 PM 512 diskmgmt.msc 1125 | 01/23/2003 04:03 PM 10,752 diskpart.exe 1126 | 01/23/2003 04:03 PM 10,752 diskperf.exe 1127 | 01/23/2003 04:03 PM dllcache 1128 | 01/23/2003 04:03 PM 3,584 dllhost.exe 1129 | 01/23/2003 04:03 PM 1 dllhst3g.exe 1130 | 01/23/2003 04:03 PM 1 dmadmin.exe 1131 | 01/23/2003 04:03 PM 1 doskey.exe 1132 | 01/23/2003 04:03 PM 1 dosx.exe 1133 | 01/23/2003 04:03 PM 1 dplaysvr.exe 1134 | 01/23/2003 04:03 PM 10,752 dpnsvr.exe 1135 | 01/23/2003 04:03 PM 1 dpvsetup.exe 1136 | 01/23/2003 04:03 PM 1 driverquery.exe 1137 | 01/23/2003 04:03 PM drivers 1138 | 01/23/2003 04:03 PM 1 drwatson.exe 1139 | 01/23/2003 04:03 PM 1 drwtsn32.exe 1140 | 01/23/2003 04:03 PM 1 dsound.vxd 1141 | 01/23/2003 04:03 PM 8,704 dumprep.exe 1142 | 01/23/2003 04:03 PM 1 dvdplay.exe 1143 | 01/23/2003 04:03 PM 1 dvdupgrd.exe 1144 | 01/23/2003 04:03 PM 1 dwwin.exe 1145 | 01/23/2003 04:03 PM 8,704 dxdiag.exe 1146 | 01/23/2003 04:03 PM 1 edit.com 1147 | 01/23/2003 04:03 PM 1 edit.hlp 1148 | 01/23/2003 04:03 PM 1 edlin.exe 1149 | 01/23/2003 04:03 PM 1 ega.cpi 1150 | 01/23/2003 04:03 PM 1 emptyregdb.dat 1151 | 01/23/2003 04:03 PM en 1152 | 01/23/2003 04:03 PM en-us 1153 | 01/23/2003 04:03 PM 1 esentprf.hxx 1154 | 01/23/2003 04:03 PM 1 esentprf.ini 1155 | 01/23/2003 04:03 PM 1 esentutl.exe 1156 | 01/23/2003 04:03 PM 1 eudcedit.exe 1157 | 01/23/2003 04:03 PM 1 eventcreate.exe 1158 | 01/23/2003 04:03 PM 1 eventquery.vbs 1159 | 01/23/2003 04:03 PM 1 eventtriggers.exe 1160 | 01/23/2003 04:03 PM 239,104 eventvwr.exe 1161 | 01/23/2003 04:03 PM 103 eventvwr.msc 1162 | 01/23/2003 04:03 PM 1 exe2bin.exe 1163 | 01/23/2003 04:03 PM 8,704 expand.exe 1164 | 01/23/2003 04:03 PM export 1165 | 01/23/2003 04:03 PM 1 extrac32.exe 1166 | 01/23/2003 04:03 PM 1 fastopen.exe 1167 | 01/23/2003 04:03 PM 1 faxpatch.exe 1168 | 01/23/2003 04:03 PM 9,216 fc.exe 1169 | 01/23/2003 04:03 PM 9,216 find.exe 1170 | 01/23/2003 04:03 PM 239,104 findstr.exe 1171 | 01/23/2003 04:03 PM 9,216 finger.exe 1172 | 01/23/2003 04:03 PM 10,752 fixmapi.exe 1173 | 01/23/2003 04:03 PM 1 fltmc.exe 1174 | 01/23/2003 04:03 PM 1 fontview.exe 1175 | 01/23/2003 04:03 PM 1 forcedos.exe 1176 | 01/23/2003 04:03 PM 10,752 format.com 1177 | 01/23/2003 04:03 PM 1 freecell.exe 1178 | 01/23/2003 04:03 PM 514 fsmgmt.msc 1179 | 01/23/2003 04:03 PM 1 fsquirt.exe 1180 | 01/23/2003 04:03 PM 1 fsutil.exe 1181 | 01/23/2003 04:03 PM 1 ftp.exe 1182 | 01/23/2003 04:03 PM 239,104 gdi.exe 1183 | 01/23/2003 04:03 PM 1 geo.nls 1184 | 01/23/2003 04:03 PM 21,504 getmac.exe 1185 | 01/23/2003 04:03 PM 103 gpedit.msc 1186 | 01/23/2003 04:03 PM 1 gpresult.exe 1187 | 01/23/2003 04:03 PM 1 gpupdate.exe 1188 | 01/23/2003 04:03 PM 1 graftabl.com 1189 | 01/23/2003 04:03 PM 1 graphics.com 1190 | 01/23/2003 04:03 PM 1 graphics.pro 1191 | 01/23/2003 04:03 PM 1 grpconv.exe 1192 | 01/23/2003 04:03 PM 1 h323log.txt 1193 | 01/23/2003 04:03 PM 1 help.exe 1194 | 01/23/2003 04:03 PM 1 hidphone.tsp 1195 | 01/23/2003 04:03 PM 1 homepage.inf 1196 | 01/23/2003 04:03 PM 21,504 hostname.exe 1197 | 01/23/2003 04:03 PM 1 iac25_32.ax 1198 | 01/23/2003 04:03 PM ias 1199 | 01/23/2003 04:03 PM 1 ie4uinit.exe 1200 | 01/23/2003 04:03 PM 1 ieaksie.dll 1201 | 01/23/2003 04:03 PM 1 ieakui.dll 1202 | 01/23/2003 04:03 PM 1 ieapfltr.dat 1203 | 01/23/2003 04:03 PM 1 ieapfltr.dll 1204 | 01/23/2003 04:03 PM 1 iexpress.exe 1205 | 01/23/2003 04:03 PM 1 imapi.exe 1206 | 01/23/2003 04:03 PM inetsrv 1207 | 01/23/2003 04:03 PM 1 ipconf.tsp 1208 | 01/23/2003 04:03 PM 8,704 ipconfig.exe 1209 | 01/23/2003 04:03 PM 1 ipsec6.exe 1210 | 01/23/2003 04:03 PM 10,240 ipv6.exe 1211 | 01/23/2003 04:03 PM 1 ipxroute.exe 1212 | 01/23/2003 04:03 PM 1 ir41_32.ax 1213 | 01/23/2003 04:03 PM 1 kb16.com 1214 | 01/23/2003 04:03 PM 1 kbdsmsfi.dll 1215 | 01/23/2003 04:03 PM 1 keyboard.drv 1216 | 01/23/2003 04:03 PM 1 kmddsp.tsp 1217 | 01/23/2003 04:03 PM 1 krnl386.exe 1218 | 01/23/2003 04:03 PM 1 ksproxy.ax 1219 | 01/23/2003 04:03 PM 1 l3codecx.ax 1220 | 01/23/2003 04:03 PM 1 l_except.nls 1221 | 01/23/2003 04:03 PM 1 l_intl.nls 1222 | 01/23/2003 04:03 PM 1 label.exe 1223 | 01/23/2003 04:03 PM 1 lanman.drv 1224 | 01/23/2003 04:03 PM 1 lights.exe 1225 | 01/23/2003 04:03 PM 1 lnkstub.exe 1226 | 01/23/2003 04:03 PM 1 loadfix.com 1227 | 01/23/2003 04:03 PM 1 locale.nls 1228 | 01/23/2003 04:03 PM 1 locator.exe 1229 | 01/23/2003 04:03 PM 9,216 lodctr.exe 1230 | 01/23/2003 04:03 PM 1 logagent.exe 1231 | 01/23/2003 04:03 PM 1 login.cmd 1232 | 01/23/2003 04:03 PM 239,104 logman.exe 1233 | 01/23/2003 04:03 PM 9,216 logoff.exe 1234 | 01/23/2003 04:03 PM 1 logon.scr 1235 | 01/23/2003 04:03 PM 1 logonui.exe 1236 | 01/23/2003 04:03 PM 1 logonui.exe.manifest 1237 | 01/23/2003 04:03 PM 1 lpq.exe 1238 | 01/23/2003 04:03 PM 1 lpr.exe 1239 | 01/23/2003 04:03 PM 9,216 lsass.exe 1240 | 01/23/2003 04:03 PM 517 lusrmgr.msc 1241 | 01/23/2003 04:03 PM 1 lxsrmgr.msc 1242 | 01/23/2003 04:03 PM 1 magnify.exe 1243 | 01/23/2003 04:03 PM 21,504 makecab.exe 1244 | 01/23/2003 04:03 PM 1 mciavi.drv 1245 | 01/23/2003 04:03 PM 1 mciseq.drv 1246 | 01/23/2003 04:03 PM 1 mciwave.drv 1247 | 01/23/2003 04:03 PM 1 mem.exe 1248 | 01/23/2003 04:03 PM 1 mib.bin 1249 | 01/23/2003 04:03 PM 9,216 migpwd.exe 1250 | 01/23/2003 04:03 PM 9,216 mmc.exe 1251 | 01/23/2003 04:03 PM 1 mmcbase.dll 1252 | 01/23/2003 04:03 PM 1 mmcperf.exe 1253 | 01/23/2003 04:03 PM 1 mmtask.tsk 1254 | 01/23/2003 04:03 PM 1 mnmsrvc.exe 1255 | 01/23/2003 04:03 PM 1 mobsync.exe 1256 | 01/23/2003 04:03 PM 10,752 mode.com 1257 | 01/23/2003 04:03 PM 10,752 more.com 1258 | 01/23/2003 04:03 PM 15,360 mountvol.exe 1259 | 01/23/2003 04:03 PM 1 mouse.drv 1260 | 01/23/2003 04:03 PM 1 mpeg2data.ax 1261 | 01/23/2003 04:03 PM 1 mpg4ds32.ax 1262 | 01/23/2003 04:03 PM 1 mplay32.exe 1263 | 01/23/2003 04:03 PM 1 mpnotify.exe 1264 | 01/23/2003 04:03 PM 1 mqbkup.exe 1265 | 01/23/2003 04:03 PM 1 mqoa.tlb 1266 | 01/23/2003 04:03 PM 1 mqoa10.tlb 1267 | 01/23/2003 04:03 PM 1 mqoa20.tlb 1268 | 01/23/2003 04:03 PM 1 mqperf.ini 1269 | 01/23/2003 04:03 PM 1 mqprfsym.h 1270 | 01/23/2003 04:03 PM 239,104 mqsvc.exe 1271 | 01/23/2003 04:03 PM 1 mqtgsvc.exe 1272 | 01/23/2003 04:03 PM 15,360 mrinfo.exe 1273 | 01/23/2003 04:03 PM 1 msacm32.drv 1274 | 01/23/2003 04:03 PM 1 msadds32.ax 1275 | 01/23/2003 04:03 PM 1 mscdexnt.exe 1276 | 01/23/2003 04:03 PM 1 msdatsrc.tlb 1277 | 01/23/2003 04:03 PM 1 msdtc.exe 1278 | 01/23/2003 04:03 PM 1 msdtcprf.h 1279 | 01/23/2003 04:03 PM 1 msdtcprf.ini 1280 | 01/23/2003 04:03 PM 1 msg.exe 1281 | 01/23/2003 04:03 PM 1 msh261.drv 1282 | 01/23/2003 04:03 PM 1 msh263.drv 1283 | 01/23/2003 04:03 PM 1 mshearts.exe 1284 | 01/23/2003 04:03 PM 9,216 mshta.exe 1285 | 01/23/2003 04:03 PM 1 mshtml.tlb 1286 | 01/23/2003 04:03 PM 13,312 msiexec.exe 1287 | 01/23/2003 04:03 PM 8,704 mspaint.exe 1288 | 01/23/2003 04:03 PM 1 msscds32.ax 1289 | 01/23/2003 04:03 PM 1 msswchx.exe 1290 | 01/23/2003 04:03 PM 1 mstinit.exe 1291 | 01/23/2003 04:03 PM 1 mstsc.exe 1292 | 01/23/2003 04:03 PM mui 1293 | 01/23/2003 04:03 PM 1 napstat.exe 1294 | 01/23/2003 04:03 PM 1 narrator.exe 1295 | 01/23/2003 04:03 PM 1 nbtstat.exe 1296 | 01/23/2003 04:03 PM 9,216 ncpa.cpl 1297 | 01/23/2003 04:03 PM 1 ncpa.cpl.manifest 1298 | 01/23/2003 04:03 PM 1 nddeapir.exe 1299 | 01/23/2003 04:03 PM 1 ndptsp.tsp 1300 | 01/23/2003 04:03 PM 1 net.exe 1301 | 01/23/2003 04:03 PM 1 net.hlp 1302 | 01/23/2003 04:03 PM 1 net1.exe 1303 | 01/23/2003 04:03 PM 1 netdde.exe 1304 | 01/23/2003 04:03 PM 1 netsetup.exe 1305 | 01/23/2003 04:03 PM 21,504 netstat.exe 1306 | 01/23/2003 04:03 PM 1 netware.drv 1307 | 01/23/2003 04:03 PM 8,704 nlsdl.dll 1308 | 01/23/2003 04:03 PM 1 nlsfunc.exe 1309 | 01/23/2003 04:03 PM 1 noise.chs 1310 | 01/23/2003 04:03 PM 1 noise.cht 1311 | 01/23/2003 04:03 PM 1 noise.dat 1312 | 01/23/2003 04:03 PM 1 noise.eng 1313 | 01/23/2003 04:03 PM 1 noise.enu 1314 | 01/23/2003 04:03 PM 1 noise.esn 1315 | 01/23/2003 04:03 PM 1 noise.fra 1316 | 01/23/2003 04:03 PM 1 noise.ita 1317 | 01/23/2003 04:03 PM 1 noise.nld 1318 | 01/23/2003 04:03 PM 1 noise.sve 1319 | 01/23/2003 04:03 PM 1 noise.tha 1320 | 01/23/2003 04:03 PM 9,216 notepad.exe 1321 | 01/23/2003 04:03 PM 1 nscompat.tlb 1322 | 01/23/2003 04:03 PM 8,704 nslookup.exe 1323 | 01/23/2003 04:03 PM 1 ntbackup.exe 1324 | 01/23/2003 04:03 PM 1 ntimage.gif 1325 | 01/23/2003 04:03 PM 1 ntkrnlpa.exe 1326 | 01/23/2003 04:03 PM 1 ntmsmgr.msc 1327 | 01/23/2003 04:03 PM 1 ntmsoprq.msc 1328 | 01/23/2003 04:03 PM 1 ntsd.exe 1329 | 01/23/2003 04:03 PM 1 ntvdm.exe 1330 | 01/23/2003 04:03 PM 1 nw16.exe 1331 | 01/23/2003 04:03 PM 1 nwc.cpl.manifest 1332 | 01/23/2003 04:03 PM 1 nwscript.exe 1333 | 01/23/2003 04:03 PM 1 odbcad32.exe 1334 | 01/23/2003 04:03 PM 1 odbcconf.exe 1335 | 01/23/2003 04:03 PM 1 odbcconf.rsp 1336 | 01/23/2003 04:03 PM 1 oembios.bin 1337 | 01/23/2003 04:03 PM 1 oembios.dat 1338 | 01/23/2003 04:03 PM 1 oembios.sig 1339 | 01/23/2003 04:03 PM oobe 1340 | 01/23/2003 04:03 PM 8,704 opencl.dll 1341 | 01/23/2003 04:03 PM 1 openfiles.exe 1342 | 01/23/2003 04:03 PM 21,504 osk.exe 1343 | 01/23/2003 04:03 PM 1 osuninst.exe 1344 | 01/23/2003 04:03 PM 1 packager.exe 1345 | 01/23/2003 04:03 PM 1 pagefileconfig.vbs 1346 | 01/23/2003 04:03 PM 1 pathping.exe 1347 | 01/23/2003 04:03 PM 1 pautoenr.dll 1348 | 01/23/2003 04:03 PM 1 pcl.sep 1349 | 01/23/2003 04:03 PM 1 pentnt.exe 1350 | 01/23/2003 04:03 PM 1 perfc009.dat 1351 | 01/23/2003 04:03 PM 1 perfci.h 1352 | 01/23/2003 04:03 PM 1 perfci.ini 1353 | 01/23/2003 04:03 PM 1 perfd009.dat 1354 | 01/23/2003 04:03 PM 1 perffilt.h 1355 | 01/23/2003 04:03 PM 1 perffilt.ini 1356 | 01/23/2003 04:03 PM 1 perfmon.exe 1357 | 01/23/2003 04:03 PM 468 perfmon.msc 1358 | 01/23/2003 04:03 PM 1 perfwci.h 1359 | 01/23/2003 04:03 PM 1 perfwci.ini 1360 | 01/23/2003 04:03 PM 1 pid.inf 1361 | 01/23/2003 04:03 PM 13,824 ping.exe 1362 | 01/23/2003 04:03 PM 1 ping6.exe 1363 | 01/23/2003 04:03 PM 8,704 pmspl.dll 1364 | 01/23/2003 04:03 PM 52,224 powercfg.exe 1365 | 01/23/2003 04:03 PM 9,216 print.exe 1366 | 01/23/2003 04:03 PM 1 prncnfg.vbs 1367 | 01/23/2003 04:03 PM 1 prndrvr.vbs 1368 | 01/23/2003 04:03 PM 1 prnjobs.vbs 1369 | 01/23/2003 04:03 PM 1 prnmngr.vbs 1370 | 01/23/2003 04:03 PM 1 prnport.vbs 1371 | 01/23/2003 04:03 PM 1 prnqctl.vbs 1372 | 01/23/2003 04:03 PM 1 prodspec.ini 1373 | 01/23/2003 04:03 PM 1 progman.exe 1374 | 01/23/2003 04:03 PM 1 proquota.exe 1375 | 01/23/2003 04:03 PM 239,104 proxycfg.exe 1376 | 01/23/2003 04:03 PM 1 pschdcnt.h 1377 | 01/23/2003 04:03 PM 1 pschdprf.ini 1378 | 01/23/2003 04:03 PM 1 pscript.sep 1379 | 01/23/2003 04:03 PM 1 pubprn.vbs 1380 | 01/23/2003 04:03 PM 1 qappsrv.exe 1381 | 01/23/2003 04:03 PM 1 qprocess.exe 1382 | 01/23/2003 04:03 PM 1 qwinsta.exe 1383 | 01/23/2003 04:03 PM ras 1384 | 01/23/2003 04:03 PM 9,216 rasautou.exe 1385 | 01/23/2003 04:03 PM 1 rasctrnm.h 1386 | 01/23/2003 04:03 PM 1 rasctrs.ini 1387 | 01/23/2003 04:03 PM 9,216 rasdial.exe 1388 | 01/23/2003 04:03 PM 15,360 rasphone.exe 1389 | 01/23/2003 04:03 PM 1 rcimlby.exe 1390 | 01/23/2003 04:03 PM 1 rcp.exe 1391 | 01/23/2003 04:03 PM 1 rdpclip.exe 1392 | 01/23/2003 04:03 PM 1 rdsaddin.exe 1393 | 01/23/2003 04:03 PM 1 rdshost.exe 1394 | 01/23/2003 04:03 PM 239,104 recover.exe 1395 | 01/23/2003 04:03 PM 1 redir.exe 1396 | 01/23/2003 04:03 PM 1 reg.exe 1397 | 01/23/2003 04:03 PM 1 regedt32.exe 1398 | 01/23/2003 04:03 PM 15,360 regini.exe 1399 | 01/23/2003 04:03 PM 1 regsvr32.exe 1400 | 01/23/2003 04:03 PM 1 regwiz.exe 1401 | 01/23/2003 04:03 PM 27,648 relog.exe 1402 | 01/23/2003 04:03 PM 1 remotesp.tsp 1403 | 01/23/2003 04:03 PM 21,504 replace.exe 1404 | 01/23/2003 04:03 PM 8,704 reset.exe 1405 | 01/23/2003 04:03 PM 1 rexec.exe 1406 | 01/23/2003 04:03 PM 8,704 route.exe 1407 | 01/23/2003 04:03 PM 1 routemon.exe 1408 | 01/23/2003 04:03 PM 1 rsaci.rat 1409 | 01/23/2003 04:03 PM 1 rsh.exe 1410 | 01/23/2003 04:03 PM 1 rsm.exe 1411 | 01/23/2003 04:03 PM 1 rsmsink.exe 1412 | 01/23/2003 04:03 PM 1 rsmui.exe 1413 | 01/23/2003 04:03 PM 1 rsnotify.exe 1414 | 01/23/2003 04:03 PM 490 rsop.msc 1415 | 01/23/2003 04:03 PM 1 rsopprov.exe 1416 | 01/23/2003 04:03 PM 1 rsvp.exe 1417 | 01/23/2003 04:03 PM 1 rsvp.ini 1418 | 01/23/2003 04:03 PM 1 rsvpcnts.h 1419 | 01/23/2003 04:03 PM 1 rtcshare.exe 1420 | 01/23/2003 04:03 PM 239,104 runas.exe 1421 | 01/23/2003 04:03 PM 13,312 rundll32.exe 1422 | 01/23/2003 04:03 PM 1 runonce.exe 1423 | 01/23/2003 04:03 PM 1 rwinsta.exe 1424 | 01/23/2003 04:03 PM 1 sapi.cpl.manifest 1425 | 01/23/2003 04:03 PM 1 savedump.exe 1426 | 01/23/2003 04:03 PM 1 sc.exe 1427 | 01/23/2003 04:03 PM 1 scardsvr.exe 1428 | 01/23/2003 04:03 PM 1 schtasks.exe 1429 | 01/23/2003 04:03 PM scripting 1430 | 01/23/2003 04:03 PM 1 scrnsave.scr 1431 | 01/23/2003 04:03 PM 1 sdbinst.exe 1432 | 01/23/2003 04:03 PM 1 secedit.exe 1433 | 01/23/2003 04:03 PM 1 secpol.msc 1434 | 01/23/2003 04:03 PM 1 secupd.dat 1435 | 01/23/2003 04:03 PM 1 secupd.sig 1436 | 01/23/2003 04:03 PM 1 services.exe 1437 | 01/23/2003 04:03 PM 103 services.msc 1438 | 01/23/2003 04:03 PM 1 sessmgr.exe 1439 | 01/23/2003 04:03 PM 9,216 sethc.exe 1440 | 01/23/2003 04:03 PM 1 setup.exe 1441 | 01/23/2003 04:03 PM 1 setupn.exe 1442 | 01/23/2003 04:03 PM 1 setver.exe 1443 | 01/23/2003 04:03 PM 9,216 sfc.exe 1444 | 01/23/2003 04:03 PM 1 shadow.exe 1445 | 01/23/2003 04:03 PM 1 share.exe 1446 | 01/23/2003 04:03 PM 1 shmgrate.exe 1447 | 01/23/2003 04:03 PM 1 shrpubw.exe 1448 | 01/23/2003 04:03 PM 1 shutdown.exe 1449 | 01/23/2003 04:03 PM 1 sigverif.exe 1450 | 01/23/2003 04:03 PM 1 simpdata.tlb 1451 | 01/23/2003 04:03 PM 1 skeys.exe 1452 | 01/23/2003 04:03 PM 1 slrundll.exe 1453 | 01/23/2003 04:03 PM 1 slserv.exe 1454 | 01/23/2003 04:03 PM 1 smbinst.exe 1455 | 01/23/2003 04:03 PM 1 smlogsvc.exe 1456 | 01/23/2003 04:03 PM 1 smss.exe 1457 | 01/23/2003 04:03 PM 1 sndrec32.exe 1458 | 01/23/2003 04:03 PM 1 sndvol32.exe 1459 | 01/23/2003 04:03 PM 1 sol.exe 1460 | 01/23/2003 04:03 PM 9,216 sort.exe 1461 | 01/23/2003 04:03 PM 1 sortkey.nls 1462 | 01/23/2003 04:03 PM 1 sorttbls.nls 1463 | 01/23/2003 04:03 PM 1 sound.drv 1464 | 01/23/2003 04:03 PM 1 spdwnwxp.exe 1465 | 01/23/2003 04:03 PM 1 spider.exe 1466 | 01/23/2003 04:03 PM 1 spiisupd.exe 1467 | 01/23/2003 04:03 PM 1 spnpinst.exe 1468 | 01/23/2003 04:03 PM spool 1469 | 01/23/2003 04:03 PM 8,704 spoolsv.exe 1470 | 01/23/2003 04:03 PM 1 sprestrt.exe 1471 | 01/23/2003 04:03 PM 1 spupdsvc.exe 1472 | 01/23/2003 04:03 PM 1 spupdwxp.exe 1473 | 01/23/2003 04:03 PM 1 spupdwxp.log 1474 | 01/23/2003 04:03 PM 1 sqlsrv32.rll 1475 | 01/23/2003 04:03 PM 1 ss3dfo.scr 1476 | 01/23/2003 04:03 PM 1 ssbezier.scr 1477 | 01/23/2003 04:03 PM 1 ssflwbox.scr 1478 | 01/23/2003 04:03 PM 1 ssmarque.scr 1479 | 01/23/2003 04:03 PM 1 ssmypics.scr 1480 | 01/23/2003 04:03 PM 1 ssmyst.scr 1481 | 01/23/2003 04:03 PM 1 sspipes.scr 1482 | 01/23/2003 04:03 PM 1 ssstars.scr 1483 | 01/23/2003 04:03 PM 9,216 sstext3d.scr 1484 | 01/23/2003 04:03 PM 1 stdole2.tlb 1485 | 01/23/2003 04:03 PM 1 stdole32.tlb 1486 | 01/23/2003 04:03 PM 1 stimon.exe 1487 | 01/23/2003 04:03 PM 9,216 subst.exe 1488 | 01/23/2003 04:03 PM 8,704 svchost.exe 1489 | 01/23/2003 04:03 PM 1 syncapp.exe 1490 | 01/23/2003 04:03 PM 8,704 sysedit.exe 1491 | 01/23/2003 04:03 PM 1 syskey.exe 1492 | 01/23/2003 04:03 PM 1 sysocmgr.exe 1493 | 01/23/2003 04:03 PM 1 sysprint.sep 1494 | 01/23/2003 04:03 PM 1 sysprtj.sep 1495 | 01/23/2003 04:03 PM 1 system.drv 1496 | 01/23/2003 04:03 PM 1 systeminfo.exe 1497 | 01/23/2003 04:03 PM 1 systray.exe 1498 | 01/23/2003 04:03 PM 1 taskkill.exe 1499 | 01/23/2003 04:03 PM 1 tasklist.exe 1500 | 01/23/2003 04:03 PM 41,984 taskmgr.exe 1501 | 01/23/2003 04:03 PM 1 tcmsetup.exe 1502 | 01/23/2003 04:03 PM 1 tcpmon.ini 1503 | 01/23/2003 04:03 PM 1 tcpsvcs.exe 1504 | 01/23/2003 04:03 PM 1 telnet.exe 1505 | 01/23/2003 04:03 PM 1 termcap 1506 | 01/23/2003 04:03 PM 1 tftp.exe 1507 | 01/23/2003 04:03 PM 1 timer.drv 1508 | 01/23/2003 04:03 PM 1 tlntadmn.exe 1509 | 01/23/2003 04:03 PM 1 tlntsess.exe 1510 | 01/23/2003 04:03 PM 1 tlntsvr.exe 1511 | 01/23/2003 04:03 PM 1 tourstart.exe 1512 | 01/23/2003 04:03 PM 1 tracerpt.exe 1513 | 01/23/2003 04:03 PM 239,104 tracert.exe 1514 | 01/23/2003 04:03 PM 1 tracert6.exe 1515 | 01/23/2003 04:03 PM 15,872 tree.com 1516 | 01/23/2003 04:03 PM 1 tscon.exe 1517 | 01/23/2003 04:03 PM 1 tscupgrd.exe 1518 | 01/23/2003 04:03 PM 1 tsdiscon.exe 1519 | 01/23/2003 04:03 PM 1 tskill.exe 1520 | 01/23/2003 04:03 PM 1 tslabels.h 1521 | 01/23/2003 04:03 PM 1 tslabels.ini 1522 | 01/23/2003 04:03 PM 1 tsshutdn.exe 1523 | 01/23/2003 04:03 PM 1 typeperf.exe 1524 | 01/23/2003 04:03 PM 1 tzchange.exe 1525 | 01/23/2003 04:03 PM 1 unicode.nls 1526 | 01/23/2003 04:03 PM 1 unlodctr.exe 1527 | 01/23/2003 04:03 PM 13,312 upnpcont.exe 1528 | 01/23/2003 04:03 PM 1 ups.exe 1529 | 01/23/2003 04:03 PM 1 user.exe 1530 | 01/23/2003 04:03 PM 1 userinit.exe 1531 | 01/23/2003 04:03 PM usmt 1532 | 01/23/2003 04:03 PM 1 usrlogon.cmd 1533 | 01/23/2003 04:03 PM 1 usrmlnka.exe 1534 | 01/23/2003 04:03 PM 1 usrprbda.exe 1535 | 01/23/2003 04:03 PM 1 usrshuta.exe 1536 | 01/23/2003 04:03 PM 1 utilman.exe 1537 | 01/23/2003 04:03 PM 1 v7vga.rom 1538 | 01/23/2003 04:03 PM 1 vbicodec.ax 1539 | 01/23/2003 04:03 PM 1 vbisurf.ax 1540 | 01/23/2003 04:03 PM 8,704 ver.dll 1541 | 01/23/2003 04:03 PM 8,704 verclsid.exe 1542 | 01/23/2003 04:03 PM 8,704 verifier.exe 1543 | 01/23/2003 04:03 PM 1 vga.drv 1544 | 01/23/2003 04:03 PM 8,704 vga256.dll 1545 | 01/23/2003 04:03 PM 1 vidcap.ax 1546 | 01/23/2003 04:03 PM 1 vpcmap.exe 1547 | 01/23/2003 04:03 PM 8,704 vssadmin.exe 1548 | 01/23/2003 04:03 PM 1 vssvc.exe 1549 | 01/23/2003 04:03 PM 1 vwipxspx.exe 1550 | 01/23/2003 04:03 PM 9,216 w32tm.exe 1551 | 01/23/2003 04:03 PM 1 wbcache.deu 1552 | 01/23/2003 04:03 PM 1 wbcache.enu 1553 | 01/23/2003 04:03 PM 1 wbcache.esn 1554 | 01/23/2003 04:03 PM 1 wbcache.fra 1555 | 01/23/2003 04:03 PM 1 wbcache.ita 1556 | 01/23/2003 04:03 PM 1 wbcache.nld 1557 | 01/23/2003 04:03 PM 1 wbcache.sve 1558 | 01/23/2003 04:03 PM 1 wbdbase.enu 1559 | 01/23/2003 04:03 PM wbem 1560 | 01/23/2003 04:03 PM 1 wdl.trm 1561 | 01/23/2003 04:03 PM 1 wdmaud.drv 1562 | 01/23/2003 04:03 PM 54,272 wextract.exe 1563 | 01/23/2003 04:03 PM 1 wfwnet.drv 1564 | 01/23/2003 04:03 PM 1 wiaacmgr.exe 1565 | 01/23/2003 04:03 PM 1 wiasf.ax 1566 | 01/23/2003 04:03 PM 10,752 win.com 1567 | 01/23/2003 04:03 PM 1 winchat.exe 1568 | 01/23/2003 04:03 PM 1 winhelp.hlp 1569 | 01/23/2003 04:03 PM 9,216 winlogon.exe 1570 | 01/23/2003 04:03 PM 1 winmine.exe 1571 | 01/23/2003 04:03 PM 1 winmsd.exe 1572 | 01/23/2003 04:03 PM 1 winnls.dll 1573 | 01/23/2003 04:03 PM 1 winoldap.mod 1574 | 01/23/2003 04:03 PM wins 1575 | 01/23/2003 04:03 PM 1 winspool.exe 1576 | 01/23/2003 04:03 PM 10,752 winver.exe 1577 | 01/23/2003 04:03 PM 1 wmimgmt.msc 1578 | 01/23/2003 04:03 PM 1 wmv8ds32.ax 1579 | 01/23/2003 04:03 PM 1 wmvds32.ax 1580 | 01/23/2003 04:03 PM 1 wowdeb.exe 1581 | 01/23/2003 04:03 PM 1 wowexec.exe 1582 | 01/23/2003 04:03 PM 1 wpa.dbl 1583 | 01/23/2003 04:03 PM 1 wpabaln.exe 1584 | 01/23/2003 04:03 PM 8,704 wpnpinst.exe 1585 | 01/23/2003 04:03 PM 9,216 write.exe 1586 | 01/23/2003 04:03 PM 8,704 wscntfy.exe 1587 | 01/23/2003 04:03 PM 13,824 wscript.exe 1588 | 01/23/2003 04:03 PM 1 wstpager.ax 1589 | 01/23/2003 04:03 PM 1 wstrenderer.ax 1590 | 01/23/2003 04:03 PM 9,216 wuauclt.exe 1591 | 01/23/2003 04:03 PM 1 wuauclt1.exe 1592 | 01/23/2003 04:03 PM 1 wuaucpl.cpl.manifest 1593 | 01/23/2003 04:03 PM 1 wupdmgr.exe 1594 | 01/23/2003 04:03 PM 8,704 xcopy.exe 1595 | 01/23/2003 04:03 PM 1 z_037.nls 1596 | 01/23/2003 04:03 PM 1 z_10000.nls 1597 | 01/23/2003 04:03 PM 1 z_10006.nls 1598 | 01/23/2003 04:03 PM 1 z_10007.nls 1599 | 01/23/2003 04:03 PM 1 z_10010.nls 1600 | 01/23/2003 04:03 PM 1 z_10017.nls 1601 | 01/23/2003 04:03 PM 1 z_10029.nls 1602 | 01/23/2003 04:03 PM 1 z_10079.nls 1603 | 01/23/2003 04:03 PM 1 z_10081.nls 1604 | 01/23/2003 04:03 PM 1 z_10082.nls 1605 | 01/23/2003 04:03 PM 1 z_1026.nls 1606 | 01/23/2003 04:03 PM 1 z_1250.nls 1607 | 01/23/2003 04:03 PM 1 z_1251.nls 1608 | 01/23/2003 04:03 PM 1 z_1252.nls 1609 | 01/23/2003 04:03 PM 1 z_1253.nls 1610 | 01/23/2003 04:03 PM 1 z_1254.nls 1611 | 01/23/2003 04:03 PM 1 z_1255.nls 1612 | 01/23/2003 04:03 PM 1 z_1256.nls 1613 | 01/23/2003 04:03 PM 1 z_1257.nls 1614 | 01/23/2003 04:03 PM 1 z_1258.nls 1615 | 01/23/2003 04:03 PM 1 z_20127.nls 1616 | 01/23/2003 04:03 PM 1 z_20261.nls 1617 | 01/23/2003 04:03 PM 1 z_20866.nls 1618 | 01/23/2003 04:03 PM 1 z_20905.nls 1619 | 01/23/2003 04:03 PM 1 z_21866.nls 1620 | 01/23/2003 04:03 PM 1 z_28591.nls 1621 | 01/23/2003 04:03 PM 1 z_28592.nls 1622 | 01/23/2003 04:03 PM 1 z_28593.nls 1623 | 01/23/2003 04:03 PM 1 z_28594.NLS 1624 | 01/23/2003 04:03 PM 1 z_28595.NLS 1625 | 01/23/2003 04:03 PM 1 z_28597.NLS 1626 | 01/23/2003 04:03 PM 1 z_28598.nls 1627 | 01/23/2003 04:03 PM 1 z_28599.nls 1628 | 01/23/2003 04:03 PM 1 z_28603.nls 1629 | 01/23/2003 04:03 PM 1 z_28605.nls 1630 | 01/23/2003 04:03 PM 1 z_437.nls 1631 | 01/23/2003 04:03 PM 1 z_500.nls 1632 | 01/23/2003 04:03 PM 1 z_775.nls 1633 | 01/23/2003 04:03 PM 1 z_850.nls 1634 | 01/23/2003 04:03 PM 1 z_852.nls 1635 | 01/23/2003 04:03 PM 1 z_855.nls 1636 | 01/23/2003 04:03 PM 1 z_857.nls 1637 | 01/23/2003 04:03 PM 1 z_860.nls 1638 | 01/23/2003 04:03 PM 1 z_861.nls 1639 | 01/23/2003 04:03 PM 1 z_863.nls 1640 | 01/23/2003 04:03 PM 1 z_865.nls 1641 | 01/23/2003 04:03 PM 1 z_866.nls 1642 | 01/23/2003 04:03 PM 1 z_869.nls 1643 | 01/23/2003 04:03 PM 1 z_874.nls 1644 | 01/23/2003 04:03 PM 1 z_875.nls 1645 | 01/23/2003 04:03 PM 1 z_932.nls 1646 | 01/23/2003 04:03 PM 1 z_936.nls 1647 | 01/23/2003 04:03 PM 1 z_949.nls 1648 | 01/23/2003 04:03 PM 1 z_950.nls 1649 | 1650 | Directory of C:\WINDOWS\SYSTEM32\1025 1651 | 1652 | 01/23/2003 04:03 PM . 1653 | 01/23/2003 04:03 PM .. 1654 | 01/23/2003 04:03 PM 1 __empty 1655 | 1656 | Directory of C:\WINDOWS\SYSTEM32\1028 1657 | 1658 | 01/23/2003 04:03 PM . 1659 | 01/23/2003 04:03 PM .. 1660 | 01/23/2003 04:03 PM 1 __empty 1661 | 1662 | Directory of C:\WINDOWS\SYSTEM32\1031 1663 | 1664 | 01/23/2003 04:03 PM . 1665 | 01/23/2003 04:03 PM .. 1666 | 01/23/2003 04:03 PM 1 __empty 1667 | 1668 | Directory of C:\WINDOWS\SYSTEM32\1033 1669 | 1670 | 01/23/2003 04:03 PM . 1671 | 01/23/2003 04:03 PM .. 1672 | 01/23/2003 04:03 PM 1 __empty 1673 | 1674 | Directory of C:\WINDOWS\SYSTEM32\1037 1675 | 1676 | 01/23/2003 04:03 PM . 1677 | 01/23/2003 04:03 PM .. 1678 | 01/23/2003 04:03 PM 1 __empty 1679 | 1680 | Directory of C:\WINDOWS\SYSTEM32\1041 1681 | 1682 | 01/23/2003 04:03 PM . 1683 | 01/23/2003 04:03 PM .. 1684 | 01/23/2003 04:03 PM 1 __empty 1685 | 1686 | Directory of C:\WINDOWS\SYSTEM32\1042 1687 | 1688 | 01/23/2003 04:03 PM . 1689 | 01/23/2003 04:03 PM .. 1690 | 01/23/2003 04:03 PM 1 __empty 1691 | 1692 | Directory of C:\WINDOWS\SYSTEM32\1054 1693 | 1694 | 01/23/2003 04:03 PM . 1695 | 01/23/2003 04:03 PM .. 1696 | 01/23/2003 04:03 PM 1 __empty 1697 | 1698 | Directory of C:\WINDOWS\SYSTEM32\2052 1699 | 1700 | 01/23/2003 04:03 PM . 1701 | 01/23/2003 04:03 PM .. 1702 | 01/23/2003 04:03 PM 1 __empty 1703 | 1704 | Directory of C:\WINDOWS\SYSTEM32\3076 1705 | 1706 | 01/23/2003 04:03 PM . 1707 | 01/23/2003 04:03 PM .. 1708 | 01/23/2003 04:03 PM 1 __empty 1709 | 1710 | Directory of C:\WINDOWS\SYSTEM32\CatRoot 1711 | 1712 | 01/23/2003 04:03 PM . 1713 | 01/23/2003 04:03 PM .. 1714 | 01/23/2003 04:03 PM 1 __empty 1715 | 1716 | Directory of C:\WINDOWS\SYSTEM32\CatRoot2 1717 | 1718 | 01/23/2003 04:03 PM . 1719 | 01/23/2003 04:03 PM .. 1720 | 01/23/2003 04:03 PM 1 __empty 1721 | 1722 | Directory of C:\WINDOWS\SYSTEM32\DirectX 1723 | 1724 | 01/23/2003 04:03 PM . 1725 | 01/23/2003 04:03 PM .. 1726 | 01/23/2003 04:03 PM 1 __empty 1727 | 1728 | Directory of C:\WINDOWS\SYSTEM32\IME 1729 | 1730 | 01/23/2003 04:03 PM . 1731 | 01/23/2003 04:03 PM .. 1732 | 01/23/2003 04:03 PM 1 __empty 1733 | 1734 | Directory of C:\WINDOWS\SYSTEM32\Microsoft 1735 | 1736 | 01/23/2003 04:03 PM . 1737 | 01/23/2003 04:03 PM .. 1738 | 01/23/2003 04:03 PM 1 __empty 1739 | 1740 | Directory of C:\WINDOWS\SYSTEM32\Restore 1741 | 1742 | 01/23/2003 04:03 PM . 1743 | 01/23/2003 04:03 PM .. 1744 | 01/23/2003 04:03 PM 1 __empty 1745 | 1746 | Directory of C:\WINDOWS\SYSTEM32\Setup 1747 | 1748 | 01/23/2003 04:03 PM . 1749 | 01/23/2003 04:03 PM .. 1750 | 01/23/2003 04:03 PM 1 __empty 1751 | 1752 | Directory of C:\WINDOWS\SYSTEM32\ShellExt 1753 | 1754 | 01/23/2003 04:03 PM . 1755 | 01/23/2003 04:03 PM .. 1756 | 01/23/2003 04:03 PM 1 __empty 1757 | 1758 | Directory of C:\WINDOWS\SYSTEM32\bits 1759 | 1760 | 01/23/2003 04:03 PM . 1761 | 01/23/2003 04:03 PM .. 1762 | 01/23/2003 04:03 PM 1 __empty 1763 | 1764 | Directory of C:\WINDOWS\SYSTEM32\com 1765 | 1766 | 01/23/2003 04:03 PM . 1767 | 01/23/2003 04:03 PM .. 1768 | 01/23/2003 04:03 PM 1 __empty 1769 | 1770 | Directory of C:\WINDOWS\SYSTEM32\config 1771 | 1772 | 01/23/2003 04:03 PM . 1773 | 01/23/2003 04:03 PM .. 1774 | 01/23/2003 04:03 PM 1 __empty 1775 | 1776 | Directory of C:\WINDOWS\SYSTEM32\dhcp 1777 | 1778 | 01/23/2003 04:03 PM . 1779 | 01/23/2003 04:03 PM .. 1780 | 01/23/2003 04:03 PM 1 __empty 1781 | 1782 | Directory of C:\WINDOWS\SYSTEM32\dllcache 1783 | 1784 | 01/23/2003 04:03 PM . 1785 | 01/23/2003 04:03 PM .. 1786 | 01/23/2003 04:03 PM 1 __empty 1787 | 1788 | Directory of C:\WINDOWS\SYSTEM32\drivers 1789 | 1790 | 01/23/2003 04:03 PM . 1791 | 01/23/2003 04:03 PM .. 1792 | 01/23/2003 04:03 PM 1,792 acpi.sys 1793 | 01/23/2003 04:03 PM 1,664 asyncmac.sys 1794 | 01/23/2003 04:03 PM etc 1795 | 01/23/2003 04:03 PM 5,760 fastfat.sys 1796 | 01/23/2003 04:03 PM 1 gmreadme.txt 1797 | 01/23/2003 04:03 PM 263,936 ntfs.sys 1798 | 01/23/2003 04:03 PM root 1799 | 1800 | Directory of C:\WINDOWS\SYSTEM32\drivers\etc 1801 | 1802 | 01/23/2003 04:03 PM . 1803 | 01/23/2003 04:03 PM .. 1804 | 01/23/2003 04:03 PM 761 hosts 1805 | 1806 | Directory of C:\WINDOWS\SYSTEM32\drivers\root 1807 | 1808 | 01/23/2003 04:03 PM . 1809 | 01/23/2003 04:03 PM .. 1810 | 01/23/2003 04:03 PM system 1811 | 1812 | Directory of C:\WINDOWS\SYSTEM32\drivers\root\system 1813 | 1814 | 01/23/2003 04:03 PM . 1815 | 01/23/2003 04:03 PM .. 1816 | 01/23/2003 04:03 PM 1 __empty 1817 | 1818 | Directory of C:\WINDOWS\SYSTEM32\en 1819 | 1820 | 01/23/2003 04:03 PM . 1821 | 01/23/2003 04:03 PM .. 1822 | 01/23/2003 04:03 PM 1 __empty 1823 | 1824 | Directory of C:\WINDOWS\SYSTEM32\en-us 1825 | 1826 | 01/23/2003 04:03 PM . 1827 | 01/23/2003 04:03 PM .. 1828 | 01/23/2003 04:03 PM 1 __empty 1829 | 1830 | Directory of C:\WINDOWS\SYSTEM32\export 1831 | 1832 | 01/23/2003 04:03 PM . 1833 | 01/23/2003 04:03 PM .. 1834 | 01/23/2003 04:03 PM 1 __empty 1835 | 1836 | Directory of C:\WINDOWS\SYSTEM32\ias 1837 | 1838 | 01/23/2003 04:03 PM . 1839 | 01/23/2003 04:03 PM .. 1840 | 01/23/2003 04:03 PM 1 __empty 1841 | 1842 | Directory of C:\WINDOWS\SYSTEM32\inetsrv 1843 | 1844 | 01/23/2003 04:03 PM . 1845 | 01/23/2003 04:03 PM .. 1846 | 01/23/2003 04:03 PM 1 __empty 1847 | 1848 | Directory of C:\WINDOWS\SYSTEM32\mui 1849 | 1850 | 01/23/2003 04:03 PM . 1851 | 01/23/2003 04:03 PM .. 1852 | 01/23/2003 04:03 PM 1 __empty 1853 | 1854 | Directory of C:\WINDOWS\SYSTEM32\oobe 1855 | 1856 | 01/23/2003 04:03 PM . 1857 | 01/23/2003 04:03 PM .. 1858 | 01/23/2003 04:03 PM 1 __empty 1859 | 1860 | Directory of C:\WINDOWS\SYSTEM32\ras 1861 | 1862 | 01/23/2003 04:03 PM . 1863 | 01/23/2003 04:03 PM .. 1864 | 01/23/2003 04:03 PM 1 __empty 1865 | 1866 | Directory of C:\WINDOWS\SYSTEM32\scripting 1867 | 1868 | 01/23/2003 04:03 PM . 1869 | 01/23/2003 04:03 PM .. 1870 | 01/23/2003 04:03 PM 1 __empty 1871 | 1872 | Directory of C:\WINDOWS\SYSTEM32\spool 1873 | 1874 | 01/23/2003 04:03 PM . 1875 | 01/23/2003 04:03 PM .. 1876 | 01/23/2003 04:03 PM 1 __empty 1877 | 1878 | Directory of C:\WINDOWS\SYSTEM32\usmt 1879 | 1880 | 01/23/2003 04:03 PM . 1881 | 01/23/2003 04:03 PM .. 1882 | 01/23/2003 04:03 PM 1 __empty 1883 | 1884 | Directory of C:\WINDOWS\SYSTEM32\wbem 1885 | 1886 | 01/23/2003 04:03 PM . 1887 | 01/23/2003 04:03 PM .. 1888 | 01/23/2003 04:03 PM 1 __empty 1889 | 1890 | Directory of C:\WINDOWS\SYSTEM32\wins 1891 | 1892 | 01/23/2003 04:03 PM . 1893 | 01/23/2003 04:03 PM .. 1894 | 01/23/2003 04:03 PM 1 __empty 1895 | 1896 | Directory of C:\WINDOWS\System 1897 | 1898 | 01/23/2003 04:03 PM . 1899 | 01/23/2003 04:03 PM .. 1900 | 01/23/2003 04:03 PM 1 __empty 1901 | 1902 | Directory of C:\WINDOWS\TEMP 1903 | 1904 | 01/23/2003 04:03 PM . 1905 | 01/23/2003 04:03 PM .. 1906 | 01/23/2003 04:03 PM 1 __empty 1907 | 1908 | Directory of C:\WINDOWS\Web 1909 | 1910 | 01/23/2003 04:03 PM . 1911 | 01/23/2003 04:03 PM .. 1912 | 01/23/2003 04:03 PM 1 __empty 1913 | ``` 1914 | --------------------------------------------------------------------------------