|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
Kone ruvennu kaatuilemaan hjt logi
|
|
|
Helppu
Junior Member
|
8. helmikuuta 2009 @ 22:01 |
Linkki tähän viestiin
|
Eli tietokone kesken pelaamisen on jähmettynyt about kaheks sekunniks ja sitten seonnu täysin ja restartannu ittensä, tätä on tapahtunu jo 6 kertaa, apu olisi tarpeen. Tässä on hjt logi:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:59:42, on 8.2.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\program files\valve\steam\steam.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsu...b?1205517942521
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Share...n/bin/cabsa.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe
--
End of file - 8154 bytes
|
|
Hujo
Suspended permanently
|
8. helmikuuta 2009 @ 22:09 |
Linkki tähän viestiin
|
Poista lisää poista sovelutuksesta
AskBar
Ask Toolbar
Poista kansio vikasiedossa
C:\Program Files\AskBarDis
============
Scannaa hjt:llä merkkaa paina Fix checked
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
==============
Lataa Malwarebytes' Anti-Malware työpöydällesi.
1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi
Voiko tietsikka koskaan toimia?
|
|
Helppu
Junior Member
|
8. helmikuuta 2009 @ 23:41 |
Linkki tähän viestiin
|
Nooni, poistettu poista tai lisää jutskan avulla mutta program fileseista ei löytynyt sitä tiedostoa joka olisi pitänyt poistaa. Hjt jutskat tehty ja Malwarebytes Anti-Malware logi tulee tässä:
Malwarebytes' Anti-Malware 1.25
Tietokantaversio: 1078
Windows 5.1.2600 Service Pack 2
23:30:58 8.2.2009
mbam-log-02-08-2009 (23-30-58).txt
Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 285971
Kulunut aika: 1 hour(s), 1 minute(s), 37 second(s)
Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 1
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 0
Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)
Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisteriavaimia:
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)
Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)
Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)
Onko OK vai joudunko vielä kenties vetämään vielä kierroksen hjteellä?
ja suuri kiitos jo etukäteen, oon iha avuton vähänki meseviirusta kovemmissa asioissa.
|
|
Hujo
Suspended permanently
|
9. helmikuuta 2009 @ 00:18 |
Linkki tähän viestiin
|
|
Malwarebytes' Anti-Malware päivitä sitten täysi scannaus
Voiko tietsikka koskaan toimia?
|
|
Helppu
Junior Member
|
9. helmikuuta 2009 @ 15:02 |
Linkki tähän viestiin
|
|
Nonni, päivitetty, ja täs logi:
Tietokantaversio: 1740
Windows 5.1.2600 Service Pack 2
9.2.2009 14:24:52
mbam-log-2009-02-09 (14-24-52).txt
Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 297325
Kulunut aika: 1 hour(s), 11 minute(s), 47 second(s)
Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 1
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 3
Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)
Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)
Saastuneita rekisterikohteita:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> Quarantined and deleted successfully.
Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)
Saastuneita tiedostoja:
C:\WINDOWS\TEMP\tdsse348.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\tdsse55b.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\tdsse887.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
|
|
Hujo
Suspended permanently
|
9. helmikuuta 2009 @ 15:29 |
Linkki tähän viestiin
|
Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi.
Käynnistä koneesi vikasietotilaan:
sammuta ja käynnistä
käynnistyksen yhteydessä hakkaa F8 nappia
valitse nuolinäppäimellä vikasietotila
paina enter ja enter
valitse käyttäjätilisi
paina kyllä
Jossakin koneissa hakataan F8:sin sijasta F5:tä
" Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix.
" Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman.
" Paina Y käynnistääksesi skriptin.
" Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot".
" Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen.
" Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta.
" Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished".
" Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle.
" Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera.
Voiko tietsikka koskaan toimia?
|
|
Helppu
Junior Member
|
9. helmikuuta 2009 @ 16:01 |
Linkki tähän viestiin
|
Oukkei, tehty, tässä tulee Reportti ja hjt logi:
SDFix: Version 1.240
Run by Eemeli on ma 09.02.2009 at 15:39
Microsoft Windows XP [versio 5.1.2600]
Running From: C:\Documents and Settings\Eemeli\Ty?p?yt?\SDFix
Checking Services :
Name :
tdssserv
Path :
\systemroot\system32\drivers\tdssserv.sys
tdssserv - Deleted
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
Checking Files :
Trojan Files Found:
C:\DOCUME~1\Eemeli\LOCALS~1\Temp\tmp7F.tmp - Deleted
C:\DOCUME~1\Eemeli\LOCALS~1\Temp\tmp8E.tmp - Deleted
C:\WINDOWS\system32\drivers\tdssserv.sys - Deleted
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-09 15:50:53
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\00015300cf08]
"0012d2afca4e"=hex:63,7d,61,23,11,8b,5e,fd,4a,c0,1d,a0,75,2e,1a,01
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:c5,41,2e,e7,6c,af,6b,0c,55,f3,ab,83,27,7c,92,dd,08,49,2c,bc,49,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,47,54,16,a7,5d,72,ae,e3,53,08,95,78,d9,05,82,c9,19,..
"khjeh"=hex:8c,d8,51,d0,1f,fc,39,cc,a5,8b,7e,a8,4a,9c,23,ea,d4,5c,a5,56,bd,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:67,65,4a,3c,3a,cf,ae,88,44,12,a6,a2,5c,13,59,e6,8c,c5,9e,91,8b,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:77,19,f5,4d,24,78,4f,c0,8d,37,53,81,62,73,bf,44,b4,a4,77,5c,ab,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:f5,53,cd,7d,d3,00,97,c8,d5,a6,a4,f9,eb,47,0c,f7,8f,18,8a,3c,92,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:f5,53,cd,7d,d3,00,97,c8,d5,a6,a4,f9,eb,47,0c,f7,8f,18,8a,3c,92,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00015300cf08]
"0012d2afca4e"=hex:63,7d,61,23,11,8b,5e,fd,4a,c0,1d,a0,75,2e,1a,01
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:c5,41,2e,e7,6c,af,6b,0c,55,f3,ab,83,27,7c,92,dd,08,49,2c,bc,49,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,47,54,16,a7,5d,72,ae,e3,53,08,95,78,d9,05,82,c9,19,..
"khjeh"=hex:8e,e7,9f,23,cd,13,c4,ce,7d,2a,2e,90,07,8e,0d,ed,ed,fd,82,48,dd,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:77,ae,8a,96,c8,86,28,0d,5c,14,ee,64,7d,a2,f1,42,34,4d,c6,9b,a1,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:77,ae,8a,96,c8,86,28,0d,5c,14,ee,64,7d,a2,f1,42,34,4d,c6,9b,a1,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:0a,a1,ed,72,6f,40,65,a9,4d,15,6e,a9,33,46,54,03,d1,48,3a,b7,f0,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:f5,53,cd,7d,d3,00,97,c8,d5,a6,a4,f9,eb,47,0c,f7,8f,18,8a,3c,92,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00015300cf08]
"0012d2afca4e"=hex:63,7d,61,23,11,8b,5e,fd,4a,c0,1d,a0,75,2e,1a,01
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:c5,41,2e,e7,6c,af,6b,0c,55,f3,ab,83,27,7c,92,dd,08,49,2c,bc,49,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,47,54,16,a7,5d,72,ae,e3,53,08,95,78,d9,05,82,c9,19,..
"khjeh"=hex:8e,e7,9f,23,cd,13,c4,ce,7d,2a,2e,90,07,8e,0d,ed,ed,fd,82,48,dd,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:77,ae,8a,96,c8,86,28,0d,5c,14,ee,64,7d,a2,f1,42,34,4d,c6,9b,a1,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:77,ae,8a,96,c8,86,28,0d,5c,14,ee,64,7d,a2,f1,42,34,4d,c6,9b,a1,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:0a,a1,ed,72,6f,40,65,a9,4d,15,6e,a9,33,46,54,03,d1,48,3a,b7,f0,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:f5,53,cd,7d,d3,00,97,c8,d5,a6,a4,f9,eb,47,0c,f7,8f,18,8a,3c,92,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Documents and Settings\\Eemeli\\Ty?p?yt?\\Speden pelit\\HD2\\HD2_SabreSquadron.exe"="C:\\Documents and Settings\\Eemeli\\Ty?p?yt?\\Speden pelit\\HD2\\HD2_SabreSquadron.exe:*:Enabled:HD2_SabreSquadron"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\sauli26\\team fortress 2\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\sauli26\\team fortress 2\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\raqoo\\team fortress 2\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\raqoo\\team fortress 2\\hl2.exe:*:Enabled:hl2"
"C:\\Team17\\Worms2\\Frontend.exe"="C:\\Team17\\Worms2\\Frontend.exe:*:Enabled:Worms 2 Frontend"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\garrysmod\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\garrysmod\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Valve\\Steam\\Steam.exe"="C:\\Program Files\\Valve\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\team fortress 2\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\team fortress 2\\hl2.exe:*:Enabled:hl2"
"C:\\WINDOWS\\system32\\a.exe"="C:\\WINDOWS\\system32\\a.exe:*:Disabled:a"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\counter-strike source\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\counter-strike source\\hl2.exe:*:Enabled:hl2"
"C:\\Documents and Settings\\Eemeli\\Ty?p?yt?\\Kaiken maailman ohjelmii\\VNC\\VNC Tihee\\WinVNC.exe"="C:\\Documents and Settings\\Eemeli\\Ty?p?yt?\\Kaiken maailman ohjelmii\\VNC\\VNC Tihee\\WinVNC.exe:*:Enabled:TightVNC Win32 Server"
"C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\zombie panic! source\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\zombie panic! source\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\synergy\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\synergy\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Sony\\Media Manager for PSP\\MediaManager.exe"="C:\\Program Files\\Sony\\Media Manager for PSP\\MediaManager.exe:*:Enabled:Media Manager for PSP 3.0"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\TmNationsForever\\TmForever.exe"="C:\\Program Files\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\raqoo\\counter-strike source\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\raqoo\\counter-strike source\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\common\\peggle extreme\\PeggleExtreme.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\common\\peggle extreme\\PeggleExtreme.exe:*:Enabled:Peggle Extreme"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\rag doll kung fu demo\\Rag_Doll_Kung_Fu_Steam.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\rag doll kung fu demo\\Rag_Doll_Kung_Fu_Steam.exe:*:Enabled:Rag Doll Kung Fu Demo"
"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"="C:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Remaining Files :
File Backups: - C:\DOCUME~1\Eemeli\TYPYT~1\SDFix\backups\backups.zip
Files with Hidden Attributes :
Tue 13 Jan 2009 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 6 Dec 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Finished!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:59:46, on 9.2.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\program files\valve\steam\steam.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsu...b?1205517942521
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Share...n/bin/cabsa.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe
--
End of file - 7340 bytes
|
|
Hujo
Suspended permanently
|
9. helmikuuta 2009 @ 16:18 |
Linkki tähän viestiin
|
|
Mikäs on koneen toiminta
Voiko tietsikka koskaan toimia?
|
|
Helppu
Junior Member
|
9. helmikuuta 2009 @ 17:43 |
Linkki tähän viestiin
|
|
Eipä oo seonnu ainakaa vielä, mutta jos tämä oli tässä niin kiitos paljon avusta. Jos ongelma jatkuu nii sit se on jostain muusta varmaankin.
|
|
Hujo
Suspended permanently
|
10. helmikuuta 2009 @ 00:16 |
Linkki tähän viestiin
|
1.Lataa Combofix.exe työpöydällesi yhdestä linkistä:
Combofix1
Combofix2
älä asenna palautus consolia
2. Tuplaklikkaa Combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
Voiko tietsikka koskaan toimia?
|
|
Helppu
Junior Member
|
10. helmikuuta 2009 @ 17:01 |
Linkki tähän viestiin
|
Tässä:
"Eemeli" - 2009-02-10 16:55:29 Service Pack 2
ComboFix 07-05.27.BV - Running from: "C:\Documents and Settings\Eemeli\Ty?p?yt?\Kaiken maailman ohjelmii\"
((((((((((((((((((((((((((((((( Files Created from 2009-01-10 to 2009-02-10 ))))))))))))))))))))))))))))))))))
2009-02-08 14:56 <KANSIO> d-------- C:\DOCUME~1\Eemeli\APPLIC~1\Apple Computer
2009-02-02 20:18 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
2009-02-02 20:17 <KANSIO> d-------- C:\WINDOWS\A7E07C2B2220441587E3784D5814BC93.TMP
2009-02-02 20:16 <KANSIO> d-------- C:\WINDOWS\nview
2009-02-02 19:57 <KANSIO> d-------- C:\WINDOWS\NV36041060.TMP
2009-02-02 19:36 <KANSIO> d-------- C:\WINDOWS\system32\AGEIA
2009-02-02 19:36 <KANSIO> d-------- C:\Program Files\AGEIA Technologies
2009-02-02 19:35 <KANSIO> d-------- C:\WINDOWS\NV40724076.TMP
2009-02-02 19:34 <KANSIO> d-------- C:\NVIDIA
2009-02-01 13:22 <KANSIO> d-------- C:\Program Files\DVDVideoSoft
2009-02-01 13:22 <KANSIO> d-------- C:\Program Files\Common Files\DVDVideoSoft
2009-01-18 17:42 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2009-01-18 17:42 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
2009-01-18 17:42 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2009-01-18 17:42 <KANSIO> d-------- C:\Program Files\Common Files\AVSMedia
2009-01-18 17:42 <KANSIO> d-------- C:\Program Files\AVS4YOU
2009-01-18 17:42 <KANSIO> d-------- C:\DOCUME~1\Eemeli\APPLIC~1\AVS4YOU
2009-01-18 17:42 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2009-02-10 14:24:08 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\WTablet
2009-02-09 10:31:45 -------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2009-02-08 11:19:46 -------- d-----w C:\Program Files\StepMania
2009-02-04 15:14:02 45 ----a-w C:\WINDOWS\popcinfot.dat
2009-02-04 15:14:02 -------- d-----w C:\Program Files\Peggle Nights Deluxe
2009-02-02 21:24:15 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2009-02-02 18:18:43 8 ----a-w C:\WINDOWS\system32\nvModes.dat
2009-02-01 11:21:02 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\LimeWire
2009-01-31 11:21:18 -------- d--h--w C:\Program Files\InstallShield Installation Information
2009-01-21 21:39:24 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\Azureus
2009-01-15 06:19:00 9,412,608 ----a-w C:\WINDOWS\system32\nvoglnt.dll
2009-01-15 06:19:00 86,016 ----a-w C:\WINDOWS\system32\nvmctray.dll
2009-01-15 06:19:00 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
2009-01-15 06:19:00 801,312 ----a-w C:\WINDOWS\system32\nvcplui.exe
2009-01-15 06:19:00 663,552 ----a-w C:\WINDOWS\system32\nvapi.dll
2009-01-15 06:19:00 6,301,248 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
2009-01-15 06:19:00 6,168,960 ----a-w C:\WINDOWS\system32\nv4_disp.dll
2009-01-15 06:19:00 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2009-01-15 06:19:00 453,152 ----a-w C:\WINDOWS\system32\nvudisp.exe
2009-01-15 06:19:00 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2009-01-15 06:19:00 449,056 ----a-w C:\WINDOWS\system32\nvappbar.exe
2009-01-15 06:19:00 436,768 ----a-w C:\WINDOWS\system32\keystone.exe
2009-01-15 06:19:00 4,710,400 ----a-w C:\WINDOWS\system32\nvdisps.dll
2009-01-15 06:19:00 3,796,992 ----a-w C:\WINDOWS\system32\nvvitvs.dll
2009-01-15 06:19:00 3,489,792 ----a-w C:\WINDOWS\system32\nvgames.dll
2009-01-15 06:19:00 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll
2009-01-15 06:19:00 2,744,320 ----a-w C:\WINDOWS\system32\nvwss.dll
2009-01-15 06:19:00 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll
2009-01-15 06:19:00 163,908 ----a-w C:\WINDOWS\system32\nvsvc32.exe
2009-01-15 06:19:00 143,360 ----a-w C:\WINDOWS\system32\nvcolor.exe
2009-01-15 06:19:00 135,168 ----a-w C:\WINDOWS\system32\nvcodins.dll
2009-01-15 06:19:00 135,168 ----a-w C:\WINDOWS\system32\nvcod.dll
2009-01-15 06:19:00 13,680,640 ----a-w C:\WINDOWS\system32\nvcpl.dll
2009-01-15 06:19:00 1,724,416 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll
2009-01-15 06:19:00 1,657,376 ----a-w C:\WINDOWS\system32\nwiz.exe
2009-01-15 06:19:00 1,560,576 ----a-w C:\WINDOWS\system32\nvcuda.dll
2009-01-15 06:19:00 1,507,328 ----a-w C:\WINDOWS\system32\nview.dll
2009-01-15 06:19:00 1,346,080 ----a-w C:\WINDOWS\system32\nvdspsch.exe
2009-01-15 06:19:00 1,286,144 ----a-w C:\WINDOWS\system32\nvmobls.dll
2009-01-15 06:19:00 1,101,824 ----a-w C:\WINDOWS\system32\nvwimg.dll
2009-01-14 14:11:32 38,496 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2009-01-14 14:11:28 15,504 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2009-01-13 16:12:58 -------- d-----w C:\Program Files\LimeWire
2009-01-07 09:28:30 453,152 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2009-01-03 12:09:36 -------- d-----w C:\Program Files\Cheat Engine
2008-12-24 10:05:51 410,984 ----a-w C:\WINDOWS\system32\deploytk.dll
2008-12-22 19:05:22 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\Skype
2008-12-22 19:04:30 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\skypePM
2008-12-11 11:57:21 333,184 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-12-10 07:45:48 70,936 ----a-w C:\WINDOWS\system32\PhysXLoader.dll
2008-12-04 07:28:20 24,344 ----a-w C:\WINDOWS\system32\PhysXDevice.dll
2008-11-26 06:55:02 288,024 ----a-w C:\WINDOWS\system32\PhysXCplUI.exe
2008-11-25 06:38:10 288,024 ----a-w C:\WINDOWS\system32\PhysXCompatCplUI.exe
2008-11-12 19:18:40 80,806 ----a-w C:\WINDOWS\system32\perfc00B.dat
2008-11-12 19:18:40 407,306 ----a-w C:\WINDOWS\system32\perfh00B.dat
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-24 12:05]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 10:30]
{DBC80044-A445-435b-BC74-9C25C1C588A9}=C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-24 12:05]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C}=C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-24 12:05]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C6501Sound"="c6501.cpl" []
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-01-16 00:54]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-15 14:00 C:\WINDOWS\system32\bthprops.cpl]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-07 10:47]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 08:47]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 14:00]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"Steam"="c:\program files\valve\steam\steam.exe" [2008-10-08 14:38]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8e-5f12-11dd-9516-001966572726}]
AutoRun\command- H:\EasySuite.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8f-5f12-11dd-9516-001966572726}]
AutoRun\command- H:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b860725e-f1fa-11dc-a82f-806d6172696f}]
AutoRun\command- E:\Bin\assetup.exe
Contents of the 'Scheduled Tasks' folder
2009-02-07 22:45:00 C:\WINDOWS\tasks\At1.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At10.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At11.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At12.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At13.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At14.job
2009-02-09 12:00:00 C:\WINDOWS\tasks\At15.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At16.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At17.job
2009-02-09 15:00:00 C:\WINDOWS\tasks\At18.job
2009-02-09 16:00:00 C:\WINDOWS\tasks\At19.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At2.job
2009-02-09 17:00:00 C:\WINDOWS\tasks\At20.job
2009-02-09 18:00:00 C:\WINDOWS\tasks\At21.job
2009-02-09 19:00:00 C:\WINDOWS\tasks\At22.job
2009-02-09 20:00:00 C:\WINDOWS\tasks\At23.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At24.job
2009-02-07 22:06:00 C:\WINDOWS\tasks\At25.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At26.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At27.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At28.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At29.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At3.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At30.job
2008-07-18 03:00:10 C:\WINDOWS\tasks\At31.job
2008-07-18 04:00:10 C:\WINDOWS\tasks\At32.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At33.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At34.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At35.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At36.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At37.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At38.job
2009-02-09 12:00:01 C:\WINDOWS\tasks\At39.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At4.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At40.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At41.job
2009-02-09 15:00:00 C:\WINDOWS\tasks\At42.job
2009-02-09 16:00:00 C:\WINDOWS\tasks\At43.job
2009-02-09 17:00:00 C:\WINDOWS\tasks\At44.job
2009-02-09 18:00:00 C:\WINDOWS\tasks\At45.job
2009-02-09 19:00:00 C:\WINDOWS\tasks\At46.job
2009-02-09 20:00:00 C:\WINDOWS\tasks\At47.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At48.job
2009-02-07 22:37:00 C:\WINDOWS\tasks\At49.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At5.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At50.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At51.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At52.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At53.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At54.job
2008-07-19 21:38:34 C:\WINDOWS\tasks\At55.job
2008-07-19 21:38:34 C:\WINDOWS\tasks\At56.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At57.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At58.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At59.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At6.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At60.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At61.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At62.job
2009-02-09 12:00:01 C:\WINDOWS\tasks\At63.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At64.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At65.job
2009-02-09 15:00:00 C:\WINDOWS\tasks\At66.job
2009-02-09 16:00:00 C:\WINDOWS\tasks\At67.job
2009-02-09 17:00:00 C:\WINDOWS\tasks\At68.job
2009-02-09 18:00:00 C:\WINDOWS\tasks\At69.job
2008-07-18 03:00:01 C:\WINDOWS\tasks\At7.job
2009-02-09 19:00:00 C:\WINDOWS\tasks\At70.job
2009-02-09 20:00:00 C:\WINDOWS\tasks\At71.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At72.job
2008-07-18 04:00:01 C:\WINDOWS\tasks\At8.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At9.job
********************************************************************
catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-10 16:58:40
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
********************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\JavaQuickStarterService]
"ImagePath"="\"C:\Program Files\Java\jre6\bin\jqs.exe\" -service -config \"C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf\""
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001000-0000-1000-8000-00805f9b34fb}]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001115-0000-1000-8000-00805f9b34fb}]
Completion time: 2009-02-10 16:58:54
C:\ComboFix-quarantined-files.txt ... 2009-02-10 16:58
C:\ComboFix2.txt ... 2008-05-30 22:07
--- E O F ---
|
|
Hujo
Suspended permanently
|
10. helmikuuta 2009 @ 17:41 |
Linkki tähän viestiin
|
Nyt tuon alla olevan lainauksen sisällön Kopioit / liität Tyhjään muistioon
käynnistä nappi >apuohjelmat > muistio
Lainaus:
File::
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At10.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At12.job
C:\WINDOWS\tasks\At13.job
C:\WINDOWS\tasks\At14.job
C:\WINDOWS\tasks\At15.job
C:\WINDOWS\tasks\At16.job
C:\WINDOWS\tasks\At17.job
C:\WINDOWS\tasks\At18.job
C:\WINDOWS\tasks\At19.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At20.job
C:\WINDOWS\tasks\At21.job
C:\WINDOWS\tasks\At22.job
C:\WINDOWS\tasks\At23.job
C:\WINDOWS\tasks\At24.job
C:\WINDOWS\tasks\At25.job
C:\WINDOWS\tasks\At26.job
C:\WINDOWS\tasks\At27.job
C:\WINDOWS\tasks\At28.job
C:\WINDOWS\tasks\At29.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At30.job
C:\WINDOWS\tasks\At31.job
C:\WINDOWS\tasks\At32.job
C:\WINDOWS\tasks\At33.job
C:\WINDOWS\tasks\At34.job
C:\WINDOWS\tasks\At35.job
C:\WINDOWS\tasks\At36.job
C:\WINDOWS\tasks\At37.job
C:\WINDOWS\tasks\At38.job
C:\WINDOWS\tasks\At39.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At40.job
C:\WINDOWS\tasks\At41.job
C:\WINDOWS\tasks\At42.job
C:\WINDOWS\tasks\At43.job
C:\WINDOWS\tasks\At44.job
C:\WINDOWS\tasks\At45.job
C:\WINDOWS\tasks\At46.job
C:\WINDOWS\tasks\At47.job
C:\WINDOWS\tasks\At48.job
C:\WINDOWS\tasks\At49.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At50.job
C:\WINDOWS\tasks\At52.job
C:\WINDOWS\tasks\At53.job
C:\WINDOWS\tasks\At54.job
C:\WINDOWS\tasks\At55.job
C:\WINDOWS\tasks\At56.job
C:\WINDOWS\tasks\At57.job
C:\WINDOWS\tasks\At58.job
C:\WINDOWS\tasks\At59.job
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At60.job
C:\WINDOWS\tasks\At61.job
C:\WINDOWS\tasks\At62.job
C:\WINDOWS\tasks\At63.job
C:\WINDOWS\tasks\At64.job
C:\WINDOWS\tasks\At65.job
C:\WINDOWS\tasks\At66.job
C:\WINDOWS\tasks\At67.job
C:\WINDOWS\tasks\At68.job
C:\WINDOWS\tasks\At69.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At70.job
C:\WINDOWS\tasks\At71.job
C:\WINDOWS\tasks\At72.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\At9.job
Tallenna se nimellä CFScript.txt työpöydälle
Sitten raahaa CFScript ComboFix.exeen kuten alla.
Laita tuleva loki tänne.
Sammutat ja käynnistät koneen
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 10. helmikuuta 2009 @ 17:43
|
|
Helppu
Junior Member
|
10. helmikuuta 2009 @ 21:16 |
Linkki tähän viestiin
|
Tässä on:
"Eemeli" - 2009-02-10 20:13:24 Service Pack 2
ComboFix 07-05.27.BV - Running from: "C:\Documents and Settings\Eemeli\"
Command switches used :: ""C:\Documents and Settings\Eemeli\Ty?p?yt?\CFSscript.txt""
((((((((((((((((((((((((((((((( Files Created from 2009-01-10 to 2009-02-10 ))))))))))))))))))))))))))))))))))
2009-02-08 14:56 <KANSIO> d-------- C:\DOCUME~1\Eemeli\APPLIC~1\Apple Computer
2009-02-02 20:18 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
2009-02-02 20:17 <KANSIO> d-------- C:\WINDOWS\A7E07C2B2220441587E3784D5814BC93.TMP
2009-02-02 20:16 <KANSIO> d-------- C:\WINDOWS\nview
2009-02-02 19:57 <KANSIO> d-------- C:\WINDOWS\NV36041060.TMP
2009-02-02 19:36 <KANSIO> d-------- C:\WINDOWS\system32\AGEIA
2009-02-02 19:36 <KANSIO> d-------- C:\Program Files\AGEIA Technologies
2009-02-02 19:35 <KANSIO> d-------- C:\WINDOWS\NV40724076.TMP
2009-02-02 19:34 <KANSIO> d-------- C:\NVIDIA
2009-02-01 13:22 <KANSIO> d-------- C:\Program Files\DVDVideoSoft
2009-02-01 13:22 <KANSIO> d-------- C:\Program Files\Common Files\DVDVideoSoft
2009-01-18 17:42 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2009-01-18 17:42 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
2009-01-18 17:42 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2009-01-18 17:42 <KANSIO> d-------- C:\Program Files\Common Files\AVSMedia
2009-01-18 17:42 <KANSIO> d-------- C:\Program Files\AVS4YOU
2009-01-18 17:42 <KANSIO> d-------- C:\DOCUME~1\Eemeli\APPLIC~1\AVS4YOU
2009-01-18 17:42 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2009-02-10 14:24:08 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\WTablet
2009-02-09 10:31:45 -------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2009-02-08 11:19:46 -------- d-----w C:\Program Files\StepMania
2009-02-04 15:14:02 45 ----a-w C:\WINDOWS\popcinfot.dat
2009-02-04 15:14:02 -------- d-----w C:\Program Files\Peggle Nights Deluxe
2009-02-02 21:24:15 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2009-02-02 18:18:43 8 ----a-w C:\WINDOWS\system32\nvModes.dat
2009-02-01 11:21:02 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\LimeWire
2009-01-31 11:21:18 -------- d--h--w C:\Program Files\InstallShield Installation Information
2009-01-21 21:39:24 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\Azureus
2009-01-15 06:19:00 9,412,608 ----a-w C:\WINDOWS\system32\nvoglnt.dll
2009-01-15 06:19:00 86,016 ----a-w C:\WINDOWS\system32\nvmctray.dll
2009-01-15 06:19:00 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
2009-01-15 06:19:00 801,312 ----a-w C:\WINDOWS\system32\nvcplui.exe
2009-01-15 06:19:00 663,552 ----a-w C:\WINDOWS\system32\nvapi.dll
2009-01-15 06:19:00 6,301,248 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
2009-01-15 06:19:00 6,168,960 ----a-w C:\WINDOWS\system32\nv4_disp.dll
2009-01-15 06:19:00 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2009-01-15 06:19:00 453,152 ----a-w C:\WINDOWS\system32\nvudisp.exe
2009-01-15 06:19:00 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2009-01-15 06:19:00 449,056 ----a-w C:\WINDOWS\system32\nvappbar.exe
2009-01-15 06:19:00 436,768 ----a-w C:\WINDOWS\system32\keystone.exe
2009-01-15 06:19:00 4,710,400 ----a-w C:\WINDOWS\system32\nvdisps.dll
2009-01-15 06:19:00 3,796,992 ----a-w C:\WINDOWS\system32\nvvitvs.dll
2009-01-15 06:19:00 3,489,792 ----a-w C:\WINDOWS\system32\nvgames.dll
2009-01-15 06:19:00 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll
2009-01-15 06:19:00 2,744,320 ----a-w C:\WINDOWS\system32\nvwss.dll
2009-01-15 06:19:00 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll
2009-01-15 06:19:00 163,908 ----a-w C:\WINDOWS\system32\nvsvc32.exe
2009-01-15 06:19:00 143,360 ----a-w C:\WINDOWS\system32\nvcolor.exe
2009-01-15 06:19:00 135,168 ----a-w C:\WINDOWS\system32\nvcodins.dll
2009-01-15 06:19:00 135,168 ----a-w C:\WINDOWS\system32\nvcod.dll
2009-01-15 06:19:00 13,680,640 ----a-w C:\WINDOWS\system32\nvcpl.dll
2009-01-15 06:19:00 1,724,416 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll
2009-01-15 06:19:00 1,657,376 ----a-w C:\WINDOWS\system32\nwiz.exe
2009-01-15 06:19:00 1,560,576 ----a-w C:\WINDOWS\system32\nvcuda.dll
2009-01-15 06:19:00 1,507,328 ----a-w C:\WINDOWS\system32\nview.dll
2009-01-15 06:19:00 1,346,080 ----a-w C:\WINDOWS\system32\nvdspsch.exe
2009-01-15 06:19:00 1,286,144 ----a-w C:\WINDOWS\system32\nvmobls.dll
2009-01-15 06:19:00 1,101,824 ----a-w C:\WINDOWS\system32\nvwimg.dll
2009-01-14 14:11:32 38,496 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2009-01-14 14:11:28 15,504 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2009-01-13 16:12:58 -------- d-----w C:\Program Files\LimeWire
2009-01-07 09:28:30 453,152 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2009-01-03 12:09:36 -------- d-----w C:\Program Files\Cheat Engine
2008-12-24 10:05:51 410,984 ----a-w C:\WINDOWS\system32\deploytk.dll
2008-12-22 19:05:22 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\Skype
2008-12-22 19:04:30 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\skypePM
2008-12-11 11:57:21 333,184 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-12-10 07:45:48 70,936 ----a-w C:\WINDOWS\system32\PhysXLoader.dll
2008-12-04 07:28:20 24,344 ----a-w C:\WINDOWS\system32\PhysXDevice.dll
2008-11-26 06:55:02 288,024 ----a-w C:\WINDOWS\system32\PhysXCplUI.exe
2008-11-25 06:38:10 288,024 ----a-w C:\WINDOWS\system32\PhysXCompatCplUI.exe
2008-11-12 19:18:40 80,806 ----a-w C:\WINDOWS\system32\perfc00B.dat
2008-11-12 19:18:40 407,306 ----a-w C:\WINDOWS\system32\perfh00B.dat
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-24 12:05]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 10:30]
{DBC80044-A445-435b-BC74-9C25C1C588A9}=C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-24 12:05]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C}=C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-24 12:05]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C6501Sound"="c6501.cpl" []
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-01-16 00:54]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-15 14:00 C:\WINDOWS\system32\bthprops.cpl]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-07 10:47]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 08:47]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 14:00]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"Steam"="c:\program files\valve\steam\steam.exe" [2008-10-08 14:38]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8e-5f12-11dd-9516-001966572726}]
AutoRun\command- H:\EasySuite.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8f-5f12-11dd-9516-001966572726}]
AutoRun\command- H:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b860725e-f1fa-11dc-a82f-806d6172696f}]
AutoRun\command- E:\Bin\assetup.exe
Contents of the 'Scheduled Tasks' folder
2009-02-07 22:45:00 C:\WINDOWS\tasks\At1.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At10.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At11.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At12.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At13.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At14.job
2009-02-09 12:00:00 C:\WINDOWS\tasks\At15.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At16.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At17.job
2009-02-10 15:00:00 C:\WINDOWS\tasks\At18.job
2009-02-10 16:00:00 C:\WINDOWS\tasks\At19.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At2.job
2009-02-10 17:00:00 C:\WINDOWS\tasks\At20.job
2009-02-10 18:00:00 C:\WINDOWS\tasks\At21.job
2009-02-09 19:00:00 C:\WINDOWS\tasks\At22.job
2009-02-09 20:00:00 C:\WINDOWS\tasks\At23.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At24.job
2009-02-07 22:06:00 C:\WINDOWS\tasks\At25.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At26.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At27.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At28.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At29.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At3.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At30.job
2008-07-18 03:00:10 C:\WINDOWS\tasks\At31.job
2008-07-18 04:00:10 C:\WINDOWS\tasks\At32.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At33.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At34.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At35.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At36.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At37.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At38.job
2009-02-09 12:00:01 C:\WINDOWS\tasks\At39.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At4.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At40.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At41.job
2009-02-10 15:00:00 C:\WINDOWS\tasks\At42.job
2009-02-10 16:00:00 C:\WINDOWS\tasks\At43.job
2009-02-10 17:00:00 C:\WINDOWS\tasks\At44.job
2009-02-10 18:00:00 C:\WINDOWS\tasks\At45.job
2009-02-09 19:00:00 C:\WINDOWS\tasks\At46.job
2009-02-09 20:00:00 C:\WINDOWS\tasks\At47.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At48.job
2009-02-07 22:37:00 C:\WINDOWS\tasks\At49.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At5.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At50.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At51.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At52.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At53.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At54.job
2008-07-19 21:38:34 C:\WINDOWS\tasks\At55.job
2008-07-19 21:38:34 C:\WINDOWS\tasks\At56.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At57.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At58.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At59.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At6.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At60.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At61.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At62.job
2009-02-09 12:00:01 C:\WINDOWS\tasks\At63.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At64.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At65.job
2009-02-10 15:00:00 C:\WINDOWS\tasks\At66.job
2009-02-10 16:00:00 C:\WINDOWS\tasks\At67.job
2009-02-10 17:00:00 C:\WINDOWS\tasks\At68.job
2009-02-10 18:00:00 C:\WINDOWS\tasks\At69.job
2008-07-18 03:00:01 C:\WINDOWS\tasks\At7.job
2009-02-09 19:00:00 C:\WINDOWS\tasks\At70.job
2009-02-09 20:00:00 C:\WINDOWS\tasks\At71.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At72.job
2008-07-18 04:00:01 C:\WINDOWS\tasks\At8.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At9.job
********************************************************************
catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-10 20:16:29
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
********************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\JavaQuickStarterService]
"ImagePath"="\"C:\Program Files\Java\jre6\bin\jqs.exe\" -service -config \"C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf\""
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001000-0000-1000-8000-00805f9b34fb}]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001115-0000-1000-8000-00805f9b34fb}]
Completion time: 2009-02-10 20:16:49
C:\ComboFix-quarantined-files.txt ... 2009-02-10 20:16
C:\ComboFix2.txt ... 2009-02-10 16:58
C:\ComboFix3.txt ... 2008-05-30 22:07
--- E O F ---
|
|
Hujo
Suspended permanently
|
10. helmikuuta 2009 @ 21:31 |
Linkki tähän viestiin
|
Nyt tuon alla olevan lainauksen sisällön Kopioit / liität Tyhjään muistioon
käynnistä nappi >apuohjelmat > muistio
Lainaus:
File::
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At10.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At12.job
C:\WINDOWS\tasks\At13.job
C:\WINDOWS\tasks\At14.job
C:\WINDOWS\tasks\At15.job
C:\WINDOWS\tasks\At16.job
C:\WINDOWS\tasks\At17.job
C:\WINDOWS\tasks\At18.job
C:\WINDOWS\tasks\At19.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At20.job
C:\WINDOWS\tasks\At21.job
C:\WINDOWS\tasks\At22.job
C:\WINDOWS\tasks\At23.job
C:\WINDOWS\tasks\At24.job
C:\WINDOWS\tasks\At25.job
C:\WINDOWS\tasks\At26.job
C:\WINDOWS\tasks\At27.job
C:\WINDOWS\tasks\At28.job
C:\WINDOWS\tasks\At29.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At30.job
C:\WINDOWS\tasks\At31.job
C:\WINDOWS\tasks\At32.job
C:\WINDOWS\tasks\At33.job
C:\WINDOWS\tasks\At34.job
C:\WINDOWS\tasks\At35.job
C:\WINDOWS\tasks\At36.job
C:\WINDOWS\tasks\At37.job
C:\WINDOWS\tasks\At38.job
C:\WINDOWS\tasks\At39.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At40.job
C:\WINDOWS\tasks\At41.job
C:\WINDOWS\tasks\At42.job
C:\WINDOWS\tasks\At43.job
C:\WINDOWS\tasks\At44.job
C:\WINDOWS\tasks\At45.job
C:\WINDOWS\tasks\At46.job
C:\WINDOWS\tasks\At47.job
C:\WINDOWS\tasks\At48.job
C:\WINDOWS\tasks\At49.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At50.job
C:\WINDOWS\tasks\At52.job
C:\WINDOWS\tasks\At53.job
C:\WINDOWS\tasks\At54.job
C:\WINDOWS\tasks\At55.job
C:\WINDOWS\tasks\At56.job
C:\WINDOWS\tasks\At57.job
C:\WINDOWS\tasks\At58.job
C:\WINDOWS\tasks\At59.job
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At60.job
C:\WINDOWS\tasks\At61.job
C:\WINDOWS\tasks\At62.job
C:\WINDOWS\tasks\At63.job
C:\WINDOWS\tasks\At64.job
C:\WINDOWS\tasks\At65.job
C:\WINDOWS\tasks\At66.job
C:\WINDOWS\tasks\At67.job
C:\WINDOWS\tasks\At68.job
C:\WINDOWS\tasks\At69.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At70.job
C:\WINDOWS\tasks\At71.job
C:\WINDOWS\tasks\At72.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\At9.job
Tallenna se nimellä: CFScript.txt työpöydälle
Tallennusmuoto: kaikki tiedostot
Sitten raahaa CFScript ComboFix.exeen kuten alla.
combofix työstää tulee sininen taulu paina numeroa 1 ja enter
Laita tuleva loki tänne.
Sammutat ja käynnistät koneen
Voiko tietsikka koskaan toimia?
|
|
Helppu
Junior Member
|
10. helmikuuta 2009 @ 22:43 |
Linkki tähän viestiin
|
Joo olin unohtanu tehä ton tekstitiedoston sisällön, toivottavasti se meni nyt oikein.
"Eemeli" - 2009-02-10 22:33:27 Service Pack 2
ComboFix 07-05.27.BV - Running from: "C:\Documents and Settings\Eemeli\"
Command switches used :: ""C:\Documents and Settings\Eemeli\Ty?p?yt?\CFSscript.txt""
((((((((((((((((((((((((((((((( Files Created from 2009-01-10 to 2009-02-10 ))))))))))))))))))))))))))))))))))
2009-02-08 14:56 <KANSIO> d-------- C:\DOCUME~1\Eemeli\APPLIC~1\Apple Computer
2009-02-02 20:18 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
2009-02-02 20:17 <KANSIO> d-------- C:\WINDOWS\A7E07C2B2220441587E3784D5814BC93.TMP
2009-02-02 20:16 <KANSIO> d-------- C:\WINDOWS\nview
2009-02-02 19:57 <KANSIO> d-------- C:\WINDOWS\NV36041060.TMP
2009-02-02 19:36 <KANSIO> d-------- C:\WINDOWS\system32\AGEIA
2009-02-02 19:36 <KANSIO> d-------- C:\Program Files\AGEIA Technologies
2009-02-02 19:35 <KANSIO> d-------- C:\WINDOWS\NV40724076.TMP
2009-02-02 19:34 <KANSIO> d-------- C:\NVIDIA
2009-02-01 13:22 <KANSIO> d-------- C:\Program Files\DVDVideoSoft
2009-02-01 13:22 <KANSIO> d-------- C:\Program Files\Common Files\DVDVideoSoft
2009-01-18 17:42 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2009-01-18 17:42 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
2009-01-18 17:42 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2009-01-18 17:42 <KANSIO> d-------- C:\Program Files\Common Files\AVSMedia
2009-01-18 17:42 <KANSIO> d-------- C:\Program Files\AVS4YOU
2009-01-18 17:42 <KANSIO> d-------- C:\DOCUME~1\Eemeli\APPLIC~1\AVS4YOU
2009-01-18 17:42 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2009-02-10 18:18:49 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\WTablet
2009-02-09 10:31:45 -------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2009-02-08 11:19:46 -------- d-----w C:\Program Files\StepMania
2009-02-04 15:14:02 45 ----a-w C:\WINDOWS\popcinfot.dat
2009-02-04 15:14:02 -------- d-----w C:\Program Files\Peggle Nights Deluxe
2009-02-02 21:24:15 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2009-02-02 18:18:43 8 ----a-w C:\WINDOWS\system32\nvModes.dat
2009-02-01 11:21:02 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\LimeWire
2009-01-31 11:21:18 -------- d--h--w C:\Program Files\InstallShield Installation Information
2009-01-21 21:39:24 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\Azureus
2009-01-15 06:19:00 9,412,608 ----a-w C:\WINDOWS\system32\nvoglnt.dll
2009-01-15 06:19:00 86,016 ----a-w C:\WINDOWS\system32\nvmctray.dll
2009-01-15 06:19:00 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
2009-01-15 06:19:00 801,312 ----a-w C:\WINDOWS\system32\nvcplui.exe
2009-01-15 06:19:00 663,552 ----a-w C:\WINDOWS\system32\nvapi.dll
2009-01-15 06:19:00 6,301,248 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
2009-01-15 06:19:00 6,168,960 ----a-w C:\WINDOWS\system32\nv4_disp.dll
2009-01-15 06:19:00 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2009-01-15 06:19:00 453,152 ----a-w C:\WINDOWS\system32\nvudisp.exe
2009-01-15 06:19:00 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2009-01-15 06:19:00 449,056 ----a-w C:\WINDOWS\system32\nvappbar.exe
2009-01-15 06:19:00 436,768 ----a-w C:\WINDOWS\system32\keystone.exe
2009-01-15 06:19:00 4,710,400 ----a-w C:\WINDOWS\system32\nvdisps.dll
2009-01-15 06:19:00 3,796,992 ----a-w C:\WINDOWS\system32\nvvitvs.dll
2009-01-15 06:19:00 3,489,792 ----a-w C:\WINDOWS\system32\nvgames.dll
2009-01-15 06:19:00 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll
2009-01-15 06:19:00 2,744,320 ----a-w C:\WINDOWS\system32\nvwss.dll
2009-01-15 06:19:00 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll
2009-01-15 06:19:00 163,908 ----a-w C:\WINDOWS\system32\nvsvc32.exe
2009-01-15 06:19:00 143,360 ----a-w C:\WINDOWS\system32\nvcolor.exe
2009-01-15 06:19:00 135,168 ----a-w C:\WINDOWS\system32\nvcodins.dll
2009-01-15 06:19:00 135,168 ----a-w C:\WINDOWS\system32\nvcod.dll
2009-01-15 06:19:00 13,680,640 ----a-w C:\WINDOWS\system32\nvcpl.dll
2009-01-15 06:19:00 1,724,416 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll
2009-01-15 06:19:00 1,657,376 ----a-w C:\WINDOWS\system32\nwiz.exe
2009-01-15 06:19:00 1,560,576 ----a-w C:\WINDOWS\system32\nvcuda.dll
2009-01-15 06:19:00 1,507,328 ----a-w C:\WINDOWS\system32\nview.dll
2009-01-15 06:19:00 1,346,080 ----a-w C:\WINDOWS\system32\nvdspsch.exe
2009-01-15 06:19:00 1,286,144 ----a-w C:\WINDOWS\system32\nvmobls.dll
2009-01-15 06:19:00 1,101,824 ----a-w C:\WINDOWS\system32\nvwimg.dll
2009-01-14 14:11:32 38,496 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2009-01-14 14:11:28 15,504 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2009-01-13 16:12:58 -------- d-----w C:\Program Files\LimeWire
2009-01-07 09:28:30 453,152 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2009-01-03 12:09:36 -------- d-----w C:\Program Files\Cheat Engine
2008-12-24 10:05:51 410,984 ----a-w C:\WINDOWS\system32\deploytk.dll
2008-12-22 19:05:22 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\Skype
2008-12-22 19:04:30 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\skypePM
2008-12-11 11:57:21 333,184 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-12-10 07:45:48 70,936 ----a-w C:\WINDOWS\system32\PhysXLoader.dll
2008-12-04 07:28:20 24,344 ----a-w C:\WINDOWS\system32\PhysXDevice.dll
2008-11-26 06:55:02 288,024 ----a-w C:\WINDOWS\system32\PhysXCplUI.exe
2008-11-25 06:38:10 288,024 ----a-w C:\WINDOWS\system32\PhysXCompatCplUI.exe
2008-11-12 19:18:40 80,806 ----a-w C:\WINDOWS\system32\perfc00B.dat
2008-11-12 19:18:40 407,306 ----a-w C:\WINDOWS\system32\perfh00B.dat
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-24 12:05]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 10:30]
{DBC80044-A445-435b-BC74-9C25C1C588A9}=C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-24 12:05]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C}=C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-24 12:05]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C6501Sound"="c6501.cpl" []
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-01-16 00:54]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-15 14:00 C:\WINDOWS\system32\bthprops.cpl]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-07 10:47]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 08:47]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 14:00]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"Steam"="c:\program files\valve\steam\steam.exe" [2008-10-08 14:38]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8e-5f12-11dd-9516-001966572726}]
AutoRun\command- H:\EasySuite.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8f-5f12-11dd-9516-001966572726}]
AutoRun\command- H:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b860725e-f1fa-11dc-a82f-806d6172696f}]
AutoRun\command- E:\Bin\assetup.exe
Contents of the 'Scheduled Tasks' folder
2009-02-07 22:45:00 C:\WINDOWS\tasks\At1.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At10.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At11.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At12.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At13.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At14.job
2009-02-09 12:00:00 C:\WINDOWS\tasks\At15.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At16.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At17.job
2009-02-10 15:00:00 C:\WINDOWS\tasks\At18.job
2009-02-10 16:00:00 C:\WINDOWS\tasks\At19.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At2.job
2009-02-10 17:00:00 C:\WINDOWS\tasks\At20.job
2009-02-10 18:00:00 C:\WINDOWS\tasks\At21.job
2009-02-10 19:00:00 C:\WINDOWS\tasks\At22.job
2009-02-10 20:00:00 C:\WINDOWS\tasks\At23.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At24.job
2009-02-07 22:06:00 C:\WINDOWS\tasks\At25.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At26.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At27.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At28.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At29.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At3.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At30.job
2008-07-18 03:00:10 C:\WINDOWS\tasks\At31.job
2008-07-18 04:00:10 C:\WINDOWS\tasks\At32.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At33.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At34.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At35.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At36.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At37.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At38.job
2009-02-09 12:00:01 C:\WINDOWS\tasks\At39.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At4.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At40.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At41.job
2009-02-10 15:00:00 C:\WINDOWS\tasks\At42.job
2009-02-10 16:00:00 C:\WINDOWS\tasks\At43.job
2009-02-10 17:00:00 C:\WINDOWS\tasks\At44.job
2009-02-10 18:00:00 C:\WINDOWS\tasks\At45.job
2009-02-10 19:00:00 C:\WINDOWS\tasks\At46.job
2009-02-10 20:00:00 C:\WINDOWS\tasks\At47.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At48.job
2009-02-07 22:37:00 C:\WINDOWS\tasks\At49.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At5.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At50.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At51.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At52.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At53.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At54.job
2008-07-19 21:38:34 C:\WINDOWS\tasks\At55.job
2008-07-19 21:38:34 C:\WINDOWS\tasks\At56.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At57.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At58.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At59.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At6.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At60.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At61.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At62.job
2009-02-09 12:00:01 C:\WINDOWS\tasks\At63.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At64.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At65.job
2009-02-10 15:00:00 C:\WINDOWS\tasks\At66.job
2009-02-10 16:00:00 C:\WINDOWS\tasks\At67.job
2009-02-10 17:00:00 C:\WINDOWS\tasks\At68.job
2009-02-10 18:00:00 C:\WINDOWS\tasks\At69.job
2008-07-18 03:00:01 C:\WINDOWS\tasks\At7.job
2009-02-10 19:00:00 C:\WINDOWS\tasks\At70.job
2009-02-10 20:00:00 C:\WINDOWS\tasks\At71.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At72.job
2008-07-18 04:00:01 C:\WINDOWS\tasks\At8.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At9.job
********************************************************************
catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-10 22:36:37
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
********************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\JavaQuickStarterService]
"ImagePath"="\"C:\Program Files\Java\jre6\bin\jqs.exe\" -service -config \"C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf\""
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001000-0000-1000-8000-00805f9b34fb}]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001115-0000-1000-8000-00805f9b34fb}]
Completion time: 2009-02-10 22:36:54
C:\ComboFix-quarantined-files.txt ... 2009-02-10 22:36
C:\ComboFix2.txt ... 2009-02-10 20:16
C:\ComboFix3.txt ... 2009-02-10 16:58
--- E O F ---
|
|
Hujo
Suspended permanently
|
10. helmikuuta 2009 @ 23:01 |
Linkki tähän viestiin
|
Nyt tuon alla olevan lainauksen sisällön Kopioit / liität Tyhjään muistioon
käynnistä nappi >apuohjelmat > muistio
Lainaus:
File::
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At10.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At12.job
C:\WINDOWS\tasks\At13.job
C:\WINDOWS\tasks\At14.job
C:\WINDOWS\tasks\At15.job
C:\WINDOWS\tasks\At16.job
C:\WINDOWS\tasks\At17.job
C:\WINDOWS\tasks\At18.job
C:\WINDOWS\tasks\At19.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At20.job
C:\WINDOWS\tasks\At21.job
C:\WINDOWS\tasks\At22.job
C:\WINDOWS\tasks\At23.job
C:\WINDOWS\tasks\At24.job
C:\WINDOWS\tasks\At25.job
C:\WINDOWS\tasks\At26.job
C:\WINDOWS\tasks\At27.job
C:\WINDOWS\tasks\At28.job
C:\WINDOWS\tasks\At29.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At30.job
C:\WINDOWS\tasks\At31.job
C:\WINDOWS\tasks\At32.job
C:\WINDOWS\tasks\At33.job
C:\WINDOWS\tasks\At34.job
C:\WINDOWS\tasks\At35.job
C:\WINDOWS\tasks\At36.job
C:\WINDOWS\tasks\At37.job
C:\WINDOWS\tasks\At38.job
C:\WINDOWS\tasks\At39.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At40.job
C:\WINDOWS\tasks\At41.job
C:\WINDOWS\tasks\At42.job
C:\WINDOWS\tasks\At43.job
C:\WINDOWS\tasks\At44.job
C:\WINDOWS\tasks\At45.job
C:\WINDOWS\tasks\At46.job
C:\WINDOWS\tasks\At47.job
C:\WINDOWS\tasks\At48.job
C:\WINDOWS\tasks\At49.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At50.job
C:\WINDOWS\tasks\At52.job
C:\WINDOWS\tasks\At53.job
C:\WINDOWS\tasks\At54.job
C:\WINDOWS\tasks\At55.job
C:\WINDOWS\tasks\At56.job
C:\WINDOWS\tasks\At57.job
C:\WINDOWS\tasks\At58.job
C:\WINDOWS\tasks\At59.job
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At60.job
C:\WINDOWS\tasks\At61.job
C:\WINDOWS\tasks\At62.job
C:\WINDOWS\tasks\At63.job
C:\WINDOWS\tasks\At64.job
C:\WINDOWS\tasks\At65.job
C:\WINDOWS\tasks\At66.job
C:\WINDOWS\tasks\At67.job
C:\WINDOWS\tasks\At68.job
C:\WINDOWS\tasks\At69.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At70.job
C:\WINDOWS\tasks\At71.job
C:\WINDOWS\tasks\At72.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\At9.job
Tallennusmuoto: kaikki tiedostot
Tallenna se nimellä CFScript.txt työpöydälle
Sitten raahaa CFScript ComboFix.exeen kuten alla.
combofix työstää tulee sininen taulu paina numeroa 1 ja enter
Laita tuleva loki tänne.
Sammutat ja käynnistät koneen
Voiko tietsikka koskaan toimia?
|
|
Helppu
Junior Member
|
12. helmikuuta 2009 @ 00:10 |
Linkki tähän viestiin
|
Tässä, luulen että tein sen nyt oikein:
ComboFix 09-02-10.01 - Eemeli 2009-02-11 20:14:21.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1035.18.2047.1557 [GMT 2:00]
Sijainti: c:\documents and settings\Eemeli\Työpöytä\ComboFix.exe
Käytetyt komentorivivalitsimet :: c:\documents and settings\Eemeli\Työpöytä\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated)
* Uusi palautuspiste luotu
VAROITUS - PALAUTUSKONSOLIA EI OLE ASENNETTU !!
FILE ::
c:\windows\tasks\At1.job
c:\windows\tasks\At10.job
c:\windows\tasks\At11.job
c:\windows\tasks\At12.job
c:\windows\tasks\At13.job
c:\windows\tasks\At14.job
c:\windows\tasks\At15.job
c:\windows\tasks\At16.job
c:\windows\tasks\At17.job
c:\windows\tasks\At18.job
c:\windows\tasks\At19.job
c:\windows\tasks\At2.job
c:\windows\tasks\At20.job
c:\windows\tasks\At21.job
c:\windows\tasks\At22.job
c:\windows\tasks\At23.job
c:\windows\tasks\At24.job
c:\windows\tasks\At25.job
c:\windows\tasks\At26.job
c:\windows\tasks\At27.job
c:\windows\tasks\At28.job
c:\windows\tasks\At29.job
c:\windows\tasks\At3.job
c:\windows\tasks\At30.job
c:\windows\tasks\At31.job
c:\windows\tasks\At32.job
c:\windows\tasks\At33.job
c:\windows\tasks\At34.job
c:\windows\tasks\At35.job
c:\windows\tasks\At36.job
c:\windows\tasks\At37.job
c:\windows\tasks\At38.job
c:\windows\tasks\At39.job
c:\windows\tasks\At4.job
c:\windows\tasks\At40.job
c:\windows\tasks\At41.job
c:\windows\tasks\At42.job
c:\windows\tasks\At43.job
c:\windows\tasks\At44.job
c:\windows\tasks\At45.job
c:\windows\tasks\At46.job
c:\windows\tasks\At47.job
c:\windows\tasks\At48.job
c:\windows\tasks\At49.job
c:\windows\tasks\At5.job
c:\windows\tasks\At50.job
c:\windows\tasks\At52.job
c:\windows\tasks\At53.job
c:\windows\tasks\At54.job
c:\windows\tasks\At55.job
c:\windows\tasks\At56.job
c:\windows\tasks\At57.job
c:\windows\tasks\At58.job
c:\windows\tasks\At59.job
c:\windows\tasks\At6.job
c:\windows\tasks\At60.job
c:\windows\tasks\At61.job
c:\windows\tasks\At62.job
c:\windows\tasks\At63.job
c:\windows\tasks\At64.job
c:\windows\tasks\At65.job
c:\windows\tasks\At66.job
c:\windows\tasks\At67.job
c:\windows\tasks\At68.job
c:\windows\tasks\At69.job
c:\windows\tasks\At7.job
c:\windows\tasks\At70.job
c:\windows\tasks\At71.job
c:\windows\tasks\At72.job
c:\windows\tasks\At8.job
c:\windows\tasks\At9.job
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\tasks\At1.job
c:\windows\tasks\At10.job
c:\windows\tasks\At11.job
c:\windows\tasks\At12.job
c:\windows\tasks\At13.job
c:\windows\tasks\At14.job
c:\windows\tasks\At15.job
c:\windows\tasks\At16.job
c:\windows\tasks\At17.job
c:\windows\tasks\At18.job
c:\windows\tasks\At19.job
c:\windows\tasks\At2.job
c:\windows\tasks\At20.job
c:\windows\tasks\At21.job
c:\windows\tasks\At22.job
c:\windows\tasks\At23.job
c:\windows\tasks\At24.job
c:\windows\tasks\At25.job
c:\windows\tasks\At26.job
c:\windows\tasks\At27.job
c:\windows\tasks\At28.job
c:\windows\tasks\At29.job
c:\windows\tasks\At3.job
c:\windows\tasks\At30.job
c:\windows\tasks\At31.job
c:\windows\tasks\At32.job
c:\windows\tasks\At33.job
c:\windows\tasks\At34.job
c:\windows\tasks\At35.job
c:\windows\tasks\At36.job
c:\windows\tasks\At37.job
c:\windows\tasks\At38.job
c:\windows\tasks\At39.job
c:\windows\tasks\At4.job
c:\windows\tasks\At40.job
c:\windows\tasks\At41.job
c:\windows\tasks\At42.job
c:\windows\tasks\At43.job
c:\windows\tasks\At44.job
c:\windows\tasks\At45.job
c:\windows\tasks\At46.job
c:\windows\tasks\At47.job
c:\windows\tasks\At48.job
c:\windows\tasks\At49.job
c:\windows\tasks\At5.job
c:\windows\tasks\At50.job
c:\windows\tasks\At52.job
c:\windows\tasks\At53.job
c:\windows\tasks\At54.job
c:\windows\tasks\At55.job
c:\windows\tasks\At56.job
c:\windows\tasks\At57.job
c:\windows\tasks\At58.job
c:\windows\tasks\At59.job
c:\windows\tasks\At6.job
c:\windows\tasks\At60.job
c:\windows\tasks\At61.job
c:\windows\tasks\At62.job
c:\windows\tasks\At63.job
c:\windows\tasks\At64.job
c:\windows\tasks\At65.job
c:\windows\tasks\At66.job
c:\windows\tasks\At67.job
c:\windows\tasks\At68.job
c:\windows\tasks\At69.job
c:\windows\tasks\At7.job
c:\windows\tasks\At70.job
c:\windows\tasks\At71.job
c:\windows\tasks\At72.job
c:\windows\tasks\At8.job
c:\windows\tasks\At9.job
D:\install.exe
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-11 to 2009-02-11 )))))))))))))))))
.
2009-02-10 16:58 . 2005-11-09 00:26 38,400 --a------ c:\windows\system32\moveex.exe
2009-02-08 14:56 . 2009-02-08 14:56 <KANSIO> d-------- c:\documents and settings\Eemeli\Application Data\Apple Computer
2009-02-02 23:23 . 2009-01-15 08:19 206,793 --a------ c:\windows\system32\nvapps.nvb
2009-02-02 20:18 . 2009-02-02 20:18 <KANSIO> d-------- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-02-02 20:17 . 2009-02-02 20:17 <KANSIO> d-------- c:\windows\A7E07C2B2220441587E3784D5814BC93.TMP
2009-02-02 20:16 . 2009-02-03 18:34 <KANSIO> d-------- c:\windows\nview
2009-02-02 20:16 . 2009-02-11 15:16 201,144 --a------ c:\windows\system32\nvapps.xml
2009-02-02 19:57 . 2009-02-02 20:15 <KANSIO> d-------- c:\windows\NV36041060.TMP
2009-02-02 19:36 . 2009-02-02 19:36 <KANSIO> d-------- c:\windows\system32\AGEIA
2009-02-02 19:36 . 2009-02-02 19:36 <KANSIO> d-------- c:\program files\AGEIA Technologies
2009-02-02 19:35 . 2009-02-02 19:37 <KANSIO> d-------- c:\windows\NV40724076.TMP
2009-02-02 19:34 . 2009-02-02 20:13 <KANSIO> d-------- C:\NVIDIA
2009-02-01 13:22 . 2009-02-01 13:22 <KANSIO> d-------- c:\program files\DVDVideoSoft
2009-02-01 13:22 . 2009-02-01 13:22 <KANSIO> d-------- c:\program files\Common Files\DVDVideoSoft
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\program files\Common Files\AVSMedia
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\program files\AVS4YOU
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\documents and settings\Eemeli\Application Data\AVS4YOU
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-01-18 17:42 . 2008-08-13 10:22 974,848 --a------ c:\windows\system32\mfc70.dll
2009-01-18 17:42 . 2008-08-13 10:22 487,424 --a------ c:\windows\system32\msvcp70.dll
2009-01-18 17:42 . 2008-08-13 10:22 24,576 --a------ c:\windows\system32\msxml3a.dll
2009-01-15 08:19 . 2009-01-15 08:19 1,253,376 --a------ c:\windows\system32\NvPVEnc.ax
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-11 16:35 34 ----a-w c:\documents and settings\Eemeli\jagex_runescape_preferences.dat
2009-02-11 13:16 --------- d-----w c:\documents and settings\Eemeli\Application Data\WTablet
2009-02-10 14:24 --------- d-----w c:\documents and settings\LocalService\Application Data\WTablet
2009-02-09 10:31 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-08 11:19 --------- d-----w c:\program files\StepMania
2009-02-04 15:14 --------- d-----w c:\program files\Peggle Nights Deluxe
2009-02-02 21:24 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-01 11:21 --------- d-----w c:\documents and settings\Eemeli\Application Data\LimeWire
2009-01-31 11:21 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-21 21:39 --------- d-----w c:\documents and settings\Eemeli\Application Data\Azureus
2009-01-14 14:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 14:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-01-13 16:12 --------- d-----w c:\program files\LimeWire
2009-01-07 09:28 453,152 ----a-w c:\windows\system32\NVUNINST.EXE
2009-01-03 12:09 --------- d-----w c:\program files\Cheat Engine
2009-01-01 11:24 --------- d-----w c:\documents and settings\All Users\Application Data\TrackMania
2008-12-24 10:05 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-12-24 10:05 --------- d-----w c:\program files\Java
2008-12-22 19:05 --------- d-----w c:\documents and settings\Eemeli\Application Data\Skype
2008-12-22 19:04 --------- d-----w c:\documents and settings\Eemeli\Application Data\skypePM
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-10 07:45 70,936 ----a-w c:\windows\system32\PhysXLoader.dll
2008-12-04 07:28 24,344 ----a-w c:\windows\system32\PhysXDevice.dll
2008-11-26 06:55 288,024 ----a-w c:\windows\system32\PhysXCplUI.exe
2008-11-25 06:38 288,024 ----a-w c:\windows\system32\PhysXCompatCplUI.exe
2008-08-23 12:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\MSHist012008082320080824\index.dat
.
((((((((((((((((((((((((((((( snapshot@2008-05-30_23.07.30,39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-10-04 14:04:52 72,704 ----a-w c:\windows\$hf_mig$\KB925720\SP2QFE\magnify.exe
+ 2006-10-04 14:04:49 54,272 ----a-w c:\windows\$hf_mig$\KB925720\SP2QFE\narrator.exe
+ 2006-10-04 14:04:51 216,064 ----a-w c:\windows\$hf_mig$\KB925720\SP2QFE\osk.exe
+ 2006-10-04 14:10:23 36,352 ----a-w c:\windows\$hf_mig$\KB925720\SP2QFE\umandlg.dll
+ 2006-10-04 14:04:53 50,176 ----a-w c:\windows\$hf_mig$\KB925720\SP2QFE\utilman.exe
+ 2005-10-12 23:18:02 14,048 ----a-w c:\windows\$hf_mig$\KB925720\spmsg.dll
+ 2005-10-12 23:18:03 214,752 ----a-w c:\windows\$hf_mig$\KB925720\spuninst.exe
+ 2005-10-12 23:18:02 22,752 ----a-w c:\windows\$hf_mig$\KB925720\update\spcustom.dll
+ 2005-10-12 23:18:05 717,536 ----a-w c:\windows\$hf_mig$\KB925720\update\update.exe
+ 2005-10-12 23:18:08 380,640 ----a-w c:\windows\$hf_mig$\KB925720\update\updspapi.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll
+ 2008-05-02 13:31:44 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:55 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:44:42 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-04-23 04:21:08 124,928 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 04:21:08 347,136 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 04:21:08 214,528 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 04:21:08 132,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 04:21:08 63,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:19 70,656 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 04:21:08 153,088 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 04:21:08 230,400 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38 161,792 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 04:21:08 383,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 04:21:08 388,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 04:21:08 6,068,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 04:21:08 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 04:21:08 267,776 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:19 13,824 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46 625,664 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 04:21:09 27,648 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 04:21:09 459,264 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 04:21:09 52,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 04:21:09 3,593,728 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 04:21:09 478,208 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 04:21:09 193,024 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 04:21:09 671,232 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 04:21:09 102,912 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 04:21:09 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 04:21:09 105,984 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 04:21:10 1,162,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 04:21:10 233,472 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 04:21:10 827,392 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:31:09 14,048 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w c:\windows\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:18:29 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:28:49 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:25:27 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:25 757,112 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:25 392,056 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 18:40:58 683,520 ----a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
+ 2008-04-11 19:05:25 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
+ 2008-04-11 21:23:30 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:38 757,112 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-14 18:05:39 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:34:47 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:40:21 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:19:03 392,056 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 16:17:07 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 15:59:41 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 16:22:36 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:19:03 392,056 ----a-w c:\windows\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:33 1,288,704 ----a-w c:\windows\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:01 1,288,704 ----a-w c:\windows\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:48 1,288,704 ----a-w c:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:14:20 100,352 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:37:17 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:37:17 246,784 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:47:56 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:47:56 246,784 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:44:04 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:44:04 246,784 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:25 757,112 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:25 392,056 ----a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-05-01 15:04:51 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:35:56 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:39:32 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:19:03 392,056 ----a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:30:41 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:44:24 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:55 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 15:40:37 124,928 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll
+ 2008-06-23 15:40:37 347,136 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll
+ 2008-06-23 15:40:37 214,528 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll
+ 2008-06-23 15:40:37 132,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll
+ 2008-06-23 15:40:37 63,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll
+ 2008-06-23 08:23:18 70,656 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
+ 2008-06-23 15:40:38 153,088 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll
+ 2008-06-23 15:40:38 230,400 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll
+ 2008-06-21 05:23:53 161,792 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat
+ 2008-06-23 15:40:38 383,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll
+ 2008-06-23 15:40:38 388,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll
+ 2008-06-23 15:40:40 6,068,736 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
+ 2008-06-23 15:40:40 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll
+ 2008-06-23 15:40:40 267,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
+ 2008-06-23 08:23:18 13,824 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
+ 2008-06-23 08:23:52 625,664 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
+ 2008-06-23 15:40:40 27,648 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll
+ 2008-06-23 15:40:41 459,264 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll
+ 2008-06-23 15:40:41 52,224 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll
+ 2008-06-23 15:40:42 3,594,240 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
+ 2008-06-23 15:40:43 477,696 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll
+ 2008-06-23 15:40:43 193,024 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll
+ 2008-06-23 15:40:43 671,232 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll
+ 2008-06-23 15:40:43 102,912 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll
+ 2008-06-23 15:40:43 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll
+ 2008-06-23 15:40:43 105,984 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\url.dll
+ 2008-06-23 15:40:44 1,162,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll
+ 2008-06-23 15:40:44 233,472 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll
+ 2008-06-23 15:40:44 827,904 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:31:09 14,048 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\updspapi.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll
+ 2008-09-15 15:15:32 1,847,168 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys
+ 2008-09-15 15:27:14 1,846,656 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys
+ 2008-09-15 15:21:09 1,847,168 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:39:53 757,112 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-10-03 10:01:04 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP2QFE\strmdll.dll
+ 2008-10-03 10:03:58 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP3GDR\strmdll.dll
+ 2008-10-03 09:50:35 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP3QFE\strmdll.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB954600\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB954600\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB954600\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB954600\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB954600\update\updspapi.dll
+ 2008-09-04 16:35:00 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP2QFE\msxml3.dll
+ 2008-09-04 17:16:38 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3GDR\msxml3.dll
+ 2008-09-04 17:13:07 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3QFE\msxml3.dll
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB955069\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB955069\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB955069\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB955069\update\update.exe
+ 2008-07-09 11:10:04 392,056 ----a-w c:\windows\$hf_mig$\KB955069\update\updspapi.dll
+ 2008-10-22 09:47:25 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP2QFE\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3GDR\tzchange.exe
+ 2008-10-23 10:17:49 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB955839\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB955839\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB955839\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB955839\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB955839\update\updspapi.dll
+ 2008-08-26 09:10:52 124,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll
+ 2008-08-26 09:10:52 347,136 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll
+ 2008-08-26 09:10:52 214,528 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll
+ 2008-08-26 09:10:52 132,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll
+ 2008-08-26 09:10:52 63,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll
+ 2008-08-25 08:43:21 70,656 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
+ 2008-08-26 09:10:52 153,088 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll
+ 2008-08-26 09:10:52 230,400 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll
+ 2008-08-23 05:54:50 161,792 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat
+ 2008-08-26 09:10:53 380,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll
+ 2008-08-26 09:10:53 388,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-03 16:23:28 6,068,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
+ 2008-08-26 09:10:54 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll
+ 2008-08-26 09:10:54 267,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
+ 2008-08-25 08:43:21 13,824 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
+ 2008-08-23 05:56:16 635,848 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
+ 2008-08-26 09:10:55 27,648 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll
+ 2008-08-26 09:10:55 459,264 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll
+ 2008-08-26 09:10:55 52,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll
+ 2008-08-26 09:10:56 3,594,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
+ 2008-08-26 09:10:56 477,696 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll
+ 2008-08-26 09:10:56 193,024 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll
+ 2008-08-26 09:10:56 671,232 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll
+ 2008-08-26 09:10:56 102,912 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll
+ 2008-08-26 09:10:56 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll
+ 2008-08-26 09:10:56 105,984 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\url.dll
+ 2008-08-26 09:10:56 1,162,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll
+ 2008-08-26 09:10:56 233,472 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll
+ 2008-08-26 09:10:56 827,904 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:31:09 14,048 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\updspapi.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-10-23 12:52:09 284,160 ----a-w c:\windows\$hf_mig$\KB956802\SP2QFE\gdi32.dll
+ 2008-10-23 12:38:22 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3GDR\gdi32.dll
+ 2008-10-23 12:44:16 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll
+ 2008-07-08 13:03:23 17,272 ----a-w c:\windows\$hf_mig$\KB956802\spmsg.dll
+ 2008-07-08 13:03:24 232,824 ----a-w c:\windows\$hf_mig$\KB956802\spuninst.exe
+ 2008-07-08 13:03:23 26,488 ----a-w c:\windows\$hf_mig$\KB956802\update\spcustom.dll
+ 2008-07-09 07:39:53 757,112 ----a-w c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2008-07-09 07:40:02 392,056 ----a-w c:\windows\$hf_mig$\KB956802\update\updspapi.dll
+ 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys
+ 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:19:03 392,056 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 13:39:20 2,145,280 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlmp.exe
+ 2008-08-14 13:39:24 2,065,280 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
+ 2008-08-14 13:39:18 2,023,424 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrpamp.exe
+ 2008-08-14 13:39:21 2,188,288 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
+ 2008-08-14 13:25:40 2,147,840 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe
+ 2008-08-14 13:25:43 2,068,352 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
+ 2008-08-14 13:24:57 2,026,496 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe
+ 2008-08-14 13:25:41 2,191,488 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
+ 2008-08-14 13:56:32 2,147,840 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 16:26:36 2,068,352 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 13:56:31 2,026,496 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 16:26:38 2,191,488 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:40:02 392,056 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys
+ 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys
+ 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:19:03 392,056 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
+ 2008-10-24 11:25:29 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP2QFE\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ----a-w c:\windows\$hf_mig$\KB957097\SP3GDR\mrxsmb.sys
+ 2008-10-24 11:41:11 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys
+ 2008-07-08 13:03:23 17,272 ----a-w c:\windows\$hf_mig$\KB957097\spmsg.dll
+ 2008-07-08 13:03:24 232,824 ----a-w c:\windows\$hf_mig$\KB957097\spuninst.exe
+ 2008-07-08 13:03:23 26,488 ----a-w c:\windows\$hf_mig$\KB957097\update\spcustom.dll
+ 2008-07-08 13:03:27 757,112 ----a-w c:\windows\$hf_mig$\KB957097\update\update.exe
+ 2008-07-08 13:03:34 392,056 ----a-w c:\windows\$hf_mig$\KB957097\update\updspapi.dll
+ 2008-10-16 19:33:31 124,928 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\advpack.dll
+ 2008-10-16 19:33:32 347,136 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtmsft.dll
+ 2008-10-16 19:33:32 214,528 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtrans.dll
+ 2008-10-16 19:33:32 132,608 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\extmgr.dll
+ 2008-10-16 19:33:32 63,488 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\icardie.dll
+ 2008-10-16 12:46:08 70,656 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ie4uinit.exe
+ 2008-10-16 19:33:32 153,088 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakeng.dll
+ 2008-10-16 19:33:32 230,400 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieaksie.dll
+ 2008-10-15 06:33:26 161,792 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dat
+ 2008-10-16 19:33:33 380,928 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dll
+ 2008-10-16 19:33:33 388,608 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-16 19:33:36 6,068,224 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieframe.dll
+ 2008-10-16 19:33:36 44,544 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iernonce.dll
+ 2008-10-16 19:33:36 267,776 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iertutil.dll
+ 2008-10-16 12:46:08 13,824 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieudinit.exe
+ 2008-10-15 06:34:58 633,632 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
+ 2008-10-16 19:33:37 27,648 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\jsproxy.dll
+ 2008-10-16 19:33:37 459,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeeds.dll
+ 2008-10-16 19:33:37 52,224 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeedsbs.dll
+ 2008-10-16 19:33:40 3,595,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
+ 2008-10-16 19:33:40 477,696 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtmled.dll
+ 2008-10-16 19:33:40 193,024 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msrating.dll
+ 2008-10-16 19:33:41 671,232 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mstime.dll
+ 2008-10-16 19:33:41 102,912 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\occache.dll
+ 2008-10-16 19:33:41 44,544 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\pngfilt.dll
+ 2008-10-16 19:33:41 105,984 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\url.dll
+ 2008-10-16 19:33:42 1,163,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\urlmon.dll
+ 2008-10-16 19:33:42 233,472 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\webcheck.dll
+ 2008-10-16 19:33:43 827,904 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:31:09 14,048 ----a-w c:\windows\$hf_mig$\KB958215-IE7\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w c:\windows\$hf_mig$\KB958215-IE7\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\updspapi.dll
+ 2008-10-15 16:55:14 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP2QFE\netapi32.dll
+ 2008-10-15 16:37:15 337,408 ----a-w c:\windows\$hf_mig$\KB958644\SP3GDR\netapi32.dll
+ 2008-10-15 16:31:34 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP3QFE\netapi32.dll
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB958644\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB958644\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB958644\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB958644\update\update.exe
+ 2007-11-30 11:19:03 392,056 ----a-w c:\windows\$hf_mig$\KB958644\update\updspapi.dll
+ 2008-12-13 06:28:12 3,594,752 ----a-w c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
+ 2007-03-06 01:31:09 14,048 ----a-w c:\windows\$hf_mig$\KB960714-IE7\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w c:\windows\$hf_mig$\KB960714-IE7\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\updspapi.dll
+ 2004-09-15 12:00:00 72,704 -c----w c:\windows\$NtUninstallKB925720$\magnify.exe
+ 2004-09-15 12:00:00 54,272 -c----w c:\windows\$NtUninstallKB925720$\narrator.exe
+ 2004-09-15 12:00:00 216,064 -c----w c:\windows\$NtUninstallKB925720$\osk.exe
+ 2005-10-12 23:18:03 214,752 -c----w c:\windows\$NtUninstallKB925720$\spuninst\spuninst.exe
+ 2005-10-12 23:18:08 380,640 -c----w c:\windows\$NtUninstallKB925720$\spuninst\updspapi.dll
+ 2004-09-15 12:00:00 36,352 -c----w c:\windows\$NtUninstallKB925720$\umandlg.dll
+ 2004-09-15 12:00:00 50,176 -c----w c:\windows\$NtUninstallKB925720$\utilman.exe
+ 2005-10-12 23:12:26 213,216 -c----w c:\windows\$NtUninstallKB926239$\spuninst\spuninst.exe
+ 2005-10-12 23:12:33 371,424 -c----w c:\windows\$NtUninstallKB926239$\spuninst\updspapi.dll
+ 2006-10-18 19:47:16 414,208 -c----w c:\windows\$NtUninstallKB929399$\msscp.dll
+ 2005-06-28 08:23:26 213,216 -c----w c:\windows\$NtUninstallKB929399$\spuninst\spuninst.exe
+ 2005-06-28 08:23:54 371,424 -c----w c:\windows\$NtUninstallKB929399$\spuninst\updspapi.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB938464$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB938464$\spuninst\updspapi.dll
+ 2004-09-14 14:20:50 82,944 -c----w c:\windows\$NtUninstallKB946648$\msgsc.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB946648$\spuninst\updspapi.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2006-07-13 08:48:58 202,240 -c----w c:\windows\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB950762$\spuninst\updspapi.dll
+ 2005-07-26 04:40:30 243,200 -c----w c:\windows\$NtUninstallKB950974$\es.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB950974$\spuninst\spuninst.exe
+ 2007-11-30 12:39:25 392,056 -c----w c:\windows\$NtUninstallKB950974$\spuninst\updspapi.dll
+ 2007-08-21 06:17:25 683,520 -c----w c:\windows\$NtUninstallKB951066$\inetcomm.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB951066$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB951066$\spuninst\updspapi.dll
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\updspapi.dll
+ 2007-11-13 11:31:11 60,416 -c----w c:\windows\$NtUninstallKB951072-v2$\tzchange.exe
+ 2008-04-14 15:52:59 272,128 -c----w c:\windows\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:19:03 392,056 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2004-09-14 13:06:48 274,304 -c----w c:\windows\$NtUninstallKB951376$\bthport.sys
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB951376$\spuninst\spuninst.exe
+ 2007-11-30 11:19:03 392,056 -c----w c:\windows\$NtUninstallKB951376$\spuninst\updspapi.dll
+ 2007-10-29 22:43:51 1,288,192 -c----w c:\windows\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB951698$\spuninst\updspapi.dll
+ 2004-09-15 12:00:00 138,496 -c----w c:\windows\$NtUninstallKB951748$\afd.sys
+ 2008-02-20 05:38:03 148,992 -c----w c:\windows\$NtUninstallKB951748$\dnsapi.dll
+ 2004-09-15 12:00:00 246,784 -c----w c:\windows\$NtUninstallKB951748$\mswsock.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB951748$\spuninst\spuninst.exe
+ 2007-11-30 12:39:25 392,056 -c----w c:\windows\$NtUninstallKB951748$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w c:\windows\$NtUninstallKB951748$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w c:\windows\$NtUninstallKB951748$\tcpip6.sys
+ 2006-10-18 18:03:58 100,864 -c----w c:\windows\$NtUninstallKB952069_WM9$\logagent.exe
+ 2007-07-27 05:28:28 232,824 -c----w c:\windows\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe
+ 2007-07-27 07:41:48 382,840 -c----w c:\windows\$NtUninstallKB952069_WM9$\spuninst\updspapi.dll
+ 2006-10-18 19:47:20 937,984 -c----w c:\windows\$NtUninstallKB952069_WM9$\wmnetmgr.dll
+ 2006-10-18 19:47:22 2,450,944 -c----w c:\windows\$NtUninstallKB952069_WM9$\wmvcore.dll
+ 2004-09-15 12:00:00 331,776 -c----w c:\windows\$NtUninstallKB952287$\msadce.dll
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB952287$\spuninst\spuninst.exe
+ 2007-11-30 11:19:03 392,056 -c----w c:\windows\$NtUninstallKB952287$\spuninst\updspapi.dll
+ 2005-06-29 01:49:52 74,240 -c----w c:\windows\$NtUninstallKB952954$\mscms.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB952954$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB952954$\spuninst\updspapi.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB953839$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB953839$\spuninst\updspapi.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB954211$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB954211$\spuninst\updspapi.dll
+ 2008-03-20 08:09:41 1,845,504 -c----w c:\windows\$NtUninstallKB954211$\win32k.sys
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB954600$\spuninst\updspapi.dll
+ 2006-08-24 11:19:40 246,814 -c----w c:\windows\$NtUninstallKB954600$\strmdll.dll
+ 2007-06-26 06:09:33 1,104,896 -c----w c:\windows\$NtUninstallKB955069$\msxml3.dll
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe
+ 2008-07-09 11:10:04 392,056 -c----w c:\windows\$NtUninstallKB955069$\spuninst\updspapi.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB955839$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB955839$\spuninst\updspapi.dll
+ 2008-07-14 11:09:18 62,976 -c----w c:\windows\$NtUninstallKB955839$\tzchange.exe
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB956391$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB956391$\spuninst\updspapi.dll
+ 2008-02-20 06:51:32 282,624 -c----w c:\windows\$NtUninstallKB956802$\gdi32.dll
+ 2008-07-08 13:03:24 232,824 -c----w c:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe
+ 2008-07-09 07:40:02 392,056 -c----w c:\windows\$NtUninstallKB956802$\spuninst\updspapi.dll
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803$\afd.sys
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe
+ 2007-11-30 11:19:03 392,056 -c----w c:\windows\$NtUninstallKB956803$\spuninst\updspapi.dll
+ 2007-02-28 16:02:38 2,138,624 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlmp.exe
+ 2007-02-28 16:02:38 2,018,304 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
+ 2007-02-28 16:02:38 2,018,304 -c----w c:\windows\$NtUninstallKB956841$\ntkrpamp.exe
+ 2007-02-28 16:02:38 2,138,624 -c----w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB956841$\spuninst\spuninst.exe
+ 2008-07-09 07:40:02 392,056 -c----w c:\windows\$NtUninstallKB956841$\spuninst\updspapi.dll
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB957095$\spuninst\spuninst.exe
+ 2007-11-30 11:19:03 392,056 -c----w c:\windows\$NtUninstallKB957095$\spuninst\updspapi.dll
+ 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtUninstallKB957095$\srv.sys
+ 2006-05-05 09:41:45 453,120 -c----w c:\windows\$NtUninstallKB957097$\mrxsmb.sys
+ 2008-07-08 13:03:24 232,824 -c----w c:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe
+ 2008-07-08 13:03:34 392,056 -c----w c:\windows\$NtUninstallKB957097$\spuninst\updspapi.dll
+ 2006-08-17 12:28:30 332,288 -c----w c:\windows\$NtUninstallKB958644$\netapi32.dll
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB958644$\spuninst\spuninst.exe
+ 2007-11-30 11:19:03 392,056 -c----w c:\windows\$NtUninstallKB958644$\spuninst\updspapi.dll
+ 2006-10-16 14:10:58 221,488 -c----w c:\windows\$NtUninstallWIC$\spuninst\spuninst.exe
+ 2006-10-16 14:10:58 379,184 -c----w c:\windows\$NtUninstallWIC$\spuninst\updspapi.dll
+ 2005-01-28 11:44:28 294,912 -c----w c:\windows\$NtUninstallWMFDist11$\blackbox.dll
+ 2005-01-28 11:44:28 164,864 -c----w c:\windows\$NtUninstallWMFDist11$\cewmdm.dll
+ 2005-01-28 11:44:28 502,272 -c----w c:\windows\$NtUninstallWMFDist11$\drmv2clt.dll
+ 2005-01-28 11:44:28 6,656 -c----w c:\windows\$NtUninstallWMFDist11$\laprxy.dll
+ 2005-01-28 11:44:28 96,768 -c----w c:\windows\$NtUninstallWMFDist11$\logagent.exe
+ 2004-09-15 12:00:00 310,272 -c----w c:\windows\$NtUninstallWMFDist11$\mp43dmod.dll
+ 2004-09-15 12:00:00 384,512 -c----w c:\windows\$NtUninstallWMFDist11$\mp4sdmod.dll
+ 2004-09-15 12:00:00 240,640 -c----w c:\windows\$NtUninstallWMFDist11$\mpg4dmod.dll
+ 2005-01-28 11:44:28 142,336 -c----w c:\windows\$NtUninstallWMFDist11$\msnetobj.dll
+ 2005-01-28 11:44:28 25,088 -c----w c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
+ 2005-01-28 11:44:28 173,568 -c----w c:\windows\$NtUninstallWMFDist11$\mspmsp.dll
+ 2005-01-28 11:44:28 364,784 -c----w c:\windows\$NtUninstallWMFDist11$\msscp.dll
+ 2005-01-28 11:44:28 315,904 -c----w c:\windows\$NtUninstallWMFDist11$\mswmdm.dll
+ 2005-01-28 11:44:28 221,184 -c----w c:\windows\$NtUninstallWMFDist11$\qasf.dll
+ 2006-05-16 16:11:54 213,216 -c----w c:\windows\$NtUninstallWMFDist11$\spuninst\spuninst.exe
+ 2006-05-16 16:11:54 371,424 -c----w c:\windows\$NtUninstallWMFDist11$\spuninst\updspapi.dll
+ 2006-11-02 09:46:52 13,312 -c----w c:\windows\$NtUninstallWMFDist11$\spuninst\wpdinstallutil.dll
+ 2005-01-28 11:44:28 47,104 -c----w c:\windows\$NtUninstallWMFDist11$\uwdf.exe
+ 2005-01-28 11:44:28 15,872 -c----w c:\windows\$NtUninstallWMFDist11$\wdfapi.dll
+ 2005-01-28 11:44:28 38,912 -c----w c:\windows\$NtUninstallWMFDist11$\wdfmgr.exe
+ 2005-01-28 11:44:28 396,528 -c----w c:\windows\$NtUninstallWMFDist11$\wmadmod.dll
+ 2005-01-28 11:44:28 716,288 -c----w c:\windows\$NtUninstallWMFDist11$\wmadmoe.dll
+ 2007-10-20 04:01:32 227,328 -c----w c:\windows\$NtUninstallWMFDist11$\wmasf.dll
+ 2005-01-28 11:44:28 28,160 -c----w c:\windows\$NtUninstallWMFDist11$\wmdmlog.dll
+ 2005-01-28 11:44:28 33,792 -c----w c:\windows\$NtUninstallWMFDist11$\wmdmps.dll
+ 2005-01-28 11:44:28 335,872 -c----w c:\windows\$NtUninstallWMFDist11$\wmdrmdev.dll
+ 2005-01-28 11:44:28 290,816 -c----w c:\windows\$NtUninstallWMFDist11$\wmdrmnet.dll
+ 2005-01-28 11:44:28 150,016 -c----w c:\windows\$NtUninstallWMFDist11$\wmidx.dll
+ 2005-01-28 11:44:28 1,027,072 -c----w c:\windows\$NtUninstallWMFDist11$\wmnetmgr.dll
+ 2005-01-28 11:44:28 774,904 -c----w c:\windows\$NtUninstallWMFDist11$\wmsdmod.dll
+ 2005-01-28 11:44:28 1,119,744 -c----w c:\windows\$NtUninstallWMFDist11$\wmsdmoe2.dll
+ 2005-01-28 11:44:28 819,200 -c----w c:\windows\$NtUninstallWMFDist11$\wmsetsdk.exe
+ 2005-01-28 11:44:28 413,944 -c----w c:\windows\$NtUninstallWMFDist11$\wmspdmod.dll
+ 2005-01-28 11:44:28 940,544 -c----w c:\windows\$NtUninstallWMFDist11$\wmspdmoe.dll
+ 2005-01-28 11:44:28 1,218,808 -c----w c:\windows\$NtUninstallWMFDist11$\wmvadvd.dll
+ 2005-01-28 11:44:28 1,512,448 -c----w c:\windows\$NtUninstallWMFDist11$\wmvadve.dll
+ 2006-12-07 05:29:34 2,374,472 -c----w c:\windows\$NtUninstallWMFDist11$\wmvcore.dll
+ 2005-01-28 11:44:28 895,736 -c----w c:\windows\$NtUninstallWMFDist11$\wmvdmod.dll
+ 2005-01-28 11:44:28 1,003,008 -c----w c:\windows\$NtUninstallWMFDist11$\wmvdmoe2.dll
+ 2005-01-28 11:44:28 38,912 -c----w c:\windows\$NtUninstallWMFDist11$\wpd_ci.dll
+ 2005-01-28 11:44:28 61,952 -c----w c:\windows\$NtUninstallWMFDist11$\wpdconns.dll
+ 2005-01-28 11:44:28 114,176 -c----w c:\windows\$NtUninstallWMFDist11$\wpdmtp.dll
+ 2005-01-28 11:44:28 66,560 -c----w c:\windows\$NtUninstallWMFDist11$\wpdmtpus.dll
+ 2005-01-28 11:44:28 331,264 -c----w c:\windows\$NtUninstallWMFDist11$\wpdsp.dll
+ 2005-01-28 11:44:28 18,944 -c----w c:\windows\$NtUninstallWMFDist11$\wpdusb.sys
+ 2006-09-15 23:05:22 221,488 -c----w c:\windows\$NtUninstallWudf01000$\spuninst\spuninst.exe
+ 2006-09-15 23:05:22 379,184 -c----w c:\windows\$NtUninstallWudf01000$\spuninst\updspapi.dll
+ 2006-09-28 17:01:52 58,368 -c----w c:\windows\$NtUninstallWudf01000$\spuninst\WudfCustom.dll
+ 2008-09-03 13:15:23 100,888 ----a-w c:\windows\.jagex_cache_32\loginapplet\cache--1999123318.dat
+ 2009-02-06 15:17:46 101,991 ----a-w c:\windows\.jagex_cache_32\loginapplet\cache-1272026540.dat
+ 2008-07-15 11:44:10 315,392 ----a-w c:\windows\.jagex_cache_32\runescape\browsercontrol.dll
+ 2008-11-11 14:56:39 19,767 ----a-w c:\windows\.jagex_cache_32\runescape\game_unpacker.dat
+ 2009-02-11 16:02:44 315,392 ----a-w c:\windows\.jagex_cache_32\runescape\jogl.dll
+ 2009-02-11 16:02:44 20,480 ----a-w c:\windows\.jagex_cache_32\runescape\jogl_awt.dll
+ 2009-02-02 18:17:09 155,648 ----a-w c:\windows\A7E07C2B2220441587E3784D5814BC93.TMP\WiseCustomCalla.dll
+ 2006-10-04 14:05:26 39,424 ------w c:\windows\AppPatch\acadproc.dll
- 2008-05-03 19:36:30 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-06-16 16:26:39 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2008-05-03 19:36:30 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-06-16 16:26:39 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2008-05-03 19:36:30 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-06-16 16:26:39 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2008-03-14 19:17:01 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:35 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:01 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:35 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:02 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:36 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:02 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:36 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:02 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:36 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-05-03 19:36:30 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:37 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:02 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:37 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:02 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:37 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:02 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:38 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:03 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:39 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-05-03 19:36:31 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-06-16 16:26:40 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2008-05-03 19:36:31 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-06-16 16:26:40 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2008-05-03 19:36:31 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-06-16 16:26:40 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2008-05-03 19:36:31 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-06-16 16:26:41 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2008-05-03 19:36:29 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-06-16 16:26:38 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-11-12 19:17:13 151,552 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-11-12 19:17:30 3,915,776 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-12-06 16:48:14 10,088 ----a-w c:\windows\assembly\GAC_32\StorePluginInterface\1.0.0.0__7010de4470b07f04\StorePluginInterface.dll
+ 2008-11-12 19:17:32 344,064 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2008-11-12 19:17:13 352,256 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2008-11-12 19:17:30 593,920 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2008-11-12 19:17:30 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2008-11-12 19:17:31 184,320 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2008-11-12 19:17:31 126,976 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2008-11-12 19:17:31 376,832 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2008-11-12 19:17:31 151,552 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2008-11-12 19:17:31 4,972,544 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2008-11-12 19:17:31 897,024 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2008-11-12 19:17:32 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2008-11-12 19:17:13 94,208 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2008-11-12 19:17:14 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2008-11-12 19:17:14 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2008-11-12 19:17:14 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2008-11-12 19:17:14 884,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2008-11-12 19:17:15 159,744 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2008-11-12 19:17:15 16,384 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2008-11-12 19:17:14 5,623,808 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2008-11-12 19:17:32 688,128 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2008-11-12 19:18:29 1,108,784 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2008-11-12 19:18:29 1,641,272 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2008-11-12 19:18:29 588,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2008-11-12 19:17:31 163,840 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2008-11-12 19:17:31 372,736 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2008-11-12 19:17:31 32,768 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2008-11-12 19:17:31 86,016 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2008-11-12 19:17:30 1,167,360 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2008-11-12 19:17:32 81,920 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2008-12-06 16:49:48 7,110,656 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\AppCommon\12ff929fe009a9d7039780582a183975\AppCommon.ni.dll
+ 2008-12-06 16:49:55 77,824 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.QTOContro#\5d887d10219b2a4d2c864ef8e6f988e9\AxInterop.QTOControlLib.ni.dll
+ 2008-12-06 16:49:51 143,360 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.SHDocVw\c19e31dd0da528ca4e4395b8d5f27ef3\AxInterop.SHDocVw.ni.dll
+ 2008-12-06 16:49:54 184,320 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.WMPLib\48bf4c78d862d8b29683ead8006efe07\AxInterop.WMPLib.ni.dll
+ 2008-11-12 20:23:45 503,808 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\373d5acced35e392e1f413a69042340d\ComSvcConfig.ni.exe
+ 2008-12-06 16:49:53 221,184 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\GCPlayer\79e3541497adc0c2d48a96893c8ae014\GCPlayer.ni.dll
+ 2008-12-06 16:49:53 32,768 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interfaces\34b666aa7c154d9e721663299d3730ef\Interfaces.ni.dll
+ 2008-12-06 16:49:54 389,120 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.CDDBCONTROL#\881866bcbbf90b71169abc356f865b3c\Interop.CDDBCONTROLLibSMS.ni.dll
+ 2008-12-06 16:50:07 86,016 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.CDDBLINKLib#\bdba10f7daecebb3dad5884a3bd74bf5\Interop.CDDBLINKLibSMS.ni.dll
+ 2008-12-06 16:50:08 35,840 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.CDDBUICONTR#\6c8a75ff0fe8a9ec2372a772253e56a5\Interop.CDDBUICONTROLLibSMS.ni.dll
+ 2008-12-06 16:49:52 118,784 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\ba3883931b1eff189f4936b08b87e28f\Interop.IWshRuntimeLibrary.ni.dll
+ 2008-12-06 16:49:53 90,112 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.PortableDev#\34fdb7051aac23225665a0c3f79bd975\Interop.PortableDeviceApiLib.ni.dll
+ 2008-12-06 16:50:08 90,112 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.PortableDev#\60d9ec8484aa884a1eafca8c57edcbc9\Interop.PortableDeviceTypesLib.ni.dll
+ 2008-12-06 16:49:55 81,920 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.QTOControlL#\edcab57315e43101a797e10d788e7090\Interop.QTOControlLib.ni.dll
+ 2008-12-06 16:49:56 221,184 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.QTOLibrary\1770e571f589b16c915c09492c401dd8\Interop.QTOLibrary.ni.dll
+ 2008-12-06 16:49:51 344,064 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.SHDocVw\a5edaaee6e06ab2c84416250d46e640f\Interop.SHDocVw.ni.dll
+ 2008-12-06 16:49:55 847,872 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WMPLib\8cf76f61eec9d71e780e33f497b7052f\Interop.WMPLib.ni.dll
+ 2008-12-06 16:49:51 712,704 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\log4net\c214dffd2c15fedb78004903ebe143ef\log4net.ni.dll
+ 2008-12-06 16:49:54 884,736 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Lucene.Net\b367e4694dcafc89ec4a3560cc007306\Lucene.Net.ni.dll
+ 2008-12-06 16:49:49 966,656 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.GUI\a99c19aa2962b7844090b1f15c5b70c6\MediaManager.GUI.ni.dll
+ 2008-12-06 16:50:08 380,928 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.Splash#\d55a5c2a9883fbfc2471edb3a08e5db1\MediaManager.SplashScreen.ni.dll
+ 2008-12-06 16:49:52 282,624 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.Utils\9378f68909dcb5d9eea5558e963ea35b\MediaManager.Utils.ni.dll
+ 2008-12-06 16:49:43 1,921,024 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager\fb733f6cd398a5992ebf609f410a2d80\MediaManager.ni.exe
+ 2008-12-06 16:50:11 2,441,216 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\b3b62fe820b416515420a6ec17b247c3\Microsoft.JScript.ni.dll
+ 2008-11-12 20:23:47 1,114,112 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\019a85babfbe02cecdbb63a65d391aba\Microsoft.Transactions.Bridge.ni.dll
+ 2008-11-12 20:23:47 401,408 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\cb8d7b6cc6827e9f2d66c4d7ef9b5d54\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2008-11-12 19:17:45 17,920 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\cd0730694ba5927a6efd32129783e1b4\Microsoft.VisualC.ni.dll
+ 2008-12-06 16:50:11 77,824 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\e674ba75a514e00b26329e212da938e0\Microsoft.Vsa.ni.dll
+ 2008-12-06 16:49:53 679,936 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PerstNET\22ad0fc085ad21da8cf60962a5ce1829\PerstNET.ni.dll
+ 2008-12-06 16:50:08 49,664 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PluginSystem\d1764d7969525889f7413d707b86ebde\PluginSystem.ni.dll
+ 2008-11-12 20:23:53 1,564,672 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\41bd82648d480ec304ea0c04034787bc\PresentationBuildTasks.ni.dll
+ 2008-11-12 19:18:00 40,448 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\9385f2c37b2e00e06ec3f57153f63a2d\PresentationCFFRasterizer.ni.dll
+ 2008-11-12 19:17:59 11,980,800 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7e413273e9d6710be8a39dcce2e45c2c\PresentationCore.ni.dll
+ 2008-11-12 19:18:25 48,640 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\599806acdd6dc0aeed19ebf9d622dcad\PresentationFontCache.ni.exe
+ 2008-11-12 19:18:22 552,960 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0766df362854f0330a4a45179773657e\PresentationFramework.Luna.ni.dll
+ 2008-11-12 19:18:23 274,432 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8aaa2b56f733902cc1ba9d8300d2a0e3\PresentationFramework.Royale.ni.dll
+ 2008-11-12 19:18:21 241,664 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d87c2740add3b0f86833159ce57c71ec\PresentationFramework.Classic.ni.dll
+ 2008-11-12 19:18:14 14,659,584 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\de20226274a5739a4b42d8e26b546180\PresentationFramework.ni.dll
+ 2008-11-12 19:18:23 393,216 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e389aa7f3dd4eb1ee585724f130a79cb\PresentationFramework.Aero.ni.dll
+ 2008-11-12 19:18:16 1,986,560 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\f97ac4e9c402e98d2b5b7114e4fbbd2a\PresentationUI.ni.dll
+ 2008-11-12 19:18:19 2,416,640 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\1fe0f79dd0d47e4d1eb474f98a1949fb\ReachFramework.ni.dll
+ 2008-11-12 20:23:48 139,264 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\0bcc4abbe0c5c3feeda7f711304ac4a0\ServiceModelReg.ni.exe
+ 2008-12-06 16:50:07 30,720 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\SFMARKETLib\9eb969e20b8c21551b1d86ad18d6839c\SFMARKETLib.ni.dll
+ 2008-11-12 20:23:48 286,720 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\5e3765ee346151c26a3793ddf3a8d6d7\SMDiagnostics.ni.dll
+ 2008-11-12 20:23:48 323,584 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\c6f33f28f5bb403981ac148da447e3c5\SMSvcHost.ni.exe
+ 2008-12-06 16:49:50 1,036,288 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Sony.MediaSoftware.#\206a1dd4d1979264215c9934851409cb\Sony.MediaSoftware.clrshared.ni.dll
+ 2008-12-06 16:49:56 44,544 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\5eef2f32e44870fde9f65d34d523ef3e\stdole.ni.dll
+ 2008-12-06 16:50:08 15,360 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\StorePluginInterface\e401d20d70f1315bb945d8a0ac665fb6\StorePluginInterface.ni.dll
+ 2008-11-12 20:23:58 262,144 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\6a075eb8e0f13de87d1278aa8562d51e\sysglobl.ni.dll
+ 2008-11-12 19:17:48 163,840 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\c46625ea87db53ccf6194fe17ee05c19\System.Configuration.Install.ni.dll
+ 2008-11-12 19:17:48 1,183,744 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\1abdb47765d0696a2fc0a1095bac0249\System.Data.OracleClient.ni.dll
+ 2008-11-12 19:17:45 2,756,608 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\e59504af41afab5e04681af951d9b302\System.Data.SqlXml.ni.dll
+ 2008-11-12 20:23:25 241,664 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\dd8f551c39409fa95b0c22cf2ee48b65\System.IdentityModel.Selectors.ni.dll
+ 2008-11-12 20:23:25 978,944 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\581d8571e61ebe24154ae912624c3c9d\System.IdentityModel.ni.dll
+ 2008-11-12 20:23:26 417,792 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\86cd41998dc72b213d9464b56fe245b9\System.IO.Log.ni.dll
+ 2008-12-06 16:50:09 1,064,960 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\29c7192327cf3999961560bf3a3995c6\System.Management.ni.dll
+ 2008-11-12 19:18:39 655,360 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\00e3750e478bac4913ee7a6c3b7cd392\System.Messaging.ni.dll
+ 2008-11-12 19:18:20 1,118,208 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\690a965457e274ad13f6b1f9ac2bad4e\System.Printing.ni.dll
+ 2008-11-12 19:17:46 815,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0898f6c1de8cb89413d206e3d6a3ce1d\System.Runtime.Remoting.ni.dll
+ 2008-11-12 19:17:46 339,968 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1f5cf8178029f5b959a9af75cb8cfedb\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2008-11-12 20:23:28 2,351,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c4838d300f677f34c9d44ead84b8603b\System.Runtime.Serialization.ni.dll
+ 2008-11-12 20:23:44 17,354,752 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\7a2bc3302a133e235ec99193c56a0571\System.ServiceModel.ni.dll
+ 2008-11-12 20:23:57 2,039,808 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\d38908d5c6a11dd7dceaf9bd34adb437\System.Speech.ni.dll
+ 2008-11-12 19:18:33 2,994,176 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\5e0df5685ce40f838eea52a5f1454b68\System.Workflow.Activities.ni.dll
+ 2008-11-12 19:18:36 4,587,520 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\2689e361e42d0bb9e3d19f1ecd30c26a\System.Workflow.ComponentModel.ni.dll
+ 2008-11-12 19:18:38 2,093,056 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\41b6c3a0c115c43c53697efa1607fe49\System.Workflow.Runtime.ni.dll
+ 2008-11-12 20:24:00 483,328 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\f61803ded1c123ed9ed5849e7dcebf25\UIAutomationClient.ni.dll
+ 2008-11-12 20:24:01 1,118,208 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\679889309b57024e8abbe80c6c7d48bc\UIAutomationClientsideProviders.ni.dll
+ 2008-11-12 19:17:59 50,688 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\9865738a916ad3664dd374582b9ea873\UIAutomationProvider.ni.dll
+ 2008-11-12 19:17:59 196,608 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\71605ce631809dcbfba38842fdf59acf\UIAutomationTypes.ni.dll
+ 2008-11-12 19:17:42 3,260,416 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\50652bfd061ead84841e6c9bfffacfb1\WindowsBase.ni.dll
+ 2008-11-12 20:24:02 270,336 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\2c96738a6ba8ff9e88889f331590e181\WindowsFormsIntegration.ni.dll
+ 2008-11-12 20:23:49 380,928 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\02436080d129210828823210ce879fd8\WsatConfig.ni.exe
+ 2004-10-22 02:15:00 86,016 ----a-r c:\windows\CtDrvIns.exe
+ 1999-10-11 01:00:00 41,984 ------w c:\windows\Ctregrun.exe
+ 2008-11-02 20:00:54 4,096 ----a-w c:\windows\d3dx.dat
+ 2006-03-20 14:34:42 24,576 ----a-w c:\windows\Downloaded Program Files\dwusplay.dll
+ 2006-03-20 14:34:42 196,608 ----a-w c:\windows\Downloaded Program Files\dwusplay.exe
+ 2006-03-20 14:34:52 484,272 ----a-w c:\windows\Downloaded Program Files\isusweb.dll
+ 2008-01-15 19:12:48 296,336 ----a-w c:\windows\Downloaded Program Files\rufsi.dll
+ 2008-06-14 17:59:49 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys
- 2006-05-05 09:41:45 453,120 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2007-02-28 16:02:38 2,138,624 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:46:12 2,138,624 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 16:02:46 2,059,904 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:46:15 2,060,032 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 16:02:38 2,018,304 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:46:10 2,018,304 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 16:02:46 2,182,656 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 13:46:14 2,182,656 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2005-10-20 17:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2008-08-07 13:27:04 163,328 ----a-w c:\windows\erunt\sdfix\ERDNT.EXE
+ 2009-02-09 13:35:17 9,527,296 ----a-w c:\windows\erunt\sdfix\Users\00000001\NTUSER.DAT
+ 2009-02-09 13:35:17 204,800 ----a-w c:\windows\erunt\sdfix\Users\00000002\UsrClass.dat
+ 2008-08-07 13:27:04 163,328 ----a-w c:\windows\erunt\sdfix_first_run\ERDNT.EXE
+ 2008-08-23 12:44:34 6,701,056 ----a-w c:\windows\erunt\sdfix_first_run\Users\00000001\NTUSER.DAT
+ 2008-08-23 12:44:34 176,128 ----a-w c:\windows\erunt\sdfix_first_run\Users\00000002\UsrClass.dat
+ 2008-03-01 13:01:50 124,928 -c----w c:\windows\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 13:01:50 347,136 -c----w c:\windows\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 13:01:50 214,528 -c----w c:\windows\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 13:01:50 133,120 -c----w c:\windows\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 13:01:50 63,488 -c----w c:\windows\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:55:56 70,656 -c----w c:\windows\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 13:01:50 153,088 -c----w c:\windows\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 13:01:50 230,400 -c----w c:\windows\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w c:\windows\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 13:01:51 383,488 -c----w c:\windows\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 13:01:51 384,512 -c----w c:\windows\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 13:01:51 6,066,176 -c----w c:\windows\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 13:01:51 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 13:01:51 267,776 -c----w c:\windows\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w c:\windows\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:56:25 625,664 -c----w c:\windows\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 13:01:51 27,648 -c----w c:\windows\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 13:01:52 459,264 -c----w c:\windows\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 13:01:52 52,224 -c----w c:\windows\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 15:31:54 3,591,680 -c----w c:\windows\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 13:01:53 478,208 -c----w c:\windows\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 13:01:53 193,024 -c----w c:\windows\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 13:01:53 671,232 -c----w c:\windows\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 13:01:53 102,912 -c----w c:\windows\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 13:01:53 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:31:14 214,752 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 13:01:53 105,984 -c----w c:\windows\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 13:01:53 1,159,680 -c----w c:\windows\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 13:01:53 233,472 -c----w c:\windows\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 13:01:53 826,368 -c----w c:\windows\ie7updates\KB950759-IE7\wininet.dll
+ 2008-04-23 04:16:41 124,928 -c----w c:\windows\ie7updates\KB953838-IE7\advpack.dll
+ 2008-04-23 04:16:42 347,136 -c----w c:\windows\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2008-04-23 04:16:42 214,528 -c----w c:\windows\ie7updates\KB953838-IE7\dxtrans.dll
+ 2008-04-23 04:16:42 133,120 -c----w c:\windows\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-04-23 04:16:42 63,488 -c----w c:\windows\ie7updates\KB953838-IE7\icardie.dll
+ 2008-04-22 07:41:08 70,656 -c----w c:\windows\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2008-04-23 04:16:42 153,088 -c----w c:\windows\ie7updates\KB953838-IE7\ieakeng.dll
+ 2008-04-23 04:16:42 230,400 -c----w c:\windows\ie7updates\KB953838-IE7\ieaksie.dll
+ 2008-04-20 05:07:51 161,792 -c----w c:\windows\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-04-23 04:16:42 383,488 -c----w c:\windows\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2008-04-23 04:16:42 384,512 -c----w c:\windows\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-04-23 04:16:42 6,066,176 -c----w c:\windows\ie7updates\KB953838-IE7\ieframe.dll
+ 2008-04-23 04:16:42 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-04-23 04:16:42 267,776 -c----w c:\windows\ie7updates\KB953838-IE7\iertutil.dll
+ 2008-04-22 07:39:58 13,824 -c----w c:\windows\ie7updates\KB953838-IE7\ieudinit.exe
+ 2008-04-22 07:41:30 625,664 -c----w c:\windows\ie7updates\KB953838-IE7\iexplore.exe
+ 2008-04-23 04:16:42 27,648 -c----w c:\windows\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-04-23 04:16:42 459,264 -c----w c:\windows\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-04-23 04:16:42 52,224 -c----w c:\windows\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2008-04-23 19:16:44 3,591,680 -c----w c:\windows\ie7updates\KB953838-IE7\mshtml.dll
+ 2008-04-23 04:16:42 478,208 -c----w c:\windows\ie7updates\KB953838-IE7\mshtmled.dll
+ 2008-04-23 04:16:42 193,024 -c----w c:\windows\ie7updates\KB953838-IE7\msrating.dll
+ 2008-04-23 04:16:42 671,232 -c----w c:\windows\ie7updates\KB953838-IE7\mstime.dll
+ 2008-04-23 04:16:42 102,912 -c----w c:\windows\ie7updates\KB953838-IE7\occache.dll
+ 2008-04-23 04:16:42 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:31:14 214,752 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2008-04-23 04:16:42 105,984 -c----w c:\windows\ie7updates\KB953838-IE7\url.dll
+ 2008-04-23 04:16:43 1,159,680 -c----w c:\windows\ie7updates\KB953838-IE7\urlmon.dll
+ 2008-04-23 04:16:43 233,472 -c----w c:\windows\ie7updates\KB953838-IE7\webcheck.dll
+ 2008-04-23 04:16:43 826,368 -c----w c:\windows\ie7updates\KB953838-IE7\wininet.dll
+ 2008-06-23 16:29:13 124,928 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2008-06-23 16:29:13 347,136 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-06-23 16:29:13 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-06-23 16:29:13 133,120 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-06-23 16:29:13 63,488 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2008-06-23 09:21:15 70,656 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-06-23 16:29:13 153,088 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-06-23 16:29:13 230,400 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-06-21 05:23:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-06-23 16:29:13 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-06-23 16:29:13 384,512 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-06-23 16:29:14 6,066,176 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-06-23 16:29:14 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-06-23 16:29:14 267,776 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-06-23 09:20:26 13,824 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-06-23 09:21:31 625,664 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-06-23 16:29:15 27,648 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-06-23 16:29:15 459,264 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-06-23 16:29:15 52,224 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-06-24 07:29:16 3,592,192 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-06-23 16:29:15 477,696 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-06-23 16:29:15 193,024 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2008-06-23 16:29:15 671,232 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2008-06-23 16:29:15 102,912 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2008-06-23 16:29:15 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:31:14 214,752 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-06-23 16:29:16 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
+ 2008-06-23 16:29:16 1,159,680 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-06-23 16:29:16 233,472 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-06-23 16:29:16 826,368 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll
+ 2008-08-26 08:12:24 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll
+ 2008-08-26 08:12:24 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll
+ 2008-08-26 08:12:24 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll
+ 2008-08-26 08:12:24 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll
+ 2008-08-26 08:12:24 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll
+ 2008-08-25 08:38:49 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2008-08-26 08:12:24 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll
+ 2008-08-26 08:12:24 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll
+ 2008-08-26 08:12:24 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll
+ 2008-08-26 08:12:24 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll
+ 2008-10-03 17:12:24 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll
+ 2008-08-26 08:12:25 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll
+ 2008-08-26 08:12:25 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe
+ 2008-08-26 08:12:25 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll
+ 2008-08-26 08:12:25 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll
+ 2008-08-26 08:12:25 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll
+ 2008-08-26 08:12:26 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll
+ 2008-08-26 08:12:26 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll
+ 2008-08-26 08:12:26 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll
+ 2008-08-26 08:12:26 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll
+ 2008-08-26 08:12:26 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll
+ 2007-03-06 01:31:14 214,752 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll
+ 2008-08-26 08:12:26 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll
+ 2008-08-26 08:12:26 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll
+ 2008-08-26 08:12:26 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll
+ 2008-08-26 08:12:26 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll
+ 2008-08-27 09:12:28 3,593,216 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll
+ 2007-03-06 01:31:14 214,752 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll
+ 2007-05-31 11:35:22 6,420,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\B040110900063D11C8EF10054038389C\11.0.8173\POWERPNT.EXE
+ 2008-07-18 18:45:16 27,136 ----a-r c:\windows\Installer\{02DFF6B1-1654-411C-8D7B-FD6052EF016F}\AppleSoftwareUpdateIco.exe
+ 2008-06-03 18:58:36 422,598 ----a-r c:\windows\Installer\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\ARPPRODUCTICON.exe
+ 2008-06-03 18:58:36 65,536 ----a-r c:\windows\Installer\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
+ 2008-07-18 18:45:48 86,016 ----a-r c:\windows\Installer\{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}\PrntWzrdIco.exe
+ 2008-11-12 21:09:01 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2008-07-18 12:36:30 15,086 ----a-r c:\windows\Installer\{8C1AD831-A7F8-4E8C-A2CB-DD3091AF9AB8}\controlPanelIcon.exe
+ 2008-07-18 12:36:30 15,086 ----a-r c:\windows\Installer\{8C1AD831-A7F8-4E8C-A2CB-DD3091AF9AB8}\ext.exe
+ 2008-07-18 12:36:30 15,086 ----a-r c:\windows\Installer\{8C1AD831-A7F8-4E8C-A2CB-DD3091AF9AB8}\ext_1.exe
+ 2008-07-18 12:36:30 10,134 ----a-r c:\windows\Installer\{8C1AD831-A7F8-4E8C-A2CB-DD3091AF9AB8}\SystemFolder_msiexec.exe
- 2008-05-14 20:05:30 593,920 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-01-14 22:08:08 593,920 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-05-14 20:05:30 12,288 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-01-14 22:08:08 12,288 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-05-14 20:05:30 86,016 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-01-14 22:08:08 86,016 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-05-14 20:05:30 135,168 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-01-14 22:08:08 135,168 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-05-14 20:05:30 11,264 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-01-14 22:08:08 11,264 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-05-14 20:05:30 27,136 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-01-14 22:08:08 27,136 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-05-14 20:05:30 4,096 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-01-14 22:08:08 4,096 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-05-14 20:05:30 794,624 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-01-14 22:08:08 794,624 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-05-14 20:05:30 249,856 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-01-14 22:08:08 249,856 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-05-14 20:05:30 61,440 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-01-14 22:08:08 61,440 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-05-14 20:05:30 23,040 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-01-14 22:08:08 23,040 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-05-14 20:05:30 286,720 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-01-14 22:08:08 286,720 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-05-14 20:05:30 409,600 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-01-14 22:08:08 409,600 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-07-07 19:31:29 295,606 ----a-r c:\windows\Installer\{AC76BA86-7AD7-1035-7B44-A81200000003}\SC_Reader.exe
+ 2008-12-06 16:48:09 10,134 ----a-r c:\windows\Installer\{BC4CA8FA-41D2-4B81-8680-E9B7573D6500}\ARPPRODUCTICON.exe
+ 1997-08-26 09:06:34 315,904 ----a-w c:\windows\IsUninst.exe
+ 2006-10-30 02:06:24 74,012 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\baseline.dat
+ 2006-10-30 01:25:56 99,600 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\DeleteTemp.exe
+ 2006-10-29 21:15:06 220,672 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\dlmgr.dll
+ 2006-10-29 21:17:56 1,054,720 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\gencomp.dll
+ 2006-10-29 21:14:26 163,328 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\HtmlLite.dll
+ 2006-10-30 01:25:54 194,320 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\RebootStub.exe
+ 2006-10-30 01:25:56 167,176 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\runmsi.exe
+ 2006-10-30 01:25:56 365,320 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
+ 2006-10-30 01:17:12 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1025.dll
+ 2006-10-30 01:17:30 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1028.dll
+ 2006-10-30 01:17:36 86,016 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1029.dll
+ 2006-10-30 01:17:44 87,040 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1030.dll
+ 2006-10-30 01:17:50 89,600 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1031.dll
+ 2006-10-30 01:17:56 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1032.dll
+ 2006-10-30 01:18:10 82,944 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1035.dll
+ 2006-10-30 01:18:16 91,648 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1036.dll
+ 2006-10-30 01:18:22 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1037.dll
+ 2006-10-30 01:18:30 89,600 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1038.dll
+ 2006-10-30 01:18:36 88,064 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1040.dll
+ 2006-10-30 01:18:42 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1041.dll
+ 2006-10-30 01:18:48 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1042.dll
+ 2006-10-30 01:18:56 87,040 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1043.dll
+ 2006-10-30 01:19:02 83,968 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1044.dll
+ 2006-10-30 01:19:08 86,528 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1045.dll
+ 2006-10-30 01:19:14 84,480 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1046.dll
+ 2006-10-30 01:19:28 82,944 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1049.dll
+ 2006-10-30 01:19:34 83,968 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1053.dll
+ 2006-10-30 01:19:42 82,432 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1055.dll
+ 2006-10-30 01:17:24 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.2052.dll
+ 2006-10-30 01:19:22 90,624 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.2070.dll
+ 2006-10-30 01:18:02 90,112 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.3082.dll
+ 2006-10-29 21:15:20 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.dll
+ 2006-10-29 21:15:22 1,621,504 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\SITSetup.dll
+ 2006-10-30 01:17:14 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1025.dll
+ 2006-10-30 01:17:30 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1028.dll
+ 2006-10-30 01:17:38 99,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1029.dll
+ 2006-10-30 01:17:44 99,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1030.dll
+ 2006-10-30 01:17:50 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1031.dll
+ 2006-10-30 01:17:58 104,448 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1032.dll
+ 2006-10-30 01:18:10 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1035.dll
+ 2006-10-30 01:18:16 103,424 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1036.dll
+ 2006-10-30 01:18:24 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1037.dll
+ 2006-10-30 01:18:30 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1038.dll
+ 2006-10-30 01:18:36 101,376 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1040.dll
+ 2006-10-30 01:18:42 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1041.dll
+ 2006-10-30 01:18:50 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1042.dll
+ 2006-10-30 01:18:56 99,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1043.dll
+ 2006-10-30 01:19:02 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1044.dll
+ 2006-10-30 01:19:08 99,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1045.dll
+ 2006-10-30 01:19:16 99,328 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1046.dll
+ 2006-10-30 01:19:28 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1049.dll
+ 2006-10-30 01:19:36 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1053.dll
+ 2006-10-30 01:19:42 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1055.dll
+ 2006-10-30 01:17:24 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.2052.dll
+ 2006-10-30 01:19:22 101,376 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.2070.dll
+ 2006-10-30 01:18:04 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.3082.dll
+ 2006-10-29 21:18:36 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.dll
+ 2006-10-29 21:19:30 1,103,872 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapUI.dll
+ 2006-10-29 21:16:52 1,139,712 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\vs_setup.dll
+ 2006-10-29 21:18:26 590,848 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\vs70uimgr.dll
+ 2006-10-29 21:20:20 541,184 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\vsbasereqs.dll
+ 2006-10-29 21:18:12 816,128 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\vsscenario.dll
+ 2006-10-30 01:34:02 159,744 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2006-10-30 01:33:58 741,376 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-11-12 19:17:11 626,440 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\install.exe
+ 2008-11-12 19:17:11 80,896 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\install.res.1033.dll
+ 2006-10-30 01:34:00 352,256 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2006-10-30 01:34:00 151,552 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2006-10-30 01:34:02 2,560 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2006-10-30 01:34:02 61,440 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2006-10-30 01:34:02 11,264 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2006-10-30 01:34:00 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMDiagnostics.dll
+ 2006-10-30 01:34:02 122,880 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2006-10-30 01:34:02 884,736 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2006-10-30 01:34:02 5,623,808 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2006-10-30 01:34:00 159,744 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2006-10-30 01:34:00 16,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2006-10-30 01:34:02 143,360 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2006-07-25 19:32:00 14,648 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2006-10-20 14:08:52 797,696 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2006-10-20 14:09:02 4,874,240 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2006-10-20 12:03:40 2,628,608 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2006-10-20 19:29:46 72,992 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2006-10-20 19:21:24 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2006-10-20 19:21:24 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2006-10-20 19:29:52 106,272 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2006-10-20 19:21:26 897,024 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2006-10-20 19:21:26 14,848 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe
- 2000-08-31 05:00:00 28,160 ----a-w c:\windows\Nircmd.exe
+ 2000-08-31 06:00:00 29,696 ----a-w c:\windows\NIRCMD.exe
- 2000-08-31 05:00:00 161,792 ----a-w c:\windows\swreg.exe
+ 2000-08-31 06:00:00 161,792 ----a-w c:\windows\swreg.exe
- 2008-03-01 13:01:50 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-10-16 20:18:32 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelFrench.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelGerman.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelJapanese.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelKorean.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelPortugese.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelSimplifiedChinese.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelSpanish.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelSwedish.dll
+ 2008-10-07 07:13:22 58,648 ----a-w c:\windows\system32\AgCPanelTraditionalChinese.dll
+ 2008-10-07 07:13:18 199,885 ----a-w c:\windows\system32\AGEIA\AG1011\app.bin
+ 2008-10-07 07:13:20 119,473 ----a-w c:\windows\system32\AGEIA\AG1011\diag.bin
+ 2008-10-07 07:13:20 214,629 ----a-w c:\windows\system32\AGEIA\AG1021\app.bin
+ 2008-10-07 07:13:20 116,977 ----a-w c:\windows\system32\AGEIA\AG1021\diag.bin
+ 2006-10-18 19:47:08 276,992 ------w c:\windows\system32\audiodev.dll
+ 2008-07-07 08:47:37 10,520 ----a-w c:\windows\system32\avgrsstx.dll
+ 2008-09-27 19:05:33 30,720 ----a-w c:\windows\system32\bbcap.dll
+ 2008-09-27 19:05:33 4,608 ----a-w c:\windows\system32\bbchlp.dll
- 2005-01-28 11:44:28 294,912 ----a-w c:\windows\system32\blackbox.dll
+ 2006-10-18 19:47:10 542,720 ----a-w c:\windows\system32\blackbox.dll
- 2007-07-30 17:19:20 92,504 ----a-w c:\windows\system32\cdm.dll
+ 2008-10-16 12:09:44 92,696 ----a-w c:\windows\system32\cdm.dll
- 2005-01-28 11:44:28 164,864 ----a-w c:\windows\system32\cewmdm.dll
+ 2006-10-18 19:47:10 229,376 ----a-w c:\windows\system32\cewmdm.dll
- 2008-03-14 17:32:26 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-08-23 12:39:08 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2008-03-14 17:32:26 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\index.dat
+ 2008-08-23 12:39:08 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\index.dat
+ 2008-08-22 23:55:33 78,924 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat
+ 2005-03-31 01:06:00 36,864 ----a-r c:\windows\system32\CtCamMgr.dll
+ 2004-11-16 01:05:00 36,864 ----a-r c:\windows\system32\CtRegApp.dll
+ 2007-03-12 14:42:30 1,123,696 ----a-w c:\windows\system32\D3DCompiler_33.dll
+ 2007-05-16 14:45:16 1,124,720 ----a-w c:\windows\system32\D3DCompiler_34.dll
+ 2007-07-19 16:14:42 1,358,192 ----a-w c:\windows\system32\D3DCompiler_35.dll
+ 2007-10-12 13:14:00 1,374,232 ----a-w c:\windows\system32\D3DCompiler_36.dll
+ 2008-03-05 13:56:58 1,420,824 ----a-w c:\windows\system32\D3DCompiler_37.dll
+ 2008-05-30 12:11:46 1,491,992 ----a-w c:\windows\system32\D3DCompiler_38.dll
+ 2008-07-10 09:00:58 1,493,528 ----a-w c:\windows\system32\D3DCompiler_39.dll
+ 2008-10-10 02:52:38 2,036,576 ----a-w c:\windows\system32\D3DCompiler_40.dll
+ 2007-03-15 14:57:58 443,752 ----a-w c:\windows\system32\d3dx10_33.dll
+ 2007-05-16 14:45:16 443,752 ----a-w c:\windows\system32\d3dx10_34.dll
+ 2007-07-19 16:14:42 444,776 ----a-w c:\windows\system32\d3dx10_35.dll
+ 2007-10-02 07:56:34 444,776 ----a-w c:\windows\system32\d3dx10_36.dll
+ 2008-02-05 21:07:36 462,864 ----a-w c:\windows\system32\d3dx10_37.dll
+ 2008-05-30 12:11:46 467,984 ----a-w c:\windows\system32\d3dx10_38.dll
+ 2008-07-10 09:01:00 467,984 ----a-w c:\windows\system32\d3dx10_39.dll
+ 2008-10-10 02:52:38 452,440 ----a-w c:\windows\system32\d3dx10_40.dll
+ 2007-12-26 14:30:00 679,936 ----a-w c:\windows\system32\D3DX81ab.dll
+ 2007-12-26 14:30:00 1,970,176 ----a-w c:\windows\system32\d3dx9.dll
+ 2006-10-30 17:25:00 2,414,360 ----a-w c:\windows\system32\d3dx9_31.dll
+ 2006-11-29 11:06:18 3,426,072 ----a-w c:\windows\system32\d3dx9_32.dll
+ 2007-03-12 14:42:30 3,495,784 ----a-w c:\windows\system32\d3dx9_33.dll
+ 2007-05-16 14:45:16 3,497,832 ----a-w c:\windows\system32\d3dx9_34.dll
+ 2007-07-19 16:14:42 3,727,720 ----a-w c:\windows\system32\d3dx9_35.dll
+ 2007-10-12 13:14:00 3,734,536 ----a-w c:\windows\system32\d3dx9_36.dll
+ 2008-03-05 13:56:58 3,786,760 ----a-w c:\windows\system32\D3DX9_37.dll
+ 2008-05-30 12:11:46 3,850,760 ----a-w c:\windows\system32\D3DX9_38.dll
+ 2008-07-10 09:00:58 3,851,784 ----a-w c:\windows\system32\D3DX9_39.dll
+ 2008-10-10 02:52:38 4,379,984 ----a-w c:\windows\system32\D3DX9_40.dll
- 2008-03-01 13:01:50 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
+ 2008-10-16 20:18:32 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
- 2004-09-15 12:00:00 138,496 -c--a-w c:\windows\system32\dllcache\afd.sys
+ 2008-08-14 09:51:43 138,368 -c--a-w c:\windows\system32\dllcache\afd.sys
- 2005-01-28 11:44:28 294,912 -c--a-w c:\windows\system32\dllcache\blackbox.dll
+ 2006-10-18 19:47:10 542,720 -c--a-w c:\windows\system32\dllcache\blackbox.dll
- 2004-09-14 13:06:48 274,304 -c--a-w c:\windows\system32\dllcache\bthport.sys
+ 2008-06-14 17:59:49 272,128 -c--a-w c:\windows\system32\dllcache\bthport.sys
- 2007-07-30 17:19:20 92,504 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 12:09:44 92,696 -c--a-w c:\windows\system32\dllcache\cdm.dll
- 2005-01-28 11:44:28 164,864 -c--a-w c:\windows\system32\dllcache\cewmdm.dll
+ 2006-10-18 19:47:10 229,376 -c--a-w c:\windows\system32\dllcache\cewmdm.dll
- 2008-02-20 05:38:03 148,992 -c--a-w c:\windows\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:41:09 148,992 -c--a-w c:\windows\system32\dllcache\dnsapi.dll
- 2005-01-28 11:44:28 502,272 -c--a-w c:\windows\system32\dllcache\drmv2clt.dll
+ 2006-10-18 19:47:10 991,744 -c--a-w c:\windows\system32\dllcache\drmv2clt.dll
- 2008-03-01 13:01:50 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 20:18:32 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-03-01 13:01:50 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 20:18:32 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
- 2005-07-26 04:40:30 243,200 -c--a-w c:\windows\system32\dllcache\es.dll
+ 2008-07-07 20:31:56 253,952 -c--a-w c:\windows\system32\dllcache\es.dll
- 2008-03-01 13:01:50 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 20:18:32 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
+ 2006-10-14 14:43:18 27,648 -c----w c:\windows\system32\dllcache\FilterPipelinePrintProc.dll
- 2008-02-20 06:51:32 282,624 -c--a-w c:\windows\system32\dllcache\gdi32.dll
+ 2008-10-23 13:00:00 283,648 -c--a-w c:\windows\system32\dllcache\gdi32.dll
- 2008-03-01 13:01:50 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2008-10-16 20:18:32 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
- 2008-02-29 08:55:56 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-10-16 13:12:19 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-03-01 13:01:50 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-10-16 20:18:33 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
- 2008-03-01 13:01:50 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-10-16 20:18:33 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
- 2008-02-15 05:44:25 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
+ 2008-10-15 07:04:53 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
- 2008-03-01 13:01:51 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-10-16 20:18:33 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-03-01 13:01:51 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-10-16 20:18:33 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-03-01 13:01:51 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-16 20:18:37 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
- 2008-03-01 13:01:51 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
+ 2008-10-16 20:18:37 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
- 2008-03-01 13:01:51 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2008-10-16 20:18:37 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
- 2008-02-22 10:00:51 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
- 2008-02-29 08:56:25 625,664 -c----w c:\windows\system32\dllcache\iexplore.exe
+ 2008-10-15 07:06:26 633,632 -c----w c:\windows\system32\dllcache\iexplore.exe
- 2007-08-21 06:17:25 683,520 -c--a-w c:\windows\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:51:34 683,520 -c--a-w c:\windows\system32\dllcache\inetcomm.dll
- 2008-03-01 13:01:51 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 20:18:38 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
- 2005-01-28 11:44:28 6,656 -c--a-w c:\windows\system32\dllcache\laprxy.dll
+ 2006-10-18 19:47:14 11,264 -c--a-w c:\windows\system32\dllcache\LAPRXY.dll
- 2005-01-28 11:44:28 96,768 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-17 23:09:22 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
- 2004-09-15 12:00:00 72,704 -c--a-w c:\windows\system32\dllcache\magnify.exe
+ 2006-10-04 13:33:17 72,704 -c--a-w c:\windows\system32\dllcache\magnify.exe
+ 2004-09-14 14:06:10 23,040 -c--a-w c:\windows\system32\dllcache\mouclass.sys
+ 2001-10-05 13:59:32 12,160 -c--a-w c:\windows\system32\dllcache\mouhid.sys
- 2004-09-15 12:00:00 310,272 -c--a-w c:\windows\system32\dllcache\mp43dmod.dll
+ 2006-10-18 19:47:14 4,096 -c--a-w c:\windows\system32\dllcache\MP43DMOD.dll
- 2004-09-15 12:00:00 384,512 -c--a-w c:\windows\system32\dllcache\mp4sdmod.dll
+ 2006-10-18 19:47:14 4,096 -c--a-w c:\windows\system32\dllcache\MP4SDMOD.dll
- 2004-09-15 12:00:00 240,640 -c--a-w c:\windows\system32\dllcache\mpg4dmod.dll
+ 2006-10-18 19:47:14 4,096 -c--a-w c:\windows\system32\dllcache\MPG4DMOD.dll
- 2006-05-05 09:41:45 453,120 -c----w c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 -c----w c:\windows\system32\dllcache\mrxsmb.sys
- 2004-09-15 12:00:00 331,776 -c--a-w c:\windows\system32\dllcache\msadce.dll
+ 2008-05-01 14:32:24 331,776 -c--a-w c:\windows\system32\dllcache\msadce.dll
- 2005-06-29 01:49:52 74,240 -c--a-w c:\windows\system32\dllcache\mscms.dll
+ 2008-06-24 16:23:58 74,240 -c--a-w c:\windows\system32\dllcache\mscms.dll
- 2008-03-01 13:01:52 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-10-16 20:18:38 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
- 2008-03-01 13:01:52 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-10-16 20:18:38 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-03-01 15:31:54 3,591,680 -c----w c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-13 06:37:58 3,593,216 -c----w c:\windows\system32\dllcache\mshtml.dll
- 2008-03-01 13:01:53 478,208 -c----w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 20:18:41 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll
- 2005-01-28 11:44:28 142,336 -c--a-w c:\windows\system32\dllcache\msnetobj.dll
+ 2006-10-18 19:47:16 179,712 -c--a-w c:\windows\system32\dllcache\msnetobj.dll
- 2005-01-28 11:44:28 25,088 -c--a-w c:\windows\system32\dllcache\mspmsnsv.dll
+ 2006-10-18 19:47:16 27,136 -c--a-w c:\windows\system32\dllcache\mspmsnsv.dll
- 2005-01-28 11:44:28 173,568 -c--a-w c:\windows\system32\dllcache\mspmsp.dll
+ 2006-10-18 19:47:16 175,616 -c--a-w c:\windows\system32\dllcache\mspmsp.dll
- 2008-03-01 13:01:53 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 20:18:41 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
- 2005-01-28 11:44:28 364,784 -c--a-w c:\windows\system32\dllcache\msscp.dll
+ 2006-12-04 14:21:50 414,720 -c--a-w c:\windows\system32\dllcache\msscp.dll
- 2008-03-01 13:01:53 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 20:18:42 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
- 2005-01-28 11:44:28 315,904 -c--a-w c:\windows\system32\dllcache\mswmdm.dll
+ 2006-10-18 19:47:16 321,536 -c--a-w c:\windows\system32\dllcache\mswmdm.dll
- 2004-09-15 12:00:00 246,784 -c--a-w c:\windows\system32\dllcache\mswsock.dll
+ 2008-06-20 17:41:09 246,784 -c--a-w c:\windows\system32\dllcache\mswsock.dll
- 2007-06-26 06:09:33 1,104,896 -c--a-w c:\windows\system32\dllcache\msxml3.dll
+ 2008-09-04 16:45:24 1,106,944 -c--a-w c:\windows\system32\dllcache\msxml3.dll
- 2004-09-15 12:00:00 54,272 -c--a-w c:\windows\system32\dllcache\narrator.exe
+ 2006-10-04 13:33:16 54,272 -c--a-w c:\windows\system32\dllcache\narrator.exe
- 2006-08-17 12:28:30 332,288 -c--a-w c:\windows\system32\dllcache\netapi32.dll
+ 2008-10-15 17:00:03 332,800 -c--a-w c:\windows\system32\dllcache\netapi32.dll
- 2007-02-28 16:02:38 2,138,624 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-14 13:46:12 2,138,624 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
- 2007-02-28 16:02:46 2,059,904 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-08-14 13:46:15 2,060,032 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
- 2007-02-28 16:02:38 2,018,304 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-08-14 13:46:10 2,018,304 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
- 2007-02-28 16:02:46 2,182,656 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-08-14 13:46:14 2,182,656 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
- 2007-11-06 23:00:00 5,770,880 -c--a-w c:\windows\system32\dllcache\nv4_disp.dll
+ 2008-10-07 11:33:00 6,058,112 -c--a-w c:\windows\system32\dllcache\nv4_disp.dll
- 2007-11-06 23:00:00 7,429,088 -c--a-w c:\windows\system32\dllcache\nv4_mini.sys
+ 2009-01-15 06:19:00 6,301,248 -c--a-w c:\windows\system32\dllcache\nv4_mini.sys
- 2008-03-01 13:01:53 102,912 -c----w c:\windows\system32\dllcache\occache.dll
+ 2008-10-16 20:18:42 102,912 -c----w c:\windows\system32\dllcache\occache.dll
- 2004-09-15 12:00:00 216,064 -c--a-w c:\windows\system32\dllcache\osk.exe
+ 2006-10-04 13:33:17 216,064 -c--a-w c:\windows\system32\dllcache\osk.exe
- 2008-03-01 13:01:53 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 20:18:42 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
+ 2006-10-14 14:44:44 671,744 -c----w c:\windows\system32\dllcache\PrintFilterPipelineSvc.exe
- 2005-01-28 11:44:28 221,184 -c--a-w c:\windows\system32\dllcache\qasf.dll
+ 2006-10-18 19:47:18 211,456 -c--a-w c:\windows\system32\dllcache\qasf.dll
- 2007-10-29 22:43:51 1,288,192 -c--a-w c:\windows\system32\dllcache\quartz.dll
+ 2008-05-07 05:15:43 1,288,192 -c--a-w c:\windows\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w c:\windows\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w c:\windows\system32\dllcache\rmcast.sys
- 2006-08-14 10:34:41 332,928 -c--a-w c:\windows\system32\dllcache\srv.sys
+ 2008-12-11 11:57:21 333,184 -c--a-w c:\windows\system32\dllcache\srv.sys
- 2006-08-24 11:19:40 246,814 -c--a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:17:02 247,326 -c--a-w c:\windows\system32\dllcache\strmdll.dll
- 2007-10-30 17:20:55 360,064 -c--a-w c:\windows\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w c:\windows\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c--a-w c:\windows\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w c:\windows\system32\dllcache\tcpip6.sys
- 2004-09-15 12:00:00 36,352 -c--a-w c:\windows\system32\dllcache\umandlg.dll
+ 2006-10-04 13:38:23 36,352 -c--a-w c:\windows\system32\dllcache\umandlg.dll
- 2008-03-01 13:01:53 105,984 -c----w c:\windows\system32\dllcache\url.dll
+ 2008-10-16 20:18:42 105,984 -c----w c:\windows\system32\dllcache\url.dll
- 2008-03-01 13:01:53 1,159,680 -c----w c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 20:18:43 1,160,192 -c----w c:\windows\system32\dllcache\urlmon.dll
- 2004-09-15 12:00:00 50,176 -c--a-w c:\windows\system32\dllcache\utilman.exe
+ 2006-10-04 13:33:16 50,176 -c--a-w c:\windows\system32\dllcache\utilman.exe
- 2008-03-01 13:01:53 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
+ 2008-10-16 20:18:43 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
+ 2004-09-14 13:12:00 53,760 -c--a-w c:\windows\system32\dllcache\vfwwdm32.dll
- 2008-03-20 08:09:41 1,845,504 -c--a-w c:\windows\system32\dllcache\win32k.sys
+ 2008-09-15 15:40:30 1,846,272 -c--a-w c:\windows\system32\dllcache\win32k.sys
- 2008-03-01 13:01:53 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 20:18:43 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
- 2005-01-28 11:44:28 396,528 -c--a-w c:\windows\system32\dllcache\wmadmod.dll
+ 2006-10-18 19:47:18 757,248 -c--a-w c:\windows\system32\dllcache\WMADMOD.dll
- 2005-01-28 11:44:28 716,288 -c--a-w c:\windows\system32\dllcache\wmadmoe.dll
+ 2006-10-18 19:47:18 1,117,696 -c--a-w c:\windows\system32\dllcache\WMADMOE.dll
- 2007-10-20 04:01:32 227,328 -c--a-w c:\windows\system32\dllcache\wmasf.dll
+ 2007-10-25 07:28:30 222,720 -c--a-w c:\windows\system32\dllcache\wmasf.dll
- 2005-01-28 11:44:28 28,160 -c--a-w c:\windows\system32\dllcache\wmdmlog.dll
+ 2006-10-18 19:47:18 33,792 -c--a-w c:\windows\system32\dllcache\wmdmlog.dll
- 2005-01-28 11:44:28 33,792 -c--a-w c:\windows\system32\dllcache\wmdmps.dll
+ 2006-10-18 19:47:18 37,376 -c--a-w c:\windows\system32\dllcache\wmdmps.dll
- 2005-01-28 11:44:28 150,016 -c--a-w c:\windows\system32\dllcache\wmidx.dll
+ 2006-10-18 19:47:20 157,184 -c--a-w c:\windows\system32\dllcache\wmidx.dll
- 2005-01-28 11:44:28 1,027,072 -c--a-w c:\windows\system32\dllcache\wmnetmgr.dll
+ 2008-06-18 03:03:08 938,496 -c--a-w c:\windows\system32\dllcache\WMNetmgr.dll
- 2005-01-28 11:44:28 774,904 -c--a-w c:\windows\system32\dllcache\wmsdmod.dll
+ 2006-10-18 19:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmsdmod.dll
- 2005-01-28 11:44:28 1,119,744 -c--a-w c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2006-10-18 19:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmsdmoe2.dll
- 2005-01-28 11:44:28 413,944 -c--a-w c:\windows\system32\dllcache\wmspdmod.dll
+ 2006-10-18 19:47:22 603,648 -c--a-w c:\windows\system32\dllcache\WMSPDMOD.dll
- 2005-01-28 11:44:28 940,544 -c--a-w c:\windows\system32\dllcache\wmspdmoe.dll
+ 2006-10-18 19:47:22 1,329,152 -c--a-w c:\windows\system32\dllcache\WMSPDMOE.dll
- 2006-12-07 05:29:34 2,374,472 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 03:03:14 2,458,112 -c--a-w c:\windows\system32\dllcache\WMVCore.dll
- 2005-01-28 11:44:28 895,736 -c--a-w c:\windows\system32\dllcache\wmvdmod.dll
+ 2006-10-18 19:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmvdmod.dll
- 2005-01-28 11:44:28 1,003,008 -c--a-w c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2006-10-18 19:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmvdmoe2.dll
- 2007-07-30 17:19:36 549,720 -c--a-w c:\windows\system32\dllcache\wuapi.dll
+ 2008-10-16 12:12:20 561,688 -c--a-w c:\windows\system32\dllcache\wuapi.dll
- 2007-07-30 17:19:16 53,080 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 12:09:44 51,224 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
- 2007-07-30 17:19:42 1,712,984 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 12:13:40 1,809,944 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
- 2007-07-30 17:19:32 325,976 -c--a-w c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 12:12:22 323,608 -c--a-w c:\windows\system32\dllcache\wucltui.dll
- 2007-07-30 17:18:40 33,624 -c--a-w c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 12:08:58 34,328 -c--a-w c:\windows\system32\dllcache\wups.dll
- 2007-07-30 17:19:46 203,096 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2008-10-16 12:13:40 202,776 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2006-10-14 18:21:58 580,352 -c----w c:\windows\system32\dllcache\XPSSHHDR.dll
+ 2006-10-14 18:22:00 1,698,048 -c----w c:\windows\system32\dllcache\XpsSvcs.dll
+ 2007-07-24 12:17:08 81,920 ----a-w c:\windows\system32\dns-sd.exe
- 2008-02-20 05:38:03 148,992 ----a-w c:\windows\system32\dnsapi.dll
+ 2008-06-20 17:41:09 148,992 ----a-w c:\windows\system32\dnsapi.dll
+ 2007-07-24 12:17:08 61,440 ----a-w c:\windows\system32\dnssd.dll
- 2004-09-15 12:00:00 138,496 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-07-07 08:47:36 96,520 ----a-w c:\windows\system32\drivers\avgldx86.sys
- 2008-03-14 19:02:37 26,952 ----a-w c:\windows\system32\drivers\avgmfx86.sys
+ 2008-07-07 08:47:36 26,824 ----a-w c:\windows\system32\drivers\avgmfx86.sys
+ 2008-04-29 08:19:50 12,960 ----a-w c:\windows\system32\drivers\Awrtpd.sys
+ 2008-04-29 08:19:54 15,648 ----a-w c:\windows\system32\drivers\Awrtrd.sys
+ 2008-09-27 19:05:33 4,096 ----a-w c:\windows\system32\drivers\bbcap.sys
- 2004-09-14 13:06:48 274,304 ----a-w c:\windows\system32\drivers\bthport.sys
+ 2008-06-14 17:59:49 272,128 ----a-w c:\windows\system32\drivers\bthport.sys
+ 2006-06-01 15:47:40 334,976 ----a-w c:\windows\system32\drivers\dumant.sys
- 2004-09-15 12:00:00 23,040 ----a-w c:\windows\system32\drivers\mouclass.sys
+ 2004-09-14 14:06:10 23,040 ----a-w c:\windows\system32\drivers\mouclass.sys
- 2004-09-15 12:00:00 12,160 ----a-w c:\windows\system32\drivers\mouhid.sys
+ 2001-10-05 13:59:32 12,160 ----a-w c:\windows\system32\drivers\mouhid.sys
- 2006-05-05 09:41:45 453,120 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-04-29 08:20:00 15,648 ----a-w c:\windows\system32\drivers\NSDriver.sys
- 2007-11-06 23:00:00 7,429,088 ----a-w c:\windows\system32\drivers\nv4_mini.sys
+ 2009-01-15 06:19:00 6,301,248 ----a-w c:\windows\system32\drivers\nv4_mini.sys
- 2006-07-13 08:48:58 202,240 ----a-w c:\windows\system32\drivers\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w c:\windows\system32\drivers\rmcast.sys
+ 2005-04-04 10:43:22 48,640 ----a-w c:\windows\system32\drivers\sfdrv01.sys
+ 2005-02-23 15:59:54 6,656 ----a-w c:\windows\system32\drivers\sfhlp02.sys
+ 2005-04-14 12:12:32 19,968 ----a-w c:\windows\system32\drivers\sfsync02.sys
- 2007-10-30 17:20:55 360,064 ----a-w c:\windows\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w c:\windows\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30 225,664 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2006-10-18 19:47:22 671,232 ------w c:\windows\system32\drivers\UMDF\wpdmtpdr.dll
+ 2005-04-14 01:00:00 138,112 ----a-r c:\windows\system32\drivers\V0090Vid.sys
+ 2008-10-06 09:53:24 15,656 ----a-w c:\windows\system32\drivers\wacmoumonitor.sys
+ 2007-02-16 09:12:36 11,312 ----a-w c:\windows\system32\drivers\wacommousefilter.sys
+ 2008-07-11 09:16:50 13,352 ----a-w c:\windows\system32\drivers\wacomvhid.sys
+ 2007-02-15 14:11:28 11,440 ----a-w c:\windows\system32\drivers\WacomVKHid.sys
- 2005-01-28 11:44:28 18,944 ----a-w c:\windows\system32\drivers\wpdusb.sys
+ 2006-10-18 18:00:00 38,528 ----a-w c:\windows\system32\drivers\wpdusb.sys
+ 2006-09-28 16:55:50 77,568 ------w c:\windows\system32\drivers\WudfPf.sys
+ 2006-09-28 17:00:34 82,944 ------w c:\windows\system32\drivers\WudfRd.sys
+ 2006-10-18 18:00:46 249,856 ------w c:\windows\system32\drmupgds.exe
- 2005-01-28 11:44:28 502,272 ----a-w c:\windows\system32\drmv2clt.dll
+ 2006-10-18 19:47:10 991,744 ----a-w c:\windows\system32\drmv2clt.dll
+ 2008-07-10 06:35:22 32,000 -c--a-w c:\windows\system32\DRVSTORE\usbaapl_97B931EF204A3188AFFD15A9A5337268E8B6F312\usbaapl.sys
- 2008-03-01 13:01:50 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-10-16 20:18:32 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-03-01 13:01:50 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-10-16 20:18:32 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2006-10-20 19:29:46 69,408 ----a-w c:\windows\system32\dxva2.dll
- 2005-07-26 04:40:30 243,200 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:31:56 253,952 ----a-w c:\windows\system32\es.dll
+ 2006-10-20 19:30:00 478,496 ----a-w c:\windows\system32\evr.dll
- 2008-03-01 13:01:50 133,120 ------w c:\windows\system32\extmgr.dll
+ 2008-10-16 20:18:32 133,120 ------w c:\windows\system32\extmgr.dll
- 2008-05-23 13:17:31 169,896 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-11-13 14:54:11 185,016 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2008-02-20 06:51:32 282,624 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 13:00:00 283,648 ----a-w c:\windows\system32\gdi32.dll
- 2004-08-17 12:00:00 1,700,352 ----a-r c:\windows\system32\GdiPlus.dll
+ 2008-06-11 11:49:44 1,645,320 ----a-r c:\windows\system32\gdiplus.dll
+ 2006-10-30 01:33:58 556,296 ----a-w c:\windows\system32\icardagt.exe
- 2008-03-01 13:01:50 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-10-16 20:18:32 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2006-10-30 01:33:58 9,480 ----a-w c:\windows\system32\icardres.dll
- 2008-02-29 08:55:56 70,656 ------w c:\windows\system32\ie4uinit.exe
+ 2008-10-16 13:12:19 70,656 ------w c:\windows\system32\ie4uinit.exe
- 2008-03-01 13:01:50 153,088 ------w c:\windows\system32\ieakeng.dll
+ 2008-10-16 20:18:33 153,088 ------w c:\windows\system32\ieakeng.dll
- 2008-03-01 13:01:50 230,400 ------w c:\windows\system32\ieaksie.dll
+ 2008-10-16 20:18:33 230,400 ------w c:\windows\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ------w c:\windows\system32\ieakui.dll
+ 2008-10-15 07:04:53 161,792 ------w c:\windows\system32\ieakui.dll
- 2008-03-01 13:01:51 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-10-16 20:18:33 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-03-01 13:01:51 384,512 ------w c:\windows\system32\iedkcs32.dll
+ 2008-10-16 20:18:33 384,512 ------w c:\windows\system32\iedkcs32.dll
- 2008-03-01 13:01:51 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-10-16 20:18:37 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2008-03-01 13:01:51 44,544 ------w c:\windows\system32\iernonce.dll
+ 2008-10-16 20:18:37 44,544 ------w c:\windows\system32\iernonce.dll
- 2008-03-01 13:01:51 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-10-16 20:18:37 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2007-08-21 06:17:25 683,520 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 18:51:34 683,520 ----a-w c:\windows\system32\inetcomm.dll
+ 2006-10-30 01:33:58 83,968 ----a-w c:\windows\system32\infocardapi.dll
- 2008-02-21 23:23:35 135,168 ----a-w c:\windows\system32\java.exe
+ 2008-12-24 10:05:52 144,792 ----a-w c:\windows\system32\java.exe
- 2008-02-21 23:23:39 135,168 ----a-w c:\windows\system32\javaw.exe
+ 2008-12-24 10:05:52 144,792 ----a-w c:\windows\system32\javaw.exe
- 2008-02-22 00:33:32 139,264 ----a-w c:\windows\system32\javaws.exe
+ 2008-12-24 10:05:52 148,888 ----a-w c:\windows\system32\javaws.exe
- 2008-03-01 13:01:51 27,648 ------w c:\windows\system32\jsproxy.dll
+ 2008-10-16 20:18:38 27,648 ------w c:\windows\system32\jsproxy.dll
+ 2008-08-04 20:06:09 34,304 ----a-w c:\windows\system32\june05FHMcom dir\saver1.dll
+ 2008-08-04 20:06:09 18,192 ----a-w c:\windows\system32\june05FHMcom dir\saver2.dll
+ 2008-08-04 20:06:08 197,120 ----a-w c:\windows\system32\june05FHMcom.scr
- 2007-11-06 23:00:00 425,984 ----a-w c:\windows\system32\keystone.exe
+ 2009-01-15 06:19:00 436,768 ----a-w c:\windows\system32\keystone.exe
+ 2008-07-16 13:36:13 47,104 ----a-w c:\windows\system32\KMVIDC32.DLL
- 2005-01-28 11:44:28 6,656 ----a-w c:\windows\system32\laprxy.dll
+ 2006-10-18 19:47:14 11,264 ----a-w c:\windows\system32\LAPRXY.dll
- 2005-01-28 11:44:28 96,768 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-17 23:09:22 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2008-05-16 08:58:04 12,632 ----a-w c:\windows\system32\lsdelete.exe
- 2007-11-21 00:52:38 2,884,992 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2008-10-05 03:24:02 3,695,008 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2007-11-21 00:52:40 218,496 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-10-05 03:24:04 235,936 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2008-04-15 15:20:43 74,137 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-12-06 16:46:26 74,137 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
- 2008-03-14 20:38:34 70,264 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-11-08 22:27:49 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2004-09-15 12:00:00 72,704 ----a-w c:\windows\system32\magnify.exe
+ 2006-10-04 13:33:17 72,704 ----a-w c:\windows\system32\magnify.exe
+ 2006-10-18 19:47:14 212,992 ------w c:\windows\system32\MFPLAT.dll
+ 2006-10-20 19:30:06 1,980,704 ----a-w c:\windows\system32\milcore.dll
+ 2006-10-18 19:47:14 259,072 ------w c:\windows\system32\MP43DECD.dll
- 2004-09-15 12:00:00 310,272 ----a-w c:\windows\system32\mp43dmod.dll
+ 2006-10-18 19:47:14 4,096 ----a-w c:\windows\system32\MP43DMOD.dll
+ 2006-10-18 19:47:14 317,440 ------w c:\windows\system32\MP4SDECD.dll
- 2004-09-15 12:00:00 384,512 ----a-w c:\windows\system32\mp4sdmod.dll
+ 2006-10-18 19:47:14 4,096 ----a-w c:\windows\system32\MP4SDMOD.dll
+ 2006-10-18 19:47:14 259,072 ------w c:\windows\system32\MPG4DECD.dll
- 2004-09-15 12:00:00 240,640 ----a-w c:\windows\system32\mpg4dmod.dll
+ 2006-10-18 19:47:14 4,096 ----a-w c:\windows\system32\MPG4DMOD.dll
- 2008-05-09 21:35:04 16,863,864 ----a-w c:\windows\system32\MRT.exe
+ 2008-05-29 23:35:11 17,486,968 ----a-w c:\windows\system32\MRT.exe
- 2005-06-29 01:49:52 74,240 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:23:58 74,240 ----a-w c:\windows\system32\mscms.dll
- 2008-03-01 13:01:52 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-10-16 20:18:38 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-03-01 13:01:52 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-10-16 20:18:38 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-03-01 15:31:54 3,591,680 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-13 06:37:58 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-03-01 13:01:53 478,208 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-10-16 20:18:41 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2007-04-30 14:50:50 903,072 ----a-w c:\windows\system32\msidcrl40.dll
- 2005-01-28 11:44:28 142,336 ----a-w c:\windows\system32\msnetobj.dll
+ 2006-10-18 19:47:16 179,712 ----a-w c:\windows\system32\msnetobj.dll
- 2005-01-28 11:44:28 25,088 ----a-w c:\windows\system32\MsPMSNSv.dll
+ 2006-10-18 19:47:16 27,136 ----a-w c:\windows\system32\mspmsnsv.dll
- 2005-01-28 11:44:28 173,568 ----a-w c:\windows\system32\MsPMSP.dll
+ 2006-10-18 19:47:16 175,616 ----a-w c:\windows\system32\mspmsp.dll
- 2008-03-01 13:01:53 193,024 ------w c:\windows\system32\msrating.dll
+ 2008-10-16 20:18:41 193,024 ------w c:\windows\system32\msrating.dll
- 2005-01-28 11:44:28 364,784 ----a-w c:\windows\system32\MSSCP.dll
+ 2006-12-04 14:21:50 414,720 ----a-w c:\windows\system32\msscp.dll
- 2008-03-01 13:01:53 671,232 ------w c:\windows\system32\mstime.dll
+ 2008-10-16 20:18:42 671,232 ------w c:\windows\system32\mstime.dll
+ 2008-07-29 10:57:20 344,064 ----a-w c:\windows\system32\msvcr70.dll
- 2005-01-28 11:44:28 315,904 ----a-w c:\windows\system32\MSWMDM.dll
+ 2006-10-18 19:47:16 321,536 ----a-w c:\windows\system32\mswmdm.dll
- 2004-09-15 12:00:00 246,784 ----a-w c:\windows\system32\mswsock.dll
+ 2008-06-20 17:41:09 246,784 ----a-w c:\windows\system32\mswsock.dll
- 2007-06-26 06:09:33 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 16:45:24 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2007-05-08 13:03:04 1,275,392 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 14:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
+ 2008-08-29 18:06:44 1,350,664 ----a-w c:\windows\system32\msxml6.dll
+ 2006-07-19 08:55:18 86,728 ----a-w c:\windows\system32\msxml6r.dll
- 2007-07-30 17:19:10 271,224 ----a-w c:\windows\system32\mucltui.dll
+ 2008-10-16 12:06:48 268,648 ----a-w c:\windows\system32\mucltui.dll
- 2007-07-30 17:19:04 207,736 ----a-w c:\windows\system32\muweb.dll
+ 2008-10-16 12:06:48 208,744 ----a-w c:\windows\system32\muweb.dll
- 2004-09-15 12:00:00 54,272 ----a-w c:\windows\system32\narrator.exe
+ 2006-10-04 13:33:16 54,272 ----a-w c:\windows\system32\narrator.exe
- 2006-08-17 12:28:30 332,288 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 17:00:03 332,800 ----a-w c:\windows\system32\netapi32.dll
+ 2007-02-20 14:04:02 2,463,976 ----a-w c:\windows\system32\NPSWF32.dll
+ 2007-02-20 14:04:04 190,696 ----a-w c:\windows\system32\NPSWF32_FlashUtil.exe
- 2007-02-28 16:02:38 2,018,304 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 13:46:10 2,018,304 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2007-02-28 16:02:38 2,138,624 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 13:46:12 2,138,624 ----a-w c:\windows\system32\ntoskrnl.exe
- 2007-11-06 23:00:00 5,770,880 ----a-w c:\windows\system32\nv4_disp.dll
+ 2009-01-15 06:19:00 6,168,960 ----a-w c:\windows\system32\nv4_disp.dll
- 2007-11-06 23:00:00 385,024 ----a-w c:\windows\system32\nvapi.dll
+ 2009-01-15 06:19:00 663,552 ----a-w c:\windows\system32\nvapi.dll
- 2007-11-06 23:00:00 442,368 ----a-w c:\windows\system32\nvappbar.exe
+ 2009-01-15 06:19:00 449,056 ----a-w c:\windows\system32\nvappbar.exe
- 2007-11-06 23:00:00 35,328 ----a-w c:\windows\system32\nvcod.dll
+ 2009-01-15 06:19:00 135,168 ----a-w c:\windows\system32\nvcod.dll
- 2007-11-06 23:00:00 35,328 ----a-w c:\windows\system32\nvcodins.dll
+ 2009-01-15 06:19:00 135,168 ----a-w c:\windows\system32\nvcodins.dll
- 2007-11-06 23:00:00 147,456 ----a-w c:\windows\system32\nvcolor.exe
+ 2009-01-15 06:19:00 143,360 ----a-w c:\windows\system32\nvcolor.exe
- 2007-11-06 23:00:00 8,523,776 ----a-w c:\windows\system32\nvcpl.dll
+ 2009-01-15 06:19:00 13,680,640 ----a-w c:\windows\system32\nvcpl.dll
- 2007-11-06 23:00:00 757,760 ----a-w c:\windows\system32\nvcplui.exe
+ 2009-01-15 06:19:00 801,312 ----a-w c:\windows\system32\nvcplui.exe
+ 2009-01-15 06:19:00 1,560,576 ----a-w c:\windows\system32\nvcuda.dll
- 2007-11-06 23:00:00 6,541,312 ----a-w c:\windows\system32\nvdisps.dll
+ 2009-01-15 06:19:00 4,710,400 ----a-w c:\windows\system32\nvdisps.dll
- 2007-11-06 23:00:00 1,339,392 ----a-w c:\windows\system32\nvdspsch.exe
+ 2009-01-15 06:19:00 1,346,080 ----a-w c:\windows\system32\nvdspsch.exe
- 2007-11-06 23:00:00 3,407,872 ----a-w c:\windows\system32\nvgames.dll
+ 2009-01-15 06:19:00 3,489,792 ----a-w c:\windows\system32\nvgames.dll
- 2007-11-06 23:00:00 1,474,560 ----a-w c:\windows\system32\nview.dll
+ 2009-01-15 06:19:00 1,507,328 ----a-w c:\windows\system32\nview.dll
+ 2006-06-01 15:47:40 368,640 ----a-w c:\windows\system32\nvimage.dll
- 2007-11-06 23:00:00 1,626,112 ----a-w c:\windows\system32\nwiz.exe
+ 2009-01-15 06:19:00 1,657,376 ----a-w c:\windows\system32\nwiz.exe
- 2007-11-06 23:00:00 229,376 ----a-w c:\windows\system32\nvmccs.dll
+ 2009-01-15 06:19:00 229,376 ----a-w c:\windows\system32\nvmccs.dll
- 2007-11-06 23:00:00 45,056 ----a-w c:\windows\system32\nvmccsrs.dll
+ 2009-01-15 06:19:00 45,056 ----a-w c:\windows\system32\nvmccsrs.dll
- 2007-11-06 23:00:00 188,416 ----a-w c:\windows\system32\nvmccss.dll
+ 2009-01-15 06:19:00 188,416 ----a-w c:\windows\system32\nvmccss.dll
- 2007-11-06 23:00:00 81,920 ----a-w c:\windows\system32\nvmctray.dll
+ 2009-01-15 06:19:00 86,016 ----a-w c:\windows\system32\nvmctray.dll
- 2007-11-06 23:00:00 1,212,416 ----a-w c:\windows\system32\nvmobls.dll
+ 2009-01-15 06:19:00 1,286,144 ----a-w c:\windows\system32\nvmobls.dll
- 2007-11-06 23:00:00 286,720 ----a-w c:\windows\system32\nvnt4cpl.dll
+ 2008-10-07 11:33:00 286,720 ----a-w c:\windows\system32\nvnt4cpl.dll
- 2007-11-06 23:00:00 6,901,760 ----a-w c:\windows\system32\nvoglnt.dll
+ 2009-01-15 06:19:00 9,412,608 ----a-w c:\windows\system32\nvoglnt.dll
- 2007-11-06 23:00:00 466,944 ----a-w c:\windows\system32\nvshell.dll
+ 2009-01-15 06:19:00 466,944 ----a-w c:\windows\system32\nvshell.dll
+ 2006-06-01 15:47:40 4,759,552 ----a-w c:\windows\system32\nvstercp.dll
+ 2006-06-01 15:47:40 159,744 ----a-w c:\windows\system32\nvStInst.exe
+ 2006-06-01 15:47:40 90,112 ----a-w c:\windows\system32\nvstreg.exe
+ 2006-06-01 15:47:40 2,560,000 ----a-w c:\windows\system32\nvstres.dll
+ 2006-06-01 15:47:40 1,482,752 ----a-w c:\windows\system32\nvsttest.exe
+ 2006-06-01 15:47:40 249,856 ----a-w c:\windows\system32\nvstview.exe
- 2007-11-06 23:00:00 155,716 ----a-w c:\windows\system32\nvsvc32.exe
+ 2009-01-15 06:19:00 163,908 ----a-w c:\windows\system32\nvsvc32.exe
- 2007-11-06 23:00:00 356,352 ----a-w c:\windows\system32\nvudisp.exe
+ 2009-01-15 06:19:00 453,152 ----a-w c:\windows\system32\nvudisp.exe
- 2007-11-06 23:00:00 81,920 ----a-w c:\windows\system32\nvwddi.dll
+ 2009-01-15 06:19:00 81,920 ----a-w c:\windows\system32\nvwddi.dll
- 2007-11-06 23:00:00 1,703,936 ----a-w c:\windows\system32\nvwdmcpl.dll
+ 2009-01-15 06:19:00 1,724,416 ----a-w c:\windows\system32\nvwdmcpl.dll
- 2007-11-06 23:00:00 1,019,904 ----a-w c:\windows\system32\nvwimg.dll
+ 2009-01-15 06:19:00 1,101,824 ----a-w c:\windows\system32\nvwimg.dll
- 2007-11-06 23:00:00 3,698,688 ----a-w c:\windows\system32\nvvitvs.dll
+ 2009-01-15 06:19:00 3,796,992 ----a-w c:\windows\system32\nvvitvs.dll
- 2007-11-06 23:00:00 2,486,272 ----a-w c:\windows\system32\nvwss.dll
+ 2009-01-15 06:19:00 2,744,320 ----a-w c:\windows\system32\nvwss.dll
- 2008-03-01 13:01:53 102,912 ------w c:\windows\system32\occache.dll
+ 2008-10-16 20:18:42 102,912 ------w c:\windows\system32\occache.dll
- 2004-09-15 12:00:00 216,064 ----a-w c:\windows\system32\osk.exe
+ 2006-10-04 13:33:17 216,064 ----a-w c:\windows\system32\osk.exe
- 2008-04-23 14:01:12 59,916 ----a-w c:\windows\system32\perfc009.dat
+ 2008-11-12 19:18:40 67,696 ----a-w c:\windows\system32\perfc009.dat
- 2008-04-23 14:01:12 73,026 ----a-w c:\windows\system32\perfc00B.dat
+ 2008-11-12 19:18:40 80,806 ----a-w c:\windows\system32\perfc00B.dat
- 2008-04-23 14:01:12 397,696 ----a-w c:\windows\system32\perfh009.dat
+ 2008-11-12 19:18:40 432,992 ----a-w c:\windows\system32\perfh009.dat
- 2008-04-23 14:01:12 372,470 ----a-w c:\windows\system32\perfh00B.dat
+ 2008-11-12 19:18:40 407,306 ----a-w c:\windows\system32\perfh00B.dat
+ 2006-10-24 10:30:20 412,160 ------w c:\windows\system32\photometadatahandler.dll
+ 2008-10-07 07:13:30 197,912 ----a-w c:\windows\system32\physxcudart_20.dll
- 2008-03-01 13:01:53 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 20:18:42 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2006-10-18 19:47:18 284,160 ------w c:\windows\system32\PortableDeviceApi.dll
+ 2006-10-18 19:47:18 101,888 ------w c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-10-18 19:47:18 166,912 ------w c:\windows\system32\PortableDeviceTypes.dll
+ 2006-10-18 19:47:18 132,096 ------w c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-10-18 19:47:18 199,168 ------w c:\windows\system32\PortableDeviceWMDRM.dll
+ 2006-10-20 19:29:52 104,224 ----a-w c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
+ 2006-10-20 19:29:58 344,352 ----a-w c:\windows\system32\PresentationHost.exe
+ 2006-10-20 19:29:46 20,768 ----a-w c:\windows\system32\PresentationHostProxy.dll
+ 2006-10-20 19:30:02 769,312 ----a-w c:\windows\system32\PresentationNative_v0300.dll
+ 2006-10-14 14:43:38 124,416 ------w c:\windows\system32\prntvpt.dll
- 2005-01-28 11:44:28 221,184 ----a-w c:\windows\system32\qasf.dll
+ 2006-10-18 19:47:18 211,456 ----a-w c:\windows\system32\qasf.dll
- 2007-10-29 22:43:51 1,288,192 ----a-w c:\windows\system32\quartz.dll
+ 2008-05-07 05:15:43 1,288,192 ----a-w c:\windows\system32\quartz.dll
+ 2004-09-15 12:00:00 23,040 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\mouclass.sys
+ 2004-09-15 12:00:00 12,160 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\mouhid.sys
+ 2009-01-15 06:19:00 6,168,960 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nv4_disp.dll
+ 2009-01-15 06:19:00 6,301,248 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nv4_mini.sys
+ 2009-01-15 06:19:00 663,552 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvapi.dll
+ 2009-01-15 06:19:00 135,168 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvcod.dll
+ 2009-01-15 06:19:00 13,680,640 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvcpl.dll
+ 2009-01-15 06:19:00 1,560,576 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvcuda.dll
+ 2009-01-15 06:19:00 4,710,400 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvdisps.dll
+ 2009-01-15 06:19:00 3,489,792 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvgames.dll
+ 2009-01-15 06:19:00 229,376 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvmccs.dll
+ 2009-01-15 06:19:00 45,056 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvmccsrs.dll
+ 2009-01-15 06:19:00 188,416 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvmccss.dll
+ 2009-01-15 06:19:00 86,016 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvmctray.dll
+ 2009-01-15 06:19:00 1,286,144 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvmobls.dll
+ 2009-01-15 06:19:00 9,412,608 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvoglnt.dll
+ 2009-01-15 06:19:00 163,908 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvsvc32.exe
+ 2009-01-15 06:19:00 81,920 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvwddi.dll
+ 2009-01-15 06:19:00 3,796,992 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvvitvs.dll
+ 2009-01-15 06:19:00 2,744,320 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvwss.dll
+ 2008-10-07 11:33:00 6,058,112 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nv4_disp.dll
+ 2008-10-07 11:33:00 6,133,856 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nv4_mini.sys
+ 2008-10-07 11:33:00 475,136 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvapi.dll
+ 2008-10-07 11:33:00 122,880 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvcod.dll
+ 2008-10-07 11:33:00 13,574,144 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvcpl.dll
+ 2008-10-07 11:33:00 1,368,064 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvcuda.dll
+ 2008-10-07 11:33:00 3,989,504 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvdisps.dll
+ 2008-10-07 11:33:00 3,444,736 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvgames.dll
+ 2008-10-07 11:33:00 229,376 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvmccs.dll
+ 2008-10-07 11:33:00 188,416 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvmccss.dll
+ 2008-10-07 11:33:00 86,016 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvmctray.dll
+ 2008-10-07 11:33:00 1,257,472 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvmobls.dll
+ 2008-10-07 11:33:00 286,720 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvnt4cpl.dll
+ 2008-10-07 11:33:00 8,826,880 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvoglnt.dll
+ 2008-10-07 11:33:00 163,908 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvsvc32.exe
+ 2008-10-07 11:33:00 81,920 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvwddi.dll
+ 2008-10-07 11:33:00 3,764,224 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvvitvs.dll
+ 2008-10-07 11:33:00 2,686,976 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvwss.dll
+ 2006-08-24 14:15:06 150,808 ----a-w c:\windows\system32\rgb9rast_2.dll
+ 2008-07-18 19:10:20 36,552 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784\wups.dll
+ 2008-10-16 12:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-07-18 19:10:40 45,768 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784\wups2.dll
+ 2008-10-16 12:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
- 2006-12-10 12:10:04 14,640 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 12:39:27 17,272 ------w c:\windows\system32\spmsg.dll
+ 2006-06-29 11:07:36 14,048 ------w c:\windows\system32\spmsg2.dll
+ 2006-10-14 14:43:18 751,104 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2006-10-14 14:42:40 131,584 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2006-10-14 14:42:18 376,320 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2006-10-14 14:42:28 510,464 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2006-10-14 14:40:36 619,008 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2006-10-14 18:22:00 1,698,048 ----a-w c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
+ 2006-10-14 14:43:18 27,648 ----a-w c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2006-10-14 14:44:44 671,744 ------w c:\windows\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe
+ 2006-10-14 15:13:02 34,304 ----a-w c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2006-10-14 15:12:14 737,792 ----a-w c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2006-10-14 18:09:04 2,946,304 ----a-w c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2006-10-14 15:12:14 737,792 ----a-w c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2006-10-14 18:09:04 2,946,304 ----a-w c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2006-10-14 14:43:18 751,104 ----a-w c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2006-10-14 18:22:00 1,698,048 ----a-w c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2006-10-14 14:43:18 751,104 ----a-w c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2006-10-14 18:22:00 1,698,048 ----a-w c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
- 2006-09-06 15:43:26 22,752 ----a-w c:\windows\system32\spupdsvc.exe
+ 2006-10-16 14:10:58 23,856 ----a-w c:\windows\system32\spupdsvc.exe
+ 2006-06-01 15:47:40 40,960 ----a-w c:\windows\system32\stereoi.dll
- 2006-08-24 11:19:40 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:17:02 247,326 ----a-w c:\windows\system32\strmdll.dll
+ 2006-11-29 15:21:29 370,688 ----a-w c:\windows\system32\swsc.exe
- 2007-11-13 11:31:11 60,416 ------w c:\windows\system32\tzchange.exe
+ 2008-10-22 09:47:07 62,976 ------w c:\windows\system32\tzchange.exe
+ 2006-10-20 19:29:54 159,008 ----a-w c:\windows\system32\UIAutomationCore.dll
- 2004-09-15 12:00:00 36,352 ----a-w c:\windows\system32\umandlg.dll
+ 2006-10-04 13:38:23 36,352 ----a-w c:\windows\system32\umandlg.dll
- 2008-03-01 13:01:53 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-10-16 20:18:42 105,984 ----a-w c:\windows\system32\url.dll
- 2008-03-01 13:01:53 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 20:18:43 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2004-09-15 12:00:00 50,176 ----a-w c:\windows\system32\utilman.exe
+ 2006-10-04 13:33:16 50,176 ----a-w c:\windows\system32\utilman.exe
- 2005-01-28 11:44:28 47,104 ----a-w c:\windows\system32\uwdf.exe
+ 2006-10-18 19:58:00 8,704 ----a-w c:\windows\system32\uwdf.exe
+ 2004-10-19 01:01:00 49,152 ----a-r c:\windows\system32\V0090Hwx.dll
+ 2004-10-18 01:01:00 36,864 ----a-r c:\windows\system32\V0090Pin.dll
+ 2004-07-08 01:00:00 20,480 ----a-r c:\windows\system32\V0090Srv.exe
+ 2004-07-12 01:00:00 10,240 ----a-r c:\windows\system32\V0090Sti.dll
+ 2004-10-18 01:01:00 126,976 ----a-r c:\windows\system32\V0090Vfw.dll
+ 2008-10-10 10:00:26 182,056 ----a-w c:\windows\system32\Wacom_Tablet.dll
+ 2008-10-10 10:13:08 2,749,224 ----a-w c:\windows\system32\Wacom_Tablet.exe
- 2005-01-28 11:44:28 15,872 ----a-w c:\windows\system32\wdfapi.dll
+ 2006-10-18 19:47:18 4,096 ----a-w c:\windows\system32\wdfapi.dll
- 2005-01-28 11:44:28 38,912 ----a-w c:\windows\system32\wdfmgr.exe
+ 2006-10-18 19:58:00 8,704 ----a-w c:\windows\system32\wdfmgr.exe
- 2008-03-01 13:01:53 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-10-16 20:18:43 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2004-09-14 13:12:00 53,760 ----a-w c:\windows\system32\vfwwdm32.dll
- 2008-03-20 08:09:41 1,845,504 ----a-w c:\windows\system32\win32k.sys
+ 2008-09-15 15:40:30 1,846,272 ----a-w c:\windows\system32\win32k.sys
+ 2006-10-24 10:30:06 716,288 ------w c:\windows\system32\WindowsCodecs.dll
+ 2006-10-24 10:29:50 352,256 ------w c:\windows\system32\WindowsCodecsExt.dll
- 2008-03-01 13:01:53 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-16 20:18:43 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-10 09:50:10 172,840 ----a-w c:\windows\system32\Wintab32.dll
- 2005-01-28 11:44:28 396,528 ----a-w c:\windows\system32\wmadmod.dll
+ 2006-10-18 19:47:18 757,248 ----a-w c:\windows\system32\wmadmod.dll
- 2005-01-28 11:44:28 716,288 ----a-w c:\windows\system32\wmadmoe.dll
+ 2006-10-18 19:47:18 1,117,696 ----a-w c:\windows\system32\WMADMOE.dll
- 2007-10-20 04:01:32 227,328 ----a-w c:\windows\system32\wmasf.dll
+ 2007-10-25 07:28:30 222,720 ----a-w c:\windows\system32\wmasf.dll
- 2005-01-28 11:44:28 28,160 ----a-w c:\windows\system32\WMDMLOG.dll
+ 2006-10-18 19:47:18 33,792 ----a-w c:\windows\system32\wmdmlog.dll
- 2005-01-28 11:44:28 33,792 ----a-w c:\windows\system32\WMDMPS.dll
+ 2006-10-18 19:47:18 37,376 ----a-w c:\windows\system32\wmdmps.dll
- 2005-01-28 11:44:28 335,872 ----a-w c:\windows\system32\WMDRMdev.dll
+ 2006-10-18 19:47:18 429,056 ----a-w c:\windows\system32\wmdrmdev.dll
- 2005-01-28 11:44:28 290,816 ----a-w c:\windows\system32\WMDRMNet.dll
+ 2006-10-18 19:47:20 348,672 ----a-w c:\windows\system32\wmdrmnet.dll
+ 2006-10-18 19:47:20 535,040 ------w c:\windows\system32\wmdrmsdk.dll
- 2005-01-28 11:44:28 150,016 ----a-w c:\windows\system32\wmidx.dll
+ 2006-10-18 19:47:20 157,184 ----a-w c:\windows\system32\wmidx.dll
- 2005-01-28 11:44:28 1,027,072 ----a-w c:\windows\system32\wmnetmgr.dll
+ 2008-06-18 03:03:08 938,496 ----a-w c:\windows\system32\WMNetmgr.dll
+ 2006-10-24 10:30:00 276,992 ------w c:\windows\system32\WMPhoto.dll
+ 2004-09-15 12:00:00 221,184 ----a-w c:\windows\system32\wmpns.dll
- 2005-01-28 11:44:28 774,904 ----a-w c:\windows\system32\wmsdmod.dll
+ 2006-10-18 19:47:22 4,096 ----a-w c:\windows\system32\wmsdmod.dll
- 2005-01-28 11:44:28 1,119,744 ----a-w c:\windows\system32\wmsdmoe2.dll
+ 2006-10-18 19:47:22 4,096 ----a-w c:\windows\system32\wmsdmoe2.dll
- 2005-01-28 11:44:28 413,944 ----a-w c:\windows\system32\wmspdmod.dll
+ 2006-10-18 19:47:22 603,648 ----a-w c:\windows\system32\WMSPDMOD.dll
- 2005-01-28 11:44:28 940,544 ----a-w c:\windows\system32\wmspdmoe.dll
+ 2006-10-18 19:47:22 1,329,152 ----a-w c:\windows\system32\WMSPDMOE.dll
- 2005-01-28 11:44:28 1,218,808 ----a-w c:\windows\system32\wmvadvd.dll
+ 2006-10-18 19:47:22 4,096 ----a-w c:\windows\system32\WMVADVD.dll
- 2005-01-28 11:44:28 1,512,448 ----a-w c:\windows\system32\WMVADVE.DLL
+ 2006-10-18 19:47:22 4,096 ----a-w c:\windows\system32\WMVADVE.DLL
- 2006-12-07 05:29:34 2,374,472 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-18 03:03:14 2,458,112 ----a-w c:\windows\system32\WMVCore.dll
+ 2006-10-18 19:47:22 1,543,680 ------w c:\windows\system32\WMVDECOD.dll
- 2005-01-28 11:44:28 895,736 ----a-w c:\windows\system32\wmvdmod.dll
+ 2006-10-18 19:47:22 4,096 ----a-w c:\windows\system32\wmvdmod.dll
- 2005-01-28 11:44:28 1,003,008 ----a-w c:\windows\system32\wmvdmoe2.dll
+ 2006-10-18 19:47:22 4,096 ----a-w c:\windows\system32\wmvdmoe2.dll
+ 2006-10-18 19:47:22 1,574,912 ------w c:\windows\system32\WMVENCOD.dll
+ 2006-10-18 19:47:22 1,382,912 ------w c:\windows\system32\WMVSDECD.dll
+ 2006-10-18 19:47:22 767,488 ------w c:\windows\system32\WMVSENCD.dll
+ 2006-10-18 19:47:22 656,896 ------w c:\windows\system32\WMVXENCD.dll
- 2005-01-28 11:44:28 38,912 ----a-w c:\windows\system32\wpd_ci.dll
+ 2006-10-18 19:47:22 629,760 ----a-w c:\windows\system32\wpd_ci.dll
- 2005-01-28 11:44:28 61,952 ----a-w c:\windows\system32\wpdconns.dll
+ 2006-10-18 19:47:22 35,840 ----a-w c:\windows\system32\wpdconns.dll
- 2005-01-28 11:44:28 114,176 ----a-w c:\windows\system32\wpdmtp.dll
+ 2006-10-18 19:47:22 154,624 ----a-w c:\windows\system32\wpdmtp.dll
- 2005-01-28 11:44:28 66,560 ----a-w c:\windows\system32\wpdmtpus.dll
+ 2006-10-18 19:47:22 63,488 ----a-w c:\windows\system32\wpdmtpus.dll
+ 2006-10-18 19:47:22 2,603,008 ------w c:\windows\system32\WpdShext.dll
+ 2006-10-18 18:00:14 17,408 ------w c:\windows\system32\wpdshextautoplay.exe
+ 2006-11-02 09:52:06 39,936 ------w c:\windows\system32\wpdshextres.dll
+ 2006-10-18 19:47:22 133,632 ------w c:\windows\system32\WPDShServiceObj.dll
- 2005-01-28 11:44:28 331,264 ----a-w c:\windows\system32\wpdsp.dll
+ 2006-10-18 19:47:22 356,352 ----a-w c:\windows\system32\wpdsp.dll
+ 2008-10-10 10:13:40 159,528 ----a-w c:\windows\system32\WTablet\Wacom_TabletUser.exe
- 2007-07-30 17:19:36 549,720 ----a-w c:\windows\system32\wuapi.dll
+ 2008-10-16 12:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll
- 2007-07-30 17:19:16 53,080 ----a-w c:\windows\system32\wuauclt.exe
+ 2008-10-16 12:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe
- 2007-07-30 17:19:42 1,712,984 ----a-w c:\windows\system32\wuaueng.dll
+ 2008-10-16 12:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
- 2007-07-30 17:19:32 325,976 ----a-w c:\windows\system32\wucltui.dll
+ 2008-10-16 12:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll
+ 2006-09-28 18:13:26 95,344 ------w c:\windows\system32\WUDFCoinstaller.dll
+ 2006-09-28 16:56:38 146,432 ------w c:\windows\system32\WudfHost.exe
+ 2006-09-28 16:56:16 165,376 ------w c:\windows\system32\WudfPlatform.dll
+ 2006-09-28 16:56:14 55,808 ------w c:\windows\system32\WudfSvc.dll
+ 2006-09-28 16:56:38 316,416 ------w c:\windows\system32\WUDFx.dll
- 2007-07-30 17:18:40 33,624 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 12:08:58 34,328 ----a-w c:\windows\system32\wups.dll
- 2007-07-30 17:19:12 43,352 ----a-w c:\windows\system32\wups2.dll
+ 2008-10-16 12:09:44 43,544 ----a-w c:\windows\system32\wups2.dll
- 2007-07-30 17:19:46 203,096 ----a-w c:\windows\system32\wuweb.dll
+ 2008-10-16 12:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
+ 2007-03-05 10:42:18 15,128 ----a-w c:\windows\system32\x3daudio1_1.dll
+ 2007-10-22 01:37:16 17,928 ----a-w c:\windows\system32\X3DAudio1_2.dll
+ 2008-03-05 14:00:06 25,608 ----a-w c:\windows\system32\X3DAudio1_3.dll
+ 2008-05-30 12:17:00 25,608 ----a-w c:\windows\system32\X3DAudio1_4.dll
+ 2008-10-27 08:04:16 23,376 ----a-w c:\windows\system32\X3DAudio1_5.dll
+ 2007-10-22 01:39:54 267,272 ----a-w c:\windows\system32\xactengine2_10.dll
+ 2006-07-28 07:30:32 236,824 ----a-w c:\windows\system32\xactengine2_3.dll
+ 2006-09-28 14:05:56 237,848 ----a-w c:\windows\system32\xactengine2_4.dll
+ 2006-12-08 10:02:00 251,672 ----a-w c:\windows\system32\xactengine2_5.dll
+ 2007-01-24 13:27:30 255,848 ----a-w c:\windows\system32\xactengine2_6.dll
+ 2007-04-04 16:55:00 261,480 ----a-w c:\windows\system32\xactengine2_7.dll
+ 2007-06-20 18:46:04 266,088 ----a-w c:\windows\system32\xactengine2_8.dll
+ 2007-07-19 22:57:12 267,112 ----a-w c:\windows\system32\xactengine2_9.dll
+ 2008-03-05 14:03:20 238,088 ----a-w c:\windows\system32\xactengine3_0.dll
+ 2008-05-30 12:18:52 238,088 ----a-w c:\windows\system32\xactengine3_1.dll
+ 2008-07-30 04:20:54 238,088 ----a-w c:\windows\system32\xactengine3_2.dll
+ 2008-10-27 08:04:16 235,856 ----a-w c:\windows\system32\xactengine3_3.dll
+ 2008-05-30 12:17:30 65,032 ----a-w c:\windows\system32\XAPOFX1_0.dll
+ 2008-07-30 04:20:56 68,616 ----a-w c:\windows\system32\XAPOFX1_1.dll
+ 2008-10-27 08:04:14 70,992 ----a-w c:\windows\system32\XAPOFX1_2.dll
+ 2008-03-05 14:03:54 479,752 ----a-w c:\windows\system32\XAudio2_0.dll
+ 2008-05-30 12:19:18 507,400 ----a-w c:\windows\system32\XAudio2_1.dll
+ 2008-07-30 04:20:56 509,448 ----a-w c:\windows\system32\XAudio2_2.dll
+ 2008-10-27 08:04:18 514,384 ----a-w c:\windows\system32\XAudio2_3.dll
+ 2006-07-28 07:30:14 62,744 ----a-w c:\windows\system32\xinput1_2.dll
+ 2007-04-04 16:53:42 81,768 ----a-w c:\windows\system32\xinput1_3.dll
+ 2007-11-26 19:56:20 10,155,840 ----a-w c:\windows\system32\xlive.dll
+ 2007-09-18 13:01:02 134,144 ----a-w c:\windows\system32\xlive\sqmapi.dll
+ 2007-11-26 19:56:20 13,653,824 ----a-w c:\windows\system32\xlivefnt.dll
+ 2006-10-14 18:21:58 580,352 ------w c:\windows\system32\XPSSHHDR.dll
+ 2006-10-14 18:22:00 1,698,048 ------w c:\windows\system32\XpsSvcs.dll
+ 2006-10-20 19:29:54 304,928 ----a-w c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2009-02-11 13:16:23 16,384 ----atw c:\windows\TEMP\Perflib_Perfdata_1d0.dat
+ 2004-08-02 01:02:00 98,304 ----a-r c:\windows\twain_32\Creative\VF0090\CtTwain.dll
+ 2001-08-23 05:01:00 1,706,800 ----a-r c:\windows\twain_32\Creative\VF0090\Gdiplus.dll
+ 2004-12-07 01:00:00 86,016 ----a-r c:\windows\twain_32\Creative\VF0090\HookWnd.dll
+ 2004-10-18 01:01:00 20,480 ----a-r c:\windows\V0090Cfg.exe
+ 2008-09-30 14:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 14:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2008-07-29 10:55:02 95,744 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2006-12-01 19:56:00 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2006-12-01 19:54:32 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2006-12-01 19:54:34 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-01 19:54:32 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2006-12-01 21:25:52 1,101,824 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2006-12-01 21:25:56 1,093,120 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-01 21:25:58 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-01 21:26:00 57,856 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-01 21:08:00 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-01 21:08:00 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-01 21:08:00 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-01 21:08:00 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-01 21:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-01 21:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-01 21:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-01 21:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-01 21:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-01 21:46:44 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2007-11-06 23:19:32 161,784 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll
+ 2007-11-06 18:23:58 224,768 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2007-11-06 23:19:34 568,832 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-06 23:19:34 655,872 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-06 23:19:38 1,156,600 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll
+ 2007-11-06 23:19:38 1,162,744 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll
+ 2007-11-06 20:51:08 59,904 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll
+ 2007-11-06 20:51:08 59,904 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll
+ 2007-11-06 23:19:16 41,472 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll
+ 2007-11-06 23:19:16 41,984 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll
+ 2007-11-06 23:19:28 60,928 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll
+ 2007-11-06 23:19:22 54,272 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll
+ 2007-11-06 23:19:22 59,392 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll
+ 2007-11-06 23:19:22 59,392 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll
+ 2007-11-06 23:19:28 60,416 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll
+ 2007-11-06 23:19:28 59,392 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll
+ 2007-11-06 23:19:16 47,104 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll
+ 2007-11-06 23:19:16 46,592 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll
+ 2007-11-06 23:19:22 54,272 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-04-15 18:01:18 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
.
-- Snapshot nollattu tähän hetkeen --
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-09-15 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"Steam"="c:\program files\valve\steam\steam.exe" [2008-10-08 1410296]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-01-16 37376]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-07-07 1232152]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-15 c:\windows\system32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-09-15 15360]
c:\documents and settings\Eemeli\K?ynnist?-valikko\Ohjelmat\K?ynnistys\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
c:\documents and settings\All Users\K?ynnist?-valikko\Ohjelmat\K?ynnistys\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2008-04-23 1044480]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 18:24 1694208 c:\program files\Messenger\msmsgs.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\raqoo\\team fortress 2\\hl2.exe"=
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-06-15 96520]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-06-15 231192]
R2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2008-11-15 2749224]
R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [2008-09-27 4096]
R3 c65013264;C-Media CM6501 Like Sound UDAX Interface;c:\windows\system32\drivers\c6501.sys [2008-03-14 1310720]
S3 V0090VID;Creative WebCam Vista Plus;c:\windows\system32\drivers\V0090Vid.sys [2008-07-27 138112]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2008-11-15 15656]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8e-5f12-11dd-9516-001966572726}]
\Shell\AutoRun\command - H:\EasySuite.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8f-5f12-11dd-9516-001966572726}]
\Shell\AutoRun\command - H:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b860725e-f1fa-11dc-a82f-806d6172696f}]
\Shell\AutoRun\command - e:\bin\assetup.exe
.
'Ajoitetut tehtävät'-kansion sisältö
2009-02-08 c:\windows\Tasks\At51.job
- c:\windows\system32\b72TkovW.exe []
.
- - - - POISTETUT JÄMÄRIVIT - - - -
HKLM-Run-C6501Sound - c6501.cpl
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://www.google.fi/
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Vie Microsoft E&xceliin - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Eemeli\Application Data\Mozilla\Firefox\Profiles\j7jf3joj.default\
FF - prefs.js: browser.search.selectedEngine - Zybez Item Database
FF - prefs.js: browser.startup.homepage - hxxp://www.blackle.com/
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-11 20:16:37
Windows 5.1.2600 Service Pack 2 NTFS
tarkistaa piilotettuja prosesseja ...
tarkistaa piilotettuja käynnistysarvoja ...
tarkistaa piilotettuja tiedostoja ...
tarkistus on valmis
piilotetut tiedostot: 0
**************************************************************************
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
[HKEY_USERS\S-1-5-21-682003330-746137067-839522115-1003\Software\Sony Creative Software\M*e*d*i*a* *M*a*n*a*g*e*r* *f*o*r* *P*S*P*"!\3.0]
"FRT"="V4PAPBqwS75qkh8rqofRAA5cBW+ntWAdVl7vD7obsfSu+HDZuhIo3w=="
"PLCK"="hpuAVHqKsGJ/5mNT7UgwU9JMMwVU+bb8"
"Percents"="0 0.0958 0.2056 0.4338 0.8155 0.8831 0.8873 "
"Increment"=".005988"
"PHSH"=""
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\???|’’’’"??|ž»Ów�*]
"b049C053C7D38EE4AB9A00CB3B5D2472"="C?\\Program Files\\Common Files\\Microsoft Shared\\Web Folders\\PUBPLACE.HTT"
.
Valmistumisajankohta: 2009-02-11 20:17:55
ComboFix-quarantined-files.txt 2009-02-11 18:17:53
ComboFix2.txt 2009-02-10 20:36:54
Ennen ajoa: 28,257,906,688 tavua vapaana
Ajon jälkeen: 28,243,173,376 tavua vapaana
2035 --- E O F --- 2009-01-14 22:08:09
|
|
Hujo
Suspended permanently
|
12. helmikuuta 2009 @ 00:18 |
Linkki tähän viestiin
|
Voiko tietsikka koskaan toimia?
|
|
Helppu
Junior Member
|
16. helmikuuta 2009 @ 18:44 |
Linkki tähän viestiin
|
|
Tuo päivityslinkki on rikkinäinen.
|
|
Hujo
Suspended permanently
|
17. helmikuuta 2009 @ 01:23 |
Linkki tähän viestiin
|
Nyt tuon alla olevan lainauksen sisällön Kopioit / liität Tyhjään muistioon
käynnistä nappi >apuohjelmat > muistio
Lainaus:
File::
c:\windows\system32\b72TkovW.exe
c:\windows\Tasks\At51.job
Tallenna se nimellä CFScript.txt työpöydälle
tallennusmuto kaikki teidostot
Sitten raahaa CFScript ComboFix.exeen kuten alla.
combofix työstää tulee sininen taulu paina numeroa 1 ja enter
Laita tuleva loki tänne.
Sammutat ja käynnistät koneen
Voiko tietsikka koskaan toimia?
|
|
Helppu
Junior Member
|
17. helmikuuta 2009 @ 14:32 |
Linkki tähän viestiin
|
Tässä on:
ComboFix 09-02-15.01 - Eemeli 2009-02-17 14:23:46.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1035.18.2047.1547 [GMT 2:00]
Sijainti: c:\documents and settings\Eemeli\Työpöytä\ComboFix.exe
Käytetyt komentorivivalitsimet :: c:\documents and settings\Eemeli\Työpöytä\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated)
* Uusi palautuspiste luotu
FILE ::
c:\windows\system32\b72TkovW.exe
c:\windows\Tasks\At51.job
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Tasks\At51.job
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-17 to 2009-02-17 )))))))))))))))))
.
2009-02-12 16:43 . 2009-02-12 16:43 <KANSIO> d-------- C:\Kaspersky
2009-02-10 16:58 . 2005-11-09 00:26 38,400 --a------ c:\windows\system32\moveex.exe
2009-02-08 14:56 . 2009-02-08 14:56 <KANSIO> d-------- c:\documents and settings\Eemeli\Application Data\Apple Computer
2009-02-02 23:23 . 2009-01-15 08:19 206,793 --a------ c:\windows\system32\nvapps.nvb
2009-02-02 20:18 . 2009-02-02 20:18 <KANSIO> d-------- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-02-02 20:17 . 2009-02-02 20:17 <KANSIO> d-------- c:\windows\A7E07C2B2220441587E3784D5814BC93.TMP
2009-02-02 20:16 . 2009-02-03 18:34 <KANSIO> d-------- c:\windows\nview
2009-02-02 20:16 . 2009-02-17 14:16 201,144 --a------ c:\windows\system32\nvapps.xml
2009-02-02 19:57 . 2009-02-02 20:15 <KANSIO> d-------- c:\windows\NV36041060.TMP
2009-02-02 19:36 . 2009-02-02 19:36 <KANSIO> d-------- c:\windows\system32\AGEIA
2009-02-02 19:36 . 2009-02-02 19:36 <KANSIO> d-------- c:\program files\AGEIA Technologies
2009-02-02 19:35 . 2009-02-02 19:37 <KANSIO> d-------- c:\windows\NV40724076.TMP
2009-02-02 19:34 . 2009-02-02 20:13 <KANSIO> d-------- C:\NVIDIA
2009-02-01 13:22 . 2009-02-01 13:22 <KANSIO> d-------- c:\program files\DVDVideoSoft
2009-02-01 13:22 . 2009-02-01 13:22 <KANSIO> d-------- c:\program files\Common Files\DVDVideoSoft
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\program files\Common Files\AVSMedia
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\program files\AVS4YOU
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\documents and settings\Eemeli\Application Data\AVS4YOU
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-01-18 17:42 . 2008-08-13 10:22 974,848 --a------ c:\windows\system32\mfc70.dll
2009-01-18 17:42 . 2008-08-13 10:22 487,424 --a------ c:\windows\system32\msvcp70.dll
2009-01-18 17:42 . 2008-08-13 10:22 24,576 --a------ c:\windows\system32\msxml3a.dll
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-17 12:16 --------- d-----w c:\documents and settings\Eemeli\Application Data\WTablet
2009-02-17 12:12 34 ----a-w c:\documents and settings\Eemeli\jagex_runescape_preferences.dat
2009-02-16 09:43 --------- d-----w c:\documents and settings\LocalService\Application Data\WTablet
2009-02-12 19:11 --------- d-----w c:\documents and settings\All Users\Application Data\TrackMania
2009-02-09 10:31 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-08 11:19 --------- d-----w c:\program files\StepMania
2009-02-04 15:14 --------- d-----w c:\program files\Peggle Nights Deluxe
2009-02-02 21:24 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-01 11:21 --------- d-----w c:\documents and settings\Eemeli\Application Data\LimeWire
2009-01-31 11:21 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-21 21:39 --------- d-----w c:\documents and settings\Eemeli\Application Data\Azureus
2009-01-14 14:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 14:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-01-13 16:12 --------- d-----w c:\program files\LimeWire
2009-01-07 09:28 453,152 ----a-w c:\windows\system32\NVUNINST.EXE
2009-01-03 12:09 --------- d-----w c:\program files\Cheat Engine
2008-12-24 10:05 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-12-24 10:05 --------- d-----w c:\program files\Java
2008-12-22 19:05 --------- d-----w c:\documents and settings\Eemeli\Application Data\Skype
2008-12-22 19:04 --------- d-----w c:\documents and settings\Eemeli\Application Data\skypePM
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-10 07:45 70,936 ----a-w c:\windows\system32\PhysXLoader.dll
2008-12-04 07:28 24,344 ----a-w c:\windows\system32\PhysXDevice.dll
2008-11-26 06:55 288,024 ----a-w c:\windows\system32\PhysXCplUI.exe
2008-11-25 06:38 288,024 ----a-w c:\windows\system32\PhysXCompatCplUI.exe
2008-08-23 12:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\MSHist012008082320080824\index.dat
.
((((((((((((((((((((((((((((( SnapShot_2009-02-11_20.17.24.28 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-02-11 16:02:44 315,392 ----a-w c:\windows\.jagex_cache_32\runescape\jogl.dll
+ 2009-02-17 12:11:53 315,392 ----a-w c:\windows\.jagex_cache_32\runescape\jogl.dll
- 2009-02-11 16:02:44 20,480 ----a-w c:\windows\.jagex_cache_32\runescape\jogl_awt.dll
+ 2009-02-17 12:11:53 20,480 ----a-w c:\windows\.jagex_cache_32\runescape\jogl_awt.dll
+ 2008-10-16 20:18:32 124,928 -c----w c:\windows\ie7updates\KB961260-IE7\advpack.dll
+ 2008-10-16 20:18:32 347,136 -c----w c:\windows\ie7updates\KB961260-IE7\dxtmsft.dll
+ 2008-10-16 20:18:32 214,528 -c----w c:\windows\ie7updates\KB961260-IE7\dxtrans.dll
+ 2008-10-16 20:18:32 133,120 -c----w c:\windows\ie7updates\KB961260-IE7\extmgr.dll
+ 2008-10-16 20:18:32 63,488 -c----w c:\windows\ie7updates\KB961260-IE7\icardie.dll
+ 2008-10-16 13:12:19 70,656 -c----w c:\windows\ie7updates\KB961260-IE7\ie4uinit.exe
+ 2008-10-16 20:18:33 153,088 -c----w c:\windows\ie7updates\KB961260-IE7\ieakeng.dll
+ 2008-10-16 20:18:33 230,400 -c----w c:\windows\ie7updates\KB961260-IE7\ieaksie.dll
+ 2008-10-15 07:04:53 161,792 -c----w c:\windows\ie7updates\KB961260-IE7\ieakui.dll
+ 2008-10-16 20:18:33 383,488 -c----w c:\windows\ie7updates\KB961260-IE7\ieapfltr.dll
+ 2008-10-16 20:18:33 384,512 -c----w c:\windows\ie7updates\KB961260-IE7\iedkcs32.dll
+ 2008-10-16 20:18:37 6,066,176 -c----w c:\windows\ie7updates\KB961260-IE7\ieframe.dll
+ 2008-10-16 20:18:37 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\iernonce.dll
+ 2008-10-16 20:18:37 267,776 -c----w c:\windows\ie7updates\KB961260-IE7\iertutil.dll
+ 2008-10-16 13:11:09 13,824 -c----w c:\windows\ie7updates\KB961260-IE7\ieudinit.exe
+ 2008-10-15 07:06:26 633,632 -c----w c:\windows\ie7updates\KB961260-IE7\iexplore.exe
+ 2008-10-16 20:18:38 27,648 -c----w c:\windows\ie7updates\KB961260-IE7\jsproxy.dll
+ 2008-10-16 20:18:38 459,264 -c----w c:\windows\ie7updates\KB961260-IE7\msfeeds.dll
+ 2008-10-16 20:18:38 52,224 -c----w c:\windows\ie7updates\KB961260-IE7\msfeedsbs.dll
+ 2008-12-13 06:37:58 3,593,216 -c----w c:\windows\ie7updates\KB961260-IE7\mshtml.dll
+ 2008-10-16 20:18:41 477,696 -c----w c:\windows\ie7updates\KB961260-IE7\mshtmled.dll
+ 2008-10-16 20:18:41 193,024 -c----w c:\windows\ie7updates\KB961260-IE7\msrating.dll
+ 2008-10-16 20:18:42 671,232 -c----w c:\windows\ie7updates\KB961260-IE7\mstime.dll
+ 2008-10-16 20:18:42 102,912 -c----w c:\windows\ie7updates\KB961260-IE7\occache.dll
+ 2008-10-16 20:18:42 44,544 -c----w c:\windows\ie7updates\KB961260-IE7\pngfilt.dll
+ 2007-03-06 01:31:14 214,752 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w c:\windows\ie7updates\KB961260-IE7\spuninst\updspapi.dll
+ 2008-10-16 20:18:42 105,984 -c----w c:\windows\ie7updates\KB961260-IE7\url.dll
+ 2008-10-16 20:18:43 1,160,192 -c----w c:\windows\ie7updates\KB961260-IE7\urlmon.dll
+ 2008-10-16 20:18:43 233,472 -c----w c:\windows\ie7updates\KB961260-IE7\webcheck.dll
+ 2008-10-16 20:18:43 826,368 -c----w c:\windows\ie7updates\KB961260-IE7\wininet.dll
- 2009-01-14 22:08:08 593,920 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-02-11 22:04:48 593,920 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2009-01-14 22:08:08 12,288 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-02-11 22:04:48 12,288 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2009-01-14 22:08:08 86,016 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-02-11 22:04:48 86,016 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2009-01-14 22:08:08 135,168 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-02-11 22:04:48 135,168 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-01-14 22:08:08 11,264 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-02-11 22:04:49 11,264 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2009-01-14 22:08:08 27,136 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-02-11 22:04:49 27,136 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-01-14 22:08:08 4,096 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-02-11 22:04:49 4,096 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2009-01-14 22:08:08 794,624 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-02-11 22:04:49 794,624 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-01-14 22:08:08 249,856 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-02-11 22:04:48 249,856 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2009-01-14 22:08:08 61,440 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-02-11 22:04:48 61,440 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2009-01-14 22:08:08 23,040 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-02-11 22:04:49 23,040 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-01-14 22:08:08 286,720 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-02-11 22:04:48 286,720 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2009-01-14 22:08:08 409,600 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-02-11 22:04:48 409,600 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-10-16 20:18:32 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-12-20 22:46:48 124,928 ----a-w c:\windows\system32\advpack.dll
- 2008-10-16 20:18:32 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
+ 2008-12-20 22:46:48 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
- 2008-10-16 20:18:32 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-12-20 22:46:48 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-10-16 20:18:32 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-12-20 22:46:49 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
- 2008-10-16 20:18:32 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
+ 2008-12-20 22:46:49 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
- 2008-10-16 20:18:32 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2008-12-20 22:46:49 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
- 2008-10-16 13:12:19 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-12-19 09:11:12 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-10-16 20:18:33 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-12-20 22:46:49 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
- 2008-10-16 20:18:33 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-12-20 22:46:50 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
- 2008-10-15 07:04:53 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
+ 2008-12-19 05:23:56 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
- 2008-10-16 20:18:33 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-12-20 22:46:50 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-10-16 20:18:33 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-12-20 22:46:51 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-16 20:18:37 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2008-12-20 22:46:55 6,066,688 -c----w c:\windows\system32\dllcache\ieframe.dll
- 2008-10-16 20:18:37 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
+ 2008-12-20 22:46:55 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
- 2008-10-16 20:18:37 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2008-12-20 22:46:55 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
- 2008-10-16 13:11:09 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-12-19 09:10:15 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
- 2008-10-15 07:06:26 633,632 -c----w c:\windows\system32\dllcache\iexplore.exe
+ 2008-12-19 05:25:25 634,024 -c----w c:\windows\system32\dllcache\iexplore.exe
- 2008-10-16 20:18:38 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-12-20 22:46:56 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
- 2008-10-16 20:18:38 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-12-20 22:46:57 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
- 2008-10-16 20:18:38 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-12-20 22:46:57 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-12-13 06:37:58 3,593,216 -c----w c:\windows\system32\dllcache\mshtml.dll
+ 2009-01-16 19:16:14 3,594,752 -c----w c:\windows\system32\dllcache\mshtml.dll
- 2008-10-16 20:18:41 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-12-20 22:47:02 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll
- 2008-10-16 20:18:41 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
+ 2008-12-20 22:47:02 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
- 2008-10-16 20:18:42 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
+ 2008-12-20 22:47:03 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
- 2008-10-16 20:18:42 102,912 -c----w c:\windows\system32\dllcache\occache.dll
+ 2008-12-20 22:47:03 102,912 -c----w c:\windows\system32\dllcache\occache.dll
- 2008-10-16 20:18:42 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-12-20 22:47:03 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
- 2008-10-16 20:18:42 105,984 -c----w c:\windows\system32\dllcache\url.dll
+ 2008-12-20 22:47:03 105,984 -c----w c:\windows\system32\dllcache\url.dll
- 2008-10-16 20:18:43 1,160,192 -c----w c:\windows\system32\dllcache\urlmon.dll
+ 2008-12-20 22:47:04 1,160,192 -c----w c:\windows\system32\dllcache\urlmon.dll
- 2008-10-16 20:18:43 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
+ 2008-12-20 22:47:05 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
- 2008-10-16 20:18:43 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
+ 2008-12-20 22:47:05 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
- 2008-10-16 20:18:32 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-12-20 22:46:48 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-10-16 20:18:32 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-12-20 22:46:49 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2008-10-16 20:18:32 133,120 ------w c:\windows\system32\extmgr.dll
+ 2008-12-20 22:46:49 133,120 ------w c:\windows\system32\extmgr.dll
- 2008-10-16 20:18:32 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-12-20 22:46:49 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-10-16 13:12:19 70,656 ------w c:\windows\system32\ie4uinit.exe
+ 2008-12-19 09:11:12 70,656 ------w c:\windows\system32\ie4uinit.exe
- 2008-10-16 20:18:33 153,088 ------w c:\windows\system32\ieakeng.dll
+ 2008-12-20 22:46:49 153,088 ------w c:\windows\system32\ieakeng.dll
- 2008-10-16 20:18:33 230,400 ------w c:\windows\system32\ieaksie.dll
+ 2008-12-20 22:46:50 230,400 ------w c:\windows\system32\ieaksie.dll
- 2008-10-15 07:04:53 161,792 ------w c:\windows\system32\ieakui.dll
+ 2008-12-19 05:23:56 161,792 ------w c:\windows\system32\ieakui.dll
- 2008-10-16 20:18:33 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-12-20 22:46:50 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-10-16 20:18:33 384,512 ------w c:\windows\system32\iedkcs32.dll
+ 2008-12-20 22:46:51 384,512 ------w c:\windows\system32\iedkcs32.dll
- 2008-10-16 20:18:37 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-12-20 22:46:55 6,066,688 ----a-w c:\windows\system32\ieframe.dll
- 2008-10-16 20:18:37 44,544 ------w c:\windows\system32\iernonce.dll
+ 2008-12-20 22:46:55 44,544 ------w c:\windows\system32\iernonce.dll
- 2008-10-16 20:18:37 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-12-20 22:46:55 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-12-19 09:10:15 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2008-10-16 20:18:38 27,648 ------w c:\windows\system32\jsproxy.dll
+ 2008-12-20 22:46:56 27,648 ------w c:\windows\system32\jsproxy.dll
- 2008-10-16 20:18:38 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-12-20 22:46:57 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-10-16 20:18:38 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-12-20 22:46:57 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-12-13 06:37:58 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2009-01-16 19:16:14 3,594,752 ----a-w c:\windows\system32\mshtml.dll
- 2008-10-16 20:18:41 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-12-20 22:47:02 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2008-10-16 20:18:41 193,024 ------w c:\windows\system32\msrating.dll
+ 2008-12-20 22:47:02 193,024 ------w c:\windows\system32\msrating.dll
- 2008-10-16 20:18:42 671,232 ------w c:\windows\system32\mstime.dll
+ 2008-12-20 22:47:03 671,232 ------w c:\windows\system32\mstime.dll
- 2008-10-16 20:18:42 102,912 ------w c:\windows\system32\occache.dll
+ 2008-12-20 22:47:03 102,912 ------w c:\windows\system32\occache.dll
- 2008-11-12 19:18:40 67,696 ----a-w c:\windows\system32\perfc009.dat
+ 2009-02-17 10:38:23 67,696 ----a-w c:\windows\system32\perfc009.dat
- 2008-11-12 19:18:40 80,806 ----a-w c:\windows\system32\perfc00B.dat
+ 2009-02-17 10:38:23 80,806 ----a-w c:\windows\system32\perfc00B.dat
- 2008-11-12 19:18:40 432,992 ----a-w c:\windows\system32\perfh009.dat
+ 2009-02-17 10:38:23 432,992 ----a-w c:\windows\system32\perfh009.dat
- 2008-11-12 19:18:40 407,306 ----a-w c:\windows\system32\perfh00B.dat
+ 2009-02-17 10:38:24 407,306 ----a-w c:\windows\system32\perfh00B.dat
- 2008-10-16 20:18:42 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-12-20 22:47:03 44,544 ----a-w c:\windows\system32\pngfilt.dll
- 2007-11-30 12:39:27 17,272 ------w c:\windows\system32\spmsg.dll
+ 2008-07-09 07:39:49 17,272 ------w c:\windows\system32\spmsg.dll
- 2008-10-16 20:18:42 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-12-20 22:47:03 105,984 ----a-w c:\windows\system32\url.dll
- 2008-10-16 20:18:43 1,160,192 ----a-w c:\windows\system32\urlmon.dll
+ 2008-12-20 22:47:04 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2008-10-16 20:18:43 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-12-20 22:47:05 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2009-02-17 12:16:34 16,384 ----atw c:\windows\TEMP\Perflib_Perfdata_5e0.dat
.
-- Snapshot nollattu tähän hetkeen --
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-09-15 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"Steam"="c:\program files\valve\steam\steam.exe" [2008-10-08 1410296]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-01-16 37376]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-07-07 1232152]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-15 c:\windows\system32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-09-15 15360]
c:\documents and settings\Eemeli\K?ynnist?-valikko\Ohjelmat\K?ynnistys\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
c:\documents and settings\All Users\K?ynnist?-valikko\Ohjelmat\K?ynnistys\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2008-04-23 1044480]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 18:24 1694208 c:\program files\Messenger\msmsgs.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\raqoo\\team fortress 2\\hl2.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\zombie panic! source\\hl2.exe"=
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-06-15 96520]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-06-15 231192]
R2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2008-11-15 2749224]
R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [2008-09-27 4096]
R3 c65013264;C-Media CM6501 Like Sound UDAX Interface;c:\windows\system32\drivers\c6501.sys [2008-03-14 1310720]
S3 V0090VID;Creative WebCam Vista Plus;c:\windows\system32\drivers\V0090Vid.sys [2008-07-27 138112]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2008-11-15 15656]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8e-5f12-11dd-9516-001966572726}]
\Shell\AutoRun\command - H:\EasySuite.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8f-5f12-11dd-9516-001966572726}]
\Shell\AutoRun\command - H:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b860725e-f1fa-11dc-a82f-806d6172696f}]
\Shell\AutoRun\command - e:\bin\assetup.exe
.
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://www.google.fi/
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Vie Microsoft E&xceliin - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Eemeli\Application Data\Mozilla\Firefox\Profiles\j7jf3joj.default\
FF - prefs.js: browser.search.selectedEngine - Zybez Item Database
FF - prefs.js: browser.startup.homepage - hxxp://www.blackle.com/
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-17 14:24:58
Windows 5.1.2600 Service Pack 2 NTFS
tarkistaa piilotettuja prosesseja ...
tarkistaa piilotettuja käynnistysarvoja ...
tarkistaa piilotettuja tiedostoja ...
tarkistus on valmis
piilotetut tiedostot: 0
**************************************************************************
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
[HKEY_USERS\S-1-5-21-682003330-746137067-839522115-1003\Software\Sony Creative Software\M*e*d*i*a* *M*a*n*a*g*e*r* *f*o*r* *P*S*P*"!\3.0]
"FRT"="V4PAPBqwS75qkh8rqofRAA5cBW+ntWAdVl7vD7obsfSu+HDZuhIo3w=="
"PLCK"="hpuAVHqKsGJ/5mNT7UgwU9JMMwVU+bb8"
"Percents"="0 0.0958 0.2056 0.4338 0.8155 0.8831 0.8873 "
"Increment"=".005988"
"PHSH"=""
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\???|’’’’"??|ž»Ów�*]
"b049C053C7D38EE4AB9A00CB3B5D2472"="C?\\Program Files\\Common Files\\Microsoft Shared\\Web Folders\\PUBPLACE.HTT"
.
Valmistumisajankohta: 2009-02-17 14:25:51
ComboFix-quarantined-files.txt 2009-02-17 12:25:49
ComboFix2.txt 2009-02-11 18:17:56
ComboFix3.txt 2009-02-10 20:36:54
Ennen ajoa: 27,775,967,232 tavua vapaana
Ajon jälkeen: 27,768,348,672 tavua vapaana
344 --- E O F --- 2009-02-11 22:04:50
|
|
Hujo
Suspended permanently
|
17. helmikuuta 2009 @ 22:27 |
Linkki tähän viestiin
|
|
scannaa uusi hjt:n loki
Mikäs on koneen toiminta
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 17. helmikuuta 2009 @ 22:27
|
|
Helppu
Junior Member
|
18. helmikuuta 2009 @ 01:12 |
Linkki tähän viestiin
|
Kone ei oo enää kaatuillu, tässä hjt log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:11:21, on 18.2.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\program files\valve\steam\steam.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsu...b?1205517942521
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Share...n/bin/cabsa.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe
--
End of file - 6899 bytes
|
|
Hujo
Suspended permanently
|
18. helmikuuta 2009 @ 02:11 |
Linkki tähän viestiin
|
Hjt:n loki ok
===========
Kirjoita suorita luukkuun
ComboFix /u
Klikkaa OK
==========
Lataa OTMoveIt
OTMoveIt ja tallenna se työpöydällesi.
Tuplaklikkaa OTMoveIt.exe.
Klikkaa CleanUp!.
Valitse Yes kun kysytään "Begin cleanup Process?".
Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes.OTMoveIt poistaa itsensä kun se on valmis, jos näin ei käy poista se itse.
HUOM: Jos palomuurisi tai joku muu tietoturvaohjelma varoittaa, että OTMoveIt yrittää päästä nettin, niin anna sen päästä sinne.
Voiko tietsikka koskaan toimia?
|
|
Mainos
|
|
|
|
Helppu
Junior Member
|
18. helmikuuta 2009 @ 12:43 |
Linkki tähän viestiin
|
|
Ok, näin toimin, olikos se tässä?
|
|
