Kone ruvennu kaatuilemaan hjt logi

Helppu · 08.02.2009

Eli tietokone kesken pelaamisen on jähmettynyt about kaheks sekunniks ja sitten seonnu täysin ja restartannu ittensä, tätä on tapahtunu jo 6 kertaa, apu olisi tarpeen. Tässä on hjt logi:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:59:42, on 8.2.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\program files\valve\steam\steam.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1205517942521
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe

--
End of file - 8154 bytes

AfterDawn

Hujo · 08.02.2009

Poista lisää poista sovelutuksesta

AskBar
Ask Toolbar

Poista kansio vikasiedossa

C:\Program Files\AskBarDis

============

Scannaa hjt:llä merkkaa paina Fix checked

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

==============

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi

Helppu · 08.02.2009

Nooni, poistettu poista tai lisää jutskan avulla mutta program fileseista ei löytynyt sitä tiedostoa joka olisi pitänyt poistaa. Hjt jutskat tehty ja Malwarebytes Anti-Malware logi tulee tässä:

Malwarebytes' Anti-Malware 1.25
Tietokantaversio: 1078
Windows 5.1.2600 Service Pack 2

23:30:58 8.2.2009
mbam-log-02-08-2009 (23-30-58).txt

Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 285971
Kulunut aika: 1 hour(s), 1 minute(s), 37 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 1
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 0

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)

Onko OK vai joudunko vielä kenties vetämään vielä kierroksen hjteellä?
ja suuri kiitos jo etukäteen, oon iha avuton vähänki meseviirusta kovemmissa asioissa.

Hujo · 09.02.2009

Malwarebytes' Anti-Malware päivitä sitten täysi scannaus

Helppu · 09.02.2009

Nonni, päivitetty, ja täs logi:

Tietokantaversio: 1740
Windows 5.1.2600 Service Pack 2

9.2.2009 14:24:52
mbam-log-2009-02-09 (14-24-52).txt

Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 297325
Kulunut aika: 1 hour(s), 11 minute(s), 47 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 1
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 3

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> Quarantined and deleted successfully.

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
C:\WINDOWS\TEMP\tdsse348.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\tdsse55b.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\TEMP\tdsse887.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Hujo · 09.02.2009

Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi.

Käynnistä koneesi vikasietotilaan:

sammuta ja käynnistä
käynnistyksen yhteydessä hakkaa F8 nappia
valitse nuolinäppäimellä vikasietotila
paina enter ja enter
valitse käyttäjätilisi
paina kyllä

Jossakin koneissa hakataan F8:sin sijasta F5:tä

" Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix.
" Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman.
" Paina Y käynnistääksesi skriptin.
" Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot".
" Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen.
" Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta.
" Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished".
" Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle.
" Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera.

Helppu · 09.02.2009

Oukkei, tehty, tässä tulee Reportti ja hjt logi:

SDFix: Version 1.240
Run by Eemeli on ma 09.02.2009 at 15:39

Microsoft Windows XP [versio 5.1.2600]
Running From: C:\Documents and Settings\Eemeli\Ty”p”yt„\SDFix

Checking Services :

Name :
tdssserv

Path :
\systemroot\system32\drivers\tdssserv.sys

tdssserv - Deleted

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

Checking Files :

Trojan Files Found:

C:\DOCUME~1\Eemeli\LOCALS~1\Temp\tmp7F.tmp - Deleted
C:\DOCUME~1\Eemeli\LOCALS~1\Temp\tmp8E.tmp - Deleted
C:\WINDOWS\system32\drivers\tdssserv.sys - Deleted

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-09 15:50:53
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\00015300cf08]
"0012d2afca4e"=hex:63,7d,61,23,11,8b,5e,fd,4a,c0,1d,a0,75,2e,1a,01
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:c5,41,2e,e7,6c,af,6b,0c,55,f3,ab,83,27,7c,92,dd,08,49,2c,bc,49,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,47,54,16,a7,5d,72,ae,e3,53,08,95,78,d9,05,82,c9,19,..
"khjeh"=hex:8c,d8,51,d0,1f,fc,39,cc,a5,8b,7e,a8,4a,9c,23,ea,d4,5c,a5,56,bd,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:67,65,4a,3c,3a,cf,ae,88,44,12,a6,a2,5c,13,59,e6,8c,c5,9e,91,8b,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:77,19,f5,4d,24,78,4f,c0,8d,37,53,81,62,73,bf,44,b4,a4,77,5c,ab,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:f5,53,cd,7d,d3,00,97,c8,d5,a6,a4,f9,eb,47,0c,f7,8f,18,8a,3c,92,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:f5,53,cd,7d,d3,00,97,c8,d5,a6,a4,f9,eb,47,0c,f7,8f,18,8a,3c,92,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00015300cf08]
"0012d2afca4e"=hex:63,7d,61,23,11,8b,5e,fd,4a,c0,1d,a0,75,2e,1a,01
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:c5,41,2e,e7,6c,af,6b,0c,55,f3,ab,83,27,7c,92,dd,08,49,2c,bc,49,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,47,54,16,a7,5d,72,ae,e3,53,08,95,78,d9,05,82,c9,19,..
"khjeh"=hex:8e,e7,9f,23,cd,13,c4,ce,7d,2a,2e,90,07,8e,0d,ed,ed,fd,82,48,dd,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:77,ae,8a,96,c8,86,28,0d,5c,14,ee,64,7d,a2,f1,42,34,4d,c6,9b,a1,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:77,ae,8a,96,c8,86,28,0d,5c,14,ee,64,7d,a2,f1,42,34,4d,c6,9b,a1,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:0a,a1,ed,72,6f,40,65,a9,4d,15,6e,a9,33,46,54,03,d1,48,3a,b7,f0,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:f5,53,cd,7d,d3,00,97,c8,d5,a6,a4,f9,eb,47,0c,f7,8f,18,8a,3c,92,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00015300cf08]
"0012d2afca4e"=hex:63,7d,61,23,11,8b,5e,fd,4a,c0,1d,a0,75,2e,1a,01
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:c5,41,2e,e7,6c,af,6b,0c,55,f3,ab,83,27,7c,92,dd,08,49,2c,bc,49,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,47,54,16,a7,5d,72,ae,e3,53,08,95,78,d9,05,82,c9,19,..
"khjeh"=hex:8e,e7,9f,23,cd,13,c4,ce,7d,2a,2e,90,07,8e,0d,ed,ed,fd,82,48,dd,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:77,ae,8a,96,c8,86,28,0d,5c,14,ee,64,7d,a2,f1,42,34,4d,c6,9b,a1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:77,ae,8a,96,c8,86,28,0d,5c,14,ee,64,7d,a2,f1,42,34,4d,c6,9b,a1,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:0a,a1,ed,72,6f,40,65,a9,4d,15,6e,a9,33,46,54,03,d1,48,3a,b7,f0,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:f5,53,cd,7d,d3,00,97,c8,d5,a6,a4,f9,eb,47,0c,f7,8f,18,8a,3c,92,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Documents and Settings\\Eemeli\\Ty”p”yt„\\Speden pelit\\HD2\\HD2_SabreSquadron.exe"="C:\\Documents and Settings\\Eemeli\\Ty”p”yt„\\Speden pelit\\HD2\\HD2_SabreSquadron.exe:*:Enabled:HD2_SabreSquadron"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\sauli26\\team fortress 2\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\sauli26\\team fortress 2\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\raqoo\\team fortress 2\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\raqoo\\team fortress 2\\hl2.exe:*:Enabled:hl2"
"C:\\Team17\\Worms2\\Frontend.exe"="C:\\Team17\\Worms2\\Frontend.exe:*:Enabled:Worms 2 Frontend"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\garrysmod\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\garrysmod\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Valve\\Steam\\Steam.exe"="C:\\Program Files\\Valve\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\team fortress 2\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\team fortress 2\\hl2.exe:*:Enabled:hl2"
"C:\\WINDOWS\\system32\\a.exe"="C:\\WINDOWS\\system32\\a.exe:*isabled:a"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\counter-strike source\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\counter-strike source\\hl2.exe:*:Enabled:hl2"
"C:\\Documents and Settings\\Eemeli\\Ty”p”yt„\\Kaiken maailman ohjelmii\\VNC\\VNC Tihee\\WinVNC.exe"="C:\\Documents and Settings\\Eemeli\\Ty”p”yt„\\Kaiken maailman ohjelmii\\VNC\\VNC Tihee\\WinVNC.exe:*:Enabled:TightVNC Win32 Server"
"C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\zombie panic! source\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\zombie panic! source\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\synergy\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\synergy\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Sony\\Media Manager for PSP\\MediaManager.exe"="C:\\Program Files\\Sony\\Media Manager for PSP\\MediaManager.exe:*:Enabled:Media Manager for PSP 3.0"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\TmNationsForever\\TmForever.exe"="C:\\Program Files\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\raqoo\\counter-strike source\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\raqoo\\counter-strike source\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\common\\peggle extreme\\PeggleExtreme.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\common\\peggle extreme\\PeggleExtreme.exe:*:Enabledeggle Extreme"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\rag doll kung fu demo\\Rag_Doll_Kung_Fu_Steam.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\jupi73\\rag doll kung fu demo\\Rag_Doll_Kung_Fu_Steam.exe:*:Enabled:Rag Doll Kung Fu Demo"
"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"="C:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files :

File Backups: - C:\DOCUME~1\Eemeli\TYPYT~1\SDFix\backups\backups.zip

Files with Hidden Attributes :

Tue 13 Jan 2009 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sat 6 Dec 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"

Finished!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:59:46, on 9.2.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\program files\valve\steam\steam.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1205517942521
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe

--
End of file - 7340 bytes

Hujo · 09.02.2009

Mikäs on koneen toiminta

Helppu · 09.02.2009

Eipä oo seonnu ainakaa vielä, mutta jos tämä oli tässä niin kiitos paljon avusta. Jos ongelma jatkuu nii sit se on jostain muusta varmaankin.

Hujo · 10.02.2009

1.Lataa Combofix.exe työpöydällesi yhdestä linkistä:
Combofix1
Combofix2

älä asenna palautus consolia
2. Tuplaklikkaa Combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

Helppu · 10.02.2009

Tässä:

"Eemeli" - 2009-02-10 16:55:29 Service Pack 2
ComboFix 07-05.27.BV - Running from: "C:\Documents and Settings\Eemeli\Ty”p”yt„\Kaiken maailman ohjelmii\"

((((((((((((((((((((((((((((((( Files Created from 2009-01-10 to 2009-02-10 ))))))))))))))))))))))))))))))))))

2009-02-08 14:56 <KANSIO> d-------- C:\DOCUME~1\Eemeli\APPLIC~1\Apple Computer
2009-02-02 20:18 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
2009-02-02 20:17 <KANSIO> d-------- C:\WINDOWS\A7E07C2B2220441587E3784D5814BC93.TMP
2009-02-02 20:16 <KANSIO> d-------- C:\WINDOWS\nview
2009-02-02 19:57 <KANSIO> d-------- C:\WINDOWS\NV36041060.TMP
2009-02-02 19:36 <KANSIO> d-------- C:\WINDOWS\system32\AGEIA
2009-02-02 19:36 <KANSIO> d-------- C:\Program Files\AGEIA Technologies
2009-02-02 19:35 <KANSIO> d-------- C:\WINDOWS\NV40724076.TMP
2009-02-02 19:34 <KANSIO> d-------- C:\NVIDIA
2009-02-01 13:22 <KANSIO> d-------- C:\Program Files\DVDVideoSoft
2009-02-01 13:22 <KANSIO> d-------- C:\Program Files\Common Files\DVDVideoSoft
2009-01-18 17:42 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2009-01-18 17:42 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
2009-01-18 17:42 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2009-01-18 17:42 <KANSIO> d-------- C:\Program Files\Common Files\AVSMedia
2009-01-18 17:42 <KANSIO> d-------- C:\Program Files\AVS4YOU
2009-01-18 17:42 <KANSIO> d-------- C:\DOCUME~1\Eemeli\APPLIC~1\AVS4YOU
2009-01-18 17:42 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2009-02-10 14:24:08 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\WTablet
2009-02-09 10:31:45 -------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2009-02-08 11:19:46 -------- d-----w C:\Program Files\StepMania
2009-02-04 15:14:02 45 ----a-w C:\WINDOWS\popcinfot.dat
2009-02-04 15:14:02 -------- d-----w C:\Program Files\Peggle Nights Deluxe
2009-02-02 21:24:15 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2009-02-02 18:18:43 8 ----a-w C:\WINDOWS\system32\nvModes.dat
2009-02-01 11:21:02 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\LimeWire
2009-01-31 11:21:18 -------- d--h--w C:\Program Files\InstallShield Installation Information
2009-01-21 21:39:24 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\Azureus
2009-01-15 06:19:00 9,412,608 ----a-w C:\WINDOWS\system32\nvoglnt.dll
2009-01-15 06:19:00 86,016 ----a-w C:\WINDOWS\system32\nvmctray.dll
2009-01-15 06:19:00 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
2009-01-15 06:19:00 801,312 ----a-w C:\WINDOWS\system32\nvcplui.exe
2009-01-15 06:19:00 663,552 ----a-w C:\WINDOWS\system32\nvapi.dll
2009-01-15 06:19:00 6,301,248 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
2009-01-15 06:19:00 6,168,960 ----a-w C:\WINDOWS\system32\nv4_disp.dll
2009-01-15 06:19:00 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2009-01-15 06:19:00 453,152 ----a-w C:\WINDOWS\system32\nvudisp.exe
2009-01-15 06:19:00 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2009-01-15 06:19:00 449,056 ----a-w C:\WINDOWS\system32\nvappbar.exe
2009-01-15 06:19:00 436,768 ----a-w C:\WINDOWS\system32\keystone.exe
2009-01-15 06:19:00 4,710,400 ----a-w C:\WINDOWS\system32\nvdisps.dll
2009-01-15 06:19:00 3,796,992 ----a-w C:\WINDOWS\system32\nvvitvs.dll
2009-01-15 06:19:00 3,489,792 ----a-w C:\WINDOWS\system32\nvgames.dll
2009-01-15 06:19:00 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll
2009-01-15 06:19:00 2,744,320 ----a-w C:\WINDOWS\system32\nvwss.dll
2009-01-15 06:19:00 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll
2009-01-15 06:19:00 163,908 ----a-w C:\WINDOWS\system32\nvsvc32.exe
2009-01-15 06:19:00 143,360 ----a-w C:\WINDOWS\system32\nvcolor.exe
2009-01-15 06:19:00 135,168 ----a-w C:\WINDOWS\system32\nvcodins.dll
2009-01-15 06:19:00 135,168 ----a-w C:\WINDOWS\system32\nvcod.dll
2009-01-15 06:19:00 13,680,640 ----a-w C:\WINDOWS\system32\nvcpl.dll
2009-01-15 06:19:00 1,724,416 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll
2009-01-15 06:19:00 1,657,376 ----a-w C:\WINDOWS\system32\nwiz.exe
2009-01-15 06:19:00 1,560,576 ----a-w C:\WINDOWS\system32\nvcuda.dll
2009-01-15 06:19:00 1,507,328 ----a-w C:\WINDOWS\system32\nview.dll
2009-01-15 06:19:00 1,346,080 ----a-w C:\WINDOWS\system32\nvdspsch.exe
2009-01-15 06:19:00 1,286,144 ----a-w C:\WINDOWS\system32\nvmobls.dll
2009-01-15 06:19:00 1,101,824 ----a-w C:\WINDOWS\system32\nvwimg.dll
2009-01-14 14:11:32 38,496 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2009-01-14 14:11:28 15,504 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2009-01-13 16:12:58 -------- d-----w C:\Program Files\LimeWire
2009-01-07 09:28:30 453,152 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2009-01-03 12:09:36 -------- d-----w C:\Program Files\Cheat Engine
2008-12-24 10:05:51 410,984 ----a-w C:\WINDOWS\system32\deploytk.dll
2008-12-22 19:05:22 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\Skype
2008-12-22 19:04:30 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\skypePM
2008-12-11 11:57:21 333,184 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-12-10 07:45:48 70,936 ----a-w C:\WINDOWS\system32\PhysXLoader.dll
2008-12-04 07:28:20 24,344 ----a-w C:\WINDOWS\system32\PhysXDevice.dll
2008-11-26 06:55:02 288,024 ----a-w C:\WINDOWS\system32\PhysXCplUI.exe
2008-11-25 06:38:10 288,024 ----a-w C:\WINDOWS\system32\PhysXCompatCplUI.exe
2008-11-12 19:18:40 80,806 ----a-w C:\WINDOWS\system32\perfc00B.dat
2008-11-12 19:18:40 407,306 ----a-w C:\WINDOWS\system32\perfh00B.dat

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-24 12:05]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 10:30]
{DBC80044-A445-435b-BC74-9C25C1C588A9}=C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-24 12:05]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C}=C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-24 12:05]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C6501Sound"="c6501.cpl" []
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-01-16 00:54]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-15 14:00 C:\WINDOWS\system32\bthprops.cpl]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-07 10:47]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 08:47]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 14:00]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"Steam"="c:\program files\valve\steam\steam.exe" [2008-10-08 14:38]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8e-5f12-11dd-9516-001966572726}]
AutoRun\command- H:\EasySuite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8f-5f12-11dd-9516-001966572726}]
AutoRun\command- H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b860725e-f1fa-11dc-a82f-806d6172696f}]
AutoRun\command- E:\Bin\assetup.exe

Contents of the 'Scheduled Tasks' folder
2009-02-07 22:45:00 C:\WINDOWS\tasks\At1.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At10.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At11.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At12.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At13.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At14.job
2009-02-09 12:00:00 C:\WINDOWS\tasks\At15.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At16.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At17.job
2009-02-09 15:00:00 C:\WINDOWS\tasks\At18.job
2009-02-09 16:00:00 C:\WINDOWS\tasks\At19.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At2.job
2009-02-09 17:00:00 C:\WINDOWS\tasks\At20.job
2009-02-09 18:00:00 C:\WINDOWS\tasks\At21.job
2009-02-09 19:00:00 C:\WINDOWS\tasks\At22.job
2009-02-09 20:00:00 C:\WINDOWS\tasks\At23.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At24.job
2009-02-07 22:06:00 C:\WINDOWS\tasks\At25.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At26.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At27.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At28.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At29.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At3.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At30.job
2008-07-18 03:00:10 C:\WINDOWS\tasks\At31.job
2008-07-18 04:00:10 C:\WINDOWS\tasks\At32.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At33.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At34.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At35.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At36.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At37.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At38.job
2009-02-09 12:00:01 C:\WINDOWS\tasks\At39.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At4.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At40.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At41.job
2009-02-09 15:00:00 C:\WINDOWS\tasks\At42.job
2009-02-09 16:00:00 C:\WINDOWS\tasks\At43.job
2009-02-09 17:00:00 C:\WINDOWS\tasks\At44.job
2009-02-09 18:00:00 C:\WINDOWS\tasks\At45.job
2009-02-09 19:00:00 C:\WINDOWS\tasks\At46.job
2009-02-09 20:00:00 C:\WINDOWS\tasks\At47.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At48.job
2009-02-07 22:37:00 C:\WINDOWS\tasks\At49.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At5.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At50.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At51.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At52.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At53.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At54.job
2008-07-19 21:38:34 C:\WINDOWS\tasks\At55.job
2008-07-19 21:38:34 C:\WINDOWS\tasks\At56.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At57.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At58.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At59.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At6.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At60.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At61.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At62.job
2009-02-09 12:00:01 C:\WINDOWS\tasks\At63.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At64.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At65.job
2009-02-09 15:00:00 C:\WINDOWS\tasks\At66.job
2009-02-09 16:00:00 C:\WINDOWS\tasks\At67.job
2009-02-09 17:00:00 C:\WINDOWS\tasks\At68.job
2009-02-09 18:00:00 C:\WINDOWS\tasks\At69.job
2008-07-18 03:00:01 C:\WINDOWS\tasks\At7.job
2009-02-09 19:00:00 C:\WINDOWS\tasks\At70.job
2009-02-09 20:00:00 C:\WINDOWS\tasks\At71.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At72.job
2008-07-18 04:00:01 C:\WINDOWS\tasks\At8.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At9.job

********************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-10 16:58:40
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

********************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\JavaQuickStarterService]
"ImagePath"="\"C:\Program Files\Java\jre6\bin\jqs.exe\" -service -config \"C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf\""

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001000-0000-1000-8000-00805f9b34fb}]

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001115-0000-1000-8000-00805f9b34fb}]

Completion time: 2009-02-10 16:58:54
C:\ComboFix-quarantined-files.txt ... 2009-02-10 16:58
C:\ComboFix2.txt ... 2008-05-30 22:07

--- E O F ---

Hujo · 10.02.2009

Nyt tuon alla olevan lainauksen sisällön Kopioit / liität Tyhjään muistioon
käynnistä nappi >apuohjelmat > muistio

File::
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At10.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At12.job
C:\WINDOWS\tasks\At13.job
C:\WINDOWS\tasks\At14.job
C:\WINDOWS\tasks\At15.job
C:\WINDOWS\tasks\At16.job
C:\WINDOWS\tasks\At17.job
C:\WINDOWS\tasks\At18.job
C:\WINDOWS\tasks\At19.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At20.job
C:\WINDOWS\tasks\At21.job
C:\WINDOWS\tasks\At22.job
C:\WINDOWS\tasks\At23.job
C:\WINDOWS\tasks\At24.job
C:\WINDOWS\tasks\At25.job
C:\WINDOWS\tasks\At26.job
C:\WINDOWS\tasks\At27.job
C:\WINDOWS\tasks\At28.job
C:\WINDOWS\tasks\At29.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At30.job
C:\WINDOWS\tasks\At31.job
C:\WINDOWS\tasks\At32.job
C:\WINDOWS\tasks\At33.job
C:\WINDOWS\tasks\At34.job
C:\WINDOWS\tasks\At35.job
C:\WINDOWS\tasks\At36.job
C:\WINDOWS\tasks\At37.job
C:\WINDOWS\tasks\At38.job
C:\WINDOWS\tasks\At39.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At40.job
C:\WINDOWS\tasks\At41.job
C:\WINDOWS\tasks\At42.job
C:\WINDOWS\tasks\At43.job
C:\WINDOWS\tasks\At44.job
C:\WINDOWS\tasks\At45.job
C:\WINDOWS\tasks\At46.job
C:\WINDOWS\tasks\At47.job
C:\WINDOWS\tasks\At48.job
C:\WINDOWS\tasks\At49.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At50.job
C:\WINDOWS\tasks\At52.job
C:\WINDOWS\tasks\At53.job
C:\WINDOWS\tasks\At54.job
C:\WINDOWS\tasks\At55.job
C:\WINDOWS\tasks\At56.job
C:\WINDOWS\tasks\At57.job
C:\WINDOWS\tasks\At58.job
C:\WINDOWS\tasks\At59.job
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At60.job
C:\WINDOWS\tasks\At61.job
C:\WINDOWS\tasks\At62.job
C:\WINDOWS\tasks\At63.job
C:\WINDOWS\tasks\At64.job
C:\WINDOWS\tasks\At65.job
C:\WINDOWS\tasks\At66.job
C:\WINDOWS\tasks\At67.job
C:\WINDOWS\tasks\At68.job
C:\WINDOWS\tasks\At69.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At70.job
C:\WINDOWS\tasks\At71.job
C:\WINDOWS\tasks\At72.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\At9.job

Laajenna...

Tallenna se nimellä CFScript.txt työpöydälle

Sitten raahaa CFScript ComboFix.exeen kuten alla.

Laita tuleva loki tänne.

Sammutat ja käynnistät koneen

Helppu · 10.02.2009

Tässä on:

"Eemeli" - 2009-02-10 20:13:24 Service Pack 2
ComboFix 07-05.27.BV - Running from: "C:\Documents and Settings\Eemeli\"
Command switches used :: ""C:\Documents and Settings\Eemeli\Ty”p”yt„\CFSscript.txt""

((((((((((((((((((((((((((((((( Files Created from 2009-01-10 to 2009-02-10 ))))))))))))))))))))))))))))))))))

2009-02-08 14:56 <KANSIO> d-------- C:\DOCUME~1\Eemeli\APPLIC~1\Apple Computer
2009-02-02 20:18 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
2009-02-02 20:17 <KANSIO> d-------- C:\WINDOWS\A7E07C2B2220441587E3784D5814BC93.TMP
2009-02-02 20:16 <KANSIO> d-------- C:\WINDOWS\nview
2009-02-02 19:57 <KANSIO> d-------- C:\WINDOWS\NV36041060.TMP
2009-02-02 19:36 <KANSIO> d-------- C:\WINDOWS\system32\AGEIA
2009-02-02 19:36 <KANSIO> d-------- C:\Program Files\AGEIA Technologies
2009-02-02 19:35 <KANSIO> d-------- C:\WINDOWS\NV40724076.TMP
2009-02-02 19:34 <KANSIO> d-------- C:\NVIDIA
2009-02-01 13:22 <KANSIO> d-------- C:\Program Files\DVDVideoSoft
2009-02-01 13:22 <KANSIO> d-------- C:\Program Files\Common Files\DVDVideoSoft
2009-01-18 17:42 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2009-01-18 17:42 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
2009-01-18 17:42 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2009-01-18 17:42 <KANSIO> d-------- C:\Program Files\Common Files\AVSMedia
2009-01-18 17:42 <KANSIO> d-------- C:\Program Files\AVS4YOU
2009-01-18 17:42 <KANSIO> d-------- C:\DOCUME~1\Eemeli\APPLIC~1\AVS4YOU
2009-01-18 17:42 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2009-02-10 14:24:08 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\WTablet
2009-02-09 10:31:45 -------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2009-02-08 11:19:46 -------- d-----w C:\Program Files\StepMania
2009-02-04 15:14:02 45 ----a-w C:\WINDOWS\popcinfot.dat
2009-02-04 15:14:02 -------- d-----w C:\Program Files\Peggle Nights Deluxe
2009-02-02 21:24:15 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2009-02-02 18:18:43 8 ----a-w C:\WINDOWS\system32\nvModes.dat
2009-02-01 11:21:02 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\LimeWire
2009-01-31 11:21:18 -------- d--h--w C:\Program Files\InstallShield Installation Information
2009-01-21 21:39:24 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\Azureus
2009-01-15 06:19:00 9,412,608 ----a-w C:\WINDOWS\system32\nvoglnt.dll
2009-01-15 06:19:00 86,016 ----a-w C:\WINDOWS\system32\nvmctray.dll
2009-01-15 06:19:00 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
2009-01-15 06:19:00 801,312 ----a-w C:\WINDOWS\system32\nvcplui.exe
2009-01-15 06:19:00 663,552 ----a-w C:\WINDOWS\system32\nvapi.dll
2009-01-15 06:19:00 6,301,248 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
2009-01-15 06:19:00 6,168,960 ----a-w C:\WINDOWS\system32\nv4_disp.dll
2009-01-15 06:19:00 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2009-01-15 06:19:00 453,152 ----a-w C:\WINDOWS\system32\nvudisp.exe
2009-01-15 06:19:00 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2009-01-15 06:19:00 449,056 ----a-w C:\WINDOWS\system32\nvappbar.exe
2009-01-15 06:19:00 436,768 ----a-w C:\WINDOWS\system32\keystone.exe
2009-01-15 06:19:00 4,710,400 ----a-w C:\WINDOWS\system32\nvdisps.dll
2009-01-15 06:19:00 3,796,992 ----a-w C:\WINDOWS\system32\nvvitvs.dll
2009-01-15 06:19:00 3,489,792 ----a-w C:\WINDOWS\system32\nvgames.dll
2009-01-15 06:19:00 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll
2009-01-15 06:19:00 2,744,320 ----a-w C:\WINDOWS\system32\nvwss.dll
2009-01-15 06:19:00 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll
2009-01-15 06:19:00 163,908 ----a-w C:\WINDOWS\system32\nvsvc32.exe
2009-01-15 06:19:00 143,360 ----a-w C:\WINDOWS\system32\nvcolor.exe
2009-01-15 06:19:00 135,168 ----a-w C:\WINDOWS\system32\nvcodins.dll
2009-01-15 06:19:00 135,168 ----a-w C:\WINDOWS\system32\nvcod.dll
2009-01-15 06:19:00 13,680,640 ----a-w C:\WINDOWS\system32\nvcpl.dll
2009-01-15 06:19:00 1,724,416 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll
2009-01-15 06:19:00 1,657,376 ----a-w C:\WINDOWS\system32\nwiz.exe
2009-01-15 06:19:00 1,560,576 ----a-w C:\WINDOWS\system32\nvcuda.dll
2009-01-15 06:19:00 1,507,328 ----a-w C:\WINDOWS\system32\nview.dll
2009-01-15 06:19:00 1,346,080 ----a-w C:\WINDOWS\system32\nvdspsch.exe
2009-01-15 06:19:00 1,286,144 ----a-w C:\WINDOWS\system32\nvmobls.dll
2009-01-15 06:19:00 1,101,824 ----a-w C:\WINDOWS\system32\nvwimg.dll
2009-01-14 14:11:32 38,496 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2009-01-14 14:11:28 15,504 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2009-01-13 16:12:58 -------- d-----w C:\Program Files\LimeWire
2009-01-07 09:28:30 453,152 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2009-01-03 12:09:36 -------- d-----w C:\Program Files\Cheat Engine
2008-12-24 10:05:51 410,984 ----a-w C:\WINDOWS\system32\deploytk.dll
2008-12-22 19:05:22 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\Skype
2008-12-22 19:04:30 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\skypePM
2008-12-11 11:57:21 333,184 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-12-10 07:45:48 70,936 ----a-w C:\WINDOWS\system32\PhysXLoader.dll
2008-12-04 07:28:20 24,344 ----a-w C:\WINDOWS\system32\PhysXDevice.dll
2008-11-26 06:55:02 288,024 ----a-w C:\WINDOWS\system32\PhysXCplUI.exe
2008-11-25 06:38:10 288,024 ----a-w C:\WINDOWS\system32\PhysXCompatCplUI.exe
2008-11-12 19:18:40 80,806 ----a-w C:\WINDOWS\system32\perfc00B.dat
2008-11-12 19:18:40 407,306 ----a-w C:\WINDOWS\system32\perfh00B.dat

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-24 12:05]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 10:30]
{DBC80044-A445-435b-BC74-9C25C1C588A9}=C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-24 12:05]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C}=C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-24 12:05]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C6501Sound"="c6501.cpl" []
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-01-16 00:54]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-15 14:00 C:\WINDOWS\system32\bthprops.cpl]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-07 10:47]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 08:47]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 14:00]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"Steam"="c:\program files\valve\steam\steam.exe" [2008-10-08 14:38]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8e-5f12-11dd-9516-001966572726}]
AutoRun\command- H:\EasySuite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8f-5f12-11dd-9516-001966572726}]
AutoRun\command- H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b860725e-f1fa-11dc-a82f-806d6172696f}]
AutoRun\command- E:\Bin\assetup.exe

Contents of the 'Scheduled Tasks' folder
2009-02-07 22:45:00 C:\WINDOWS\tasks\At1.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At10.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At11.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At12.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At13.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At14.job
2009-02-09 12:00:00 C:\WINDOWS\tasks\At15.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At16.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At17.job
2009-02-10 15:00:00 C:\WINDOWS\tasks\At18.job
2009-02-10 16:00:00 C:\WINDOWS\tasks\At19.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At2.job
2009-02-10 17:00:00 C:\WINDOWS\tasks\At20.job
2009-02-10 18:00:00 C:\WINDOWS\tasks\At21.job
2009-02-09 19:00:00 C:\WINDOWS\tasks\At22.job
2009-02-09 20:00:00 C:\WINDOWS\tasks\At23.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At24.job
2009-02-07 22:06:00 C:\WINDOWS\tasks\At25.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At26.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At27.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At28.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At29.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At3.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At30.job
2008-07-18 03:00:10 C:\WINDOWS\tasks\At31.job
2008-07-18 04:00:10 C:\WINDOWS\tasks\At32.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At33.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At34.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At35.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At36.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At37.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At38.job
2009-02-09 12:00:01 C:\WINDOWS\tasks\At39.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At4.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At40.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At41.job
2009-02-10 15:00:00 C:\WINDOWS\tasks\At42.job
2009-02-10 16:00:00 C:\WINDOWS\tasks\At43.job
2009-02-10 17:00:00 C:\WINDOWS\tasks\At44.job
2009-02-10 18:00:00 C:\WINDOWS\tasks\At45.job
2009-02-09 19:00:00 C:\WINDOWS\tasks\At46.job
2009-02-09 20:00:00 C:\WINDOWS\tasks\At47.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At48.job
2009-02-07 22:37:00 C:\WINDOWS\tasks\At49.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At5.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At50.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At51.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At52.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At53.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At54.job
2008-07-19 21:38:34 C:\WINDOWS\tasks\At55.job
2008-07-19 21:38:34 C:\WINDOWS\tasks\At56.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At57.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At58.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At59.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At6.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At60.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At61.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At62.job
2009-02-09 12:00:01 C:\WINDOWS\tasks\At63.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At64.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At65.job
2009-02-10 15:00:00 C:\WINDOWS\tasks\At66.job
2009-02-10 16:00:00 C:\WINDOWS\tasks\At67.job
2009-02-10 17:00:00 C:\WINDOWS\tasks\At68.job
2009-02-10 18:00:00 C:\WINDOWS\tasks\At69.job
2008-07-18 03:00:01 C:\WINDOWS\tasks\At7.job
2009-02-09 19:00:00 C:\WINDOWS\tasks\At70.job
2009-02-09 20:00:00 C:\WINDOWS\tasks\At71.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At72.job
2008-07-18 04:00:01 C:\WINDOWS\tasks\At8.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At9.job

********************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-10 20:16:29
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

********************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\JavaQuickStarterService]
"ImagePath"="\"C:\Program Files\Java\jre6\bin\jqs.exe\" -service -config \"C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf\""

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001000-0000-1000-8000-00805f9b34fb}]

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001115-0000-1000-8000-00805f9b34fb}]

Completion time: 2009-02-10 20:16:49
C:\ComboFix-quarantined-files.txt ... 2009-02-10 20:16
C:\ComboFix2.txt ... 2009-02-10 16:58
C:\ComboFix3.txt ... 2008-05-30 22:07

--- E O F ---

Hujo · 10.02.2009

Nyt tuon alla olevan lainauksen sisällön Kopioit / liität Tyhjään muistioon
käynnistä nappi >apuohjelmat > muistio

File::
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At10.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At12.job
C:\WINDOWS\tasks\At13.job
C:\WINDOWS\tasks\At14.job
C:\WINDOWS\tasks\At15.job
C:\WINDOWS\tasks\At16.job
C:\WINDOWS\tasks\At17.job
C:\WINDOWS\tasks\At18.job
C:\WINDOWS\tasks\At19.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At20.job
C:\WINDOWS\tasks\At21.job
C:\WINDOWS\tasks\At22.job
C:\WINDOWS\tasks\At23.job
C:\WINDOWS\tasks\At24.job
C:\WINDOWS\tasks\At25.job
C:\WINDOWS\tasks\At26.job
C:\WINDOWS\tasks\At27.job
C:\WINDOWS\tasks\At28.job
C:\WINDOWS\tasks\At29.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At30.job
C:\WINDOWS\tasks\At31.job
C:\WINDOWS\tasks\At32.job
C:\WINDOWS\tasks\At33.job
C:\WINDOWS\tasks\At34.job
C:\WINDOWS\tasks\At35.job
C:\WINDOWS\tasks\At36.job
C:\WINDOWS\tasks\At37.job
C:\WINDOWS\tasks\At38.job
C:\WINDOWS\tasks\At39.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At40.job
C:\WINDOWS\tasks\At41.job
C:\WINDOWS\tasks\At42.job
C:\WINDOWS\tasks\At43.job
C:\WINDOWS\tasks\At44.job
C:\WINDOWS\tasks\At45.job
C:\WINDOWS\tasks\At46.job
C:\WINDOWS\tasks\At47.job
C:\WINDOWS\tasks\At48.job
C:\WINDOWS\tasks\At49.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At50.job
C:\WINDOWS\tasks\At52.job
C:\WINDOWS\tasks\At53.job
C:\WINDOWS\tasks\At54.job
C:\WINDOWS\tasks\At55.job
C:\WINDOWS\tasks\At56.job
C:\WINDOWS\tasks\At57.job
C:\WINDOWS\tasks\At58.job
C:\WINDOWS\tasks\At59.job
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At60.job
C:\WINDOWS\tasks\At61.job
C:\WINDOWS\tasks\At62.job
C:\WINDOWS\tasks\At63.job
C:\WINDOWS\tasks\At64.job
C:\WINDOWS\tasks\At65.job
C:\WINDOWS\tasks\At66.job
C:\WINDOWS\tasks\At67.job
C:\WINDOWS\tasks\At68.job
C:\WINDOWS\tasks\At69.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At70.job
C:\WINDOWS\tasks\At71.job
C:\WINDOWS\tasks\At72.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\At9.job

Laajenna...

Tallenna se nimellä: CFScript.txt työpöydälle
Tallennusmuoto: kaikki tiedostot

Sitten raahaa CFScript ComboFix.exeen kuten alla.

combofix työstää tulee sininen taulu paina numeroa 1 ja enter

Laita tuleva loki tänne.

Sammutat ja käynnistät koneen

Helppu · 10.02.2009

Joo olin unohtanu tehä ton tekstitiedoston sisällön, toivottavasti se meni nyt oikein.

"Eemeli" - 2009-02-10 22:33:27 Service Pack 2
ComboFix 07-05.27.BV - Running from: "C:\Documents and Settings\Eemeli\"
Command switches used :: ""C:\Documents and Settings\Eemeli\Ty”p”yt„\CFSscript.txt""

((((((((((((((((((((((((((((((( Files Created from 2009-01-10 to 2009-02-10 ))))))))))))))))))))))))))))))))))

2009-02-08 14:56 <KANSIO> d-------- C:\DOCUME~1\Eemeli\APPLIC~1\Apple Computer
2009-02-02 20:18 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
2009-02-02 20:17 <KANSIO> d-------- C:\WINDOWS\A7E07C2B2220441587E3784D5814BC93.TMP
2009-02-02 20:16 <KANSIO> d-------- C:\WINDOWS\nview
2009-02-02 19:57 <KANSIO> d-------- C:\WINDOWS\NV36041060.TMP
2009-02-02 19:36 <KANSIO> d-------- C:\WINDOWS\system32\AGEIA
2009-02-02 19:36 <KANSIO> d-------- C:\Program Files\AGEIA Technologies
2009-02-02 19:35 <KANSIO> d-------- C:\WINDOWS\NV40724076.TMP
2009-02-02 19:34 <KANSIO> d-------- C:\NVIDIA
2009-02-01 13:22 <KANSIO> d-------- C:\Program Files\DVDVideoSoft
2009-02-01 13:22 <KANSIO> d-------- C:\Program Files\Common Files\DVDVideoSoft
2009-01-18 17:42 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2009-01-18 17:42 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
2009-01-18 17:42 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2009-01-18 17:42 <KANSIO> d-------- C:\Program Files\Common Files\AVSMedia
2009-01-18 17:42 <KANSIO> d-------- C:\Program Files\AVS4YOU
2009-01-18 17:42 <KANSIO> d-------- C:\DOCUME~1\Eemeli\APPLIC~1\AVS4YOU
2009-01-18 17:42 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2009-02-10 18:18:49 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\WTablet
2009-02-09 10:31:45 -------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2009-02-08 11:19:46 -------- d-----w C:\Program Files\StepMania
2009-02-04 15:14:02 45 ----a-w C:\WINDOWS\popcinfot.dat
2009-02-04 15:14:02 -------- d-----w C:\Program Files\Peggle Nights Deluxe
2009-02-02 21:24:15 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2009-02-02 18:18:43 8 ----a-w C:\WINDOWS\system32\nvModes.dat
2009-02-01 11:21:02 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\LimeWire
2009-01-31 11:21:18 -------- d--h--w C:\Program Files\InstallShield Installation Information
2009-01-21 21:39:24 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\Azureus
2009-01-15 06:19:00 9,412,608 ----a-w C:\WINDOWS\system32\nvoglnt.dll
2009-01-15 06:19:00 86,016 ----a-w C:\WINDOWS\system32\nvmctray.dll
2009-01-15 06:19:00 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
2009-01-15 06:19:00 801,312 ----a-w C:\WINDOWS\system32\nvcplui.exe
2009-01-15 06:19:00 663,552 ----a-w C:\WINDOWS\system32\nvapi.dll
2009-01-15 06:19:00 6,301,248 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
2009-01-15 06:19:00 6,168,960 ----a-w C:\WINDOWS\system32\nv4_disp.dll
2009-01-15 06:19:00 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2009-01-15 06:19:00 453,152 ----a-w C:\WINDOWS\system32\nvudisp.exe
2009-01-15 06:19:00 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2009-01-15 06:19:00 449,056 ----a-w C:\WINDOWS\system32\nvappbar.exe
2009-01-15 06:19:00 436,768 ----a-w C:\WINDOWS\system32\keystone.exe
2009-01-15 06:19:00 4,710,400 ----a-w C:\WINDOWS\system32\nvdisps.dll
2009-01-15 06:19:00 3,796,992 ----a-w C:\WINDOWS\system32\nvvitvs.dll
2009-01-15 06:19:00 3,489,792 ----a-w C:\WINDOWS\system32\nvgames.dll
2009-01-15 06:19:00 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll
2009-01-15 06:19:00 2,744,320 ----a-w C:\WINDOWS\system32\nvwss.dll
2009-01-15 06:19:00 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll
2009-01-15 06:19:00 163,908 ----a-w C:\WINDOWS\system32\nvsvc32.exe
2009-01-15 06:19:00 143,360 ----a-w C:\WINDOWS\system32\nvcolor.exe
2009-01-15 06:19:00 135,168 ----a-w C:\WINDOWS\system32\nvcodins.dll
2009-01-15 06:19:00 135,168 ----a-w C:\WINDOWS\system32\nvcod.dll
2009-01-15 06:19:00 13,680,640 ----a-w C:\WINDOWS\system32\nvcpl.dll
2009-01-15 06:19:00 1,724,416 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll
2009-01-15 06:19:00 1,657,376 ----a-w C:\WINDOWS\system32\nwiz.exe
2009-01-15 06:19:00 1,560,576 ----a-w C:\WINDOWS\system32\nvcuda.dll
2009-01-15 06:19:00 1,507,328 ----a-w C:\WINDOWS\system32\nview.dll
2009-01-15 06:19:00 1,346,080 ----a-w C:\WINDOWS\system32\nvdspsch.exe
2009-01-15 06:19:00 1,286,144 ----a-w C:\WINDOWS\system32\nvmobls.dll
2009-01-15 06:19:00 1,101,824 ----a-w C:\WINDOWS\system32\nvwimg.dll
2009-01-14 14:11:32 38,496 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2009-01-14 14:11:28 15,504 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2009-01-13 16:12:58 -------- d-----w C:\Program Files\LimeWire
2009-01-07 09:28:30 453,152 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2009-01-03 12:09:36 -------- d-----w C:\Program Files\Cheat Engine
2008-12-24 10:05:51 410,984 ----a-w C:\WINDOWS\system32\deploytk.dll
2008-12-22 19:05:22 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\Skype
2008-12-22 19:04:30 -------- d-----w C:\DOCUME~1\Eemeli\APPLIC~1\skypePM
2008-12-11 11:57:21 333,184 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-12-10 07:45:48 70,936 ----a-w C:\WINDOWS\system32\PhysXLoader.dll
2008-12-04 07:28:20 24,344 ----a-w C:\WINDOWS\system32\PhysXDevice.dll
2008-11-26 06:55:02 288,024 ----a-w C:\WINDOWS\system32\PhysXCplUI.exe
2008-11-25 06:38:10 288,024 ----a-w C:\WINDOWS\system32\PhysXCompatCplUI.exe
2008-11-12 19:18:40 80,806 ----a-w C:\WINDOWS\system32\perfc00B.dat
2008-11-12 19:18:40 407,306 ----a-w C:\WINDOWS\system32\perfh00B.dat

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-24 12:05]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 10:30]
{DBC80044-A445-435b-BC74-9C25C1C588A9}=C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-24 12:05]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C}=C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-24 12:05]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C6501Sound"="c6501.cpl" []
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-01-16 00:54]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-15 14:00 C:\WINDOWS\system32\bthprops.cpl]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-07 10:47]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 08:47]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 14:00]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"Steam"="c:\program files\valve\steam\steam.exe" [2008-10-08 14:38]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8e-5f12-11dd-9516-001966572726}]
AutoRun\command- H:\EasySuite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8f-5f12-11dd-9516-001966572726}]
AutoRun\command- H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b860725e-f1fa-11dc-a82f-806d6172696f}]
AutoRun\command- E:\Bin\assetup.exe

Contents of the 'Scheduled Tasks' folder
2009-02-07 22:45:00 C:\WINDOWS\tasks\At1.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At10.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At11.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At12.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At13.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At14.job
2009-02-09 12:00:00 C:\WINDOWS\tasks\At15.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At16.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At17.job
2009-02-10 15:00:00 C:\WINDOWS\tasks\At18.job
2009-02-10 16:00:00 C:\WINDOWS\tasks\At19.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At2.job
2009-02-10 17:00:00 C:\WINDOWS\tasks\At20.job
2009-02-10 18:00:00 C:\WINDOWS\tasks\At21.job
2009-02-10 19:00:00 C:\WINDOWS\tasks\At22.job
2009-02-10 20:00:00 C:\WINDOWS\tasks\At23.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At24.job
2009-02-07 22:06:00 C:\WINDOWS\tasks\At25.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At26.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At27.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At28.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At29.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At3.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At30.job
2008-07-18 03:00:10 C:\WINDOWS\tasks\At31.job
2008-07-18 04:00:10 C:\WINDOWS\tasks\At32.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At33.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At34.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At35.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At36.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At37.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At38.job
2009-02-09 12:00:01 C:\WINDOWS\tasks\At39.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At4.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At40.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At41.job
2009-02-10 15:00:00 C:\WINDOWS\tasks\At42.job
2009-02-10 16:00:00 C:\WINDOWS\tasks\At43.job
2009-02-10 17:00:00 C:\WINDOWS\tasks\At44.job
2009-02-10 18:00:00 C:\WINDOWS\tasks\At45.job
2009-02-10 19:00:00 C:\WINDOWS\tasks\At46.job
2009-02-10 20:00:00 C:\WINDOWS\tasks\At47.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At48.job
2009-02-07 22:37:00 C:\WINDOWS\tasks\At49.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At5.job
2009-02-07 23:00:00 C:\WINDOWS\tasks\At50.job
2009-02-08 00:00:00 C:\WINDOWS\tasks\At51.job
2009-02-01 01:00:00 C:\WINDOWS\tasks\At52.job
2009-01-01 02:00:00 C:\WINDOWS\tasks\At53.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At54.job
2008-07-19 21:38:34 C:\WINDOWS\tasks\At55.job
2008-07-19 21:38:34 C:\WINDOWS\tasks\At56.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At57.job
2008-11-19 07:00:00 C:\WINDOWS\tasks\At58.job
2008-12-06 08:00:00 C:\WINDOWS\tasks\At59.job
2009-01-01 03:00:00 C:\WINDOWS\tasks\At6.job
2009-01-16 09:00:00 C:\WINDOWS\tasks\At60.job
2009-01-17 10:00:00 C:\WINDOWS\tasks\At61.job
2009-02-09 11:00:00 C:\WINDOWS\tasks\At62.job
2009-02-09 12:00:01 C:\WINDOWS\tasks\At63.job
2009-02-09 13:00:00 C:\WINDOWS\tasks\At64.job
2009-02-09 14:00:00 C:\WINDOWS\tasks\At65.job
2009-02-10 15:00:00 C:\WINDOWS\tasks\At66.job
2009-02-10 16:00:00 C:\WINDOWS\tasks\At67.job
2009-02-10 17:00:00 C:\WINDOWS\tasks\At68.job
2009-02-10 18:00:00 C:\WINDOWS\tasks\At69.job
2008-07-18 03:00:01 C:\WINDOWS\tasks\At7.job
2009-02-10 19:00:00 C:\WINDOWS\tasks\At70.job
2009-02-10 20:00:00 C:\WINDOWS\tasks\At71.job
2009-02-08 21:00:00 C:\WINDOWS\tasks\At72.job
2008-07-18 04:00:01 C:\WINDOWS\tasks\At8.job
2008-11-19 06:00:00 C:\WINDOWS\tasks\At9.job

********************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-10 22:36:37
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

********************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\JavaQuickStarterService]
"ImagePath"="\"C:\Program Files\Java\jre6\bin\jqs.exe\" -service -config \"C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf\""

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001000-0000-1000-8000-00805f9b34fb}]

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\BTHPORT\Parameters\Services\{00001115-0000-1000-8000-00805f9b34fb}]

Completion time: 2009-02-10 22:36:54
C:\ComboFix-quarantined-files.txt ... 2009-02-10 22:36
C:\ComboFix2.txt ... 2009-02-10 20:16
C:\ComboFix3.txt ... 2009-02-10 16:58

--- E O F ---

Hujo · 10.02.2009

Nyt tuon alla olevan lainauksen sisällön Kopioit / liität Tyhjään muistioon
käynnistä nappi >apuohjelmat > muistio

File::
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At10.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At12.job
C:\WINDOWS\tasks\At13.job
C:\WINDOWS\tasks\At14.job
C:\WINDOWS\tasks\At15.job
C:\WINDOWS\tasks\At16.job
C:\WINDOWS\tasks\At17.job
C:\WINDOWS\tasks\At18.job
C:\WINDOWS\tasks\At19.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At20.job
C:\WINDOWS\tasks\At21.job
C:\WINDOWS\tasks\At22.job
C:\WINDOWS\tasks\At23.job
C:\WINDOWS\tasks\At24.job
C:\WINDOWS\tasks\At25.job
C:\WINDOWS\tasks\At26.job
C:\WINDOWS\tasks\At27.job
C:\WINDOWS\tasks\At28.job
C:\WINDOWS\tasks\At29.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At30.job
C:\WINDOWS\tasks\At31.job
C:\WINDOWS\tasks\At32.job
C:\WINDOWS\tasks\At33.job
C:\WINDOWS\tasks\At34.job
C:\WINDOWS\tasks\At35.job
C:\WINDOWS\tasks\At36.job
C:\WINDOWS\tasks\At37.job
C:\WINDOWS\tasks\At38.job
C:\WINDOWS\tasks\At39.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At40.job
C:\WINDOWS\tasks\At41.job
C:\WINDOWS\tasks\At42.job
C:\WINDOWS\tasks\At43.job
C:\WINDOWS\tasks\At44.job
C:\WINDOWS\tasks\At45.job
C:\WINDOWS\tasks\At46.job
C:\WINDOWS\tasks\At47.job
C:\WINDOWS\tasks\At48.job
C:\WINDOWS\tasks\At49.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At50.job
C:\WINDOWS\tasks\At52.job
C:\WINDOWS\tasks\At53.job
C:\WINDOWS\tasks\At54.job
C:\WINDOWS\tasks\At55.job
C:\WINDOWS\tasks\At56.job
C:\WINDOWS\tasks\At57.job
C:\WINDOWS\tasks\At58.job
C:\WINDOWS\tasks\At59.job
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At60.job
C:\WINDOWS\tasks\At61.job
C:\WINDOWS\tasks\At62.job
C:\WINDOWS\tasks\At63.job
C:\WINDOWS\tasks\At64.job
C:\WINDOWS\tasks\At65.job
C:\WINDOWS\tasks\At66.job
C:\WINDOWS\tasks\At67.job
C:\WINDOWS\tasks\At68.job
C:\WINDOWS\tasks\At69.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At70.job
C:\WINDOWS\tasks\At71.job
C:\WINDOWS\tasks\At72.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\At9.job

Laajenna...

Tallennusmuoto: kaikki tiedostot

Tallenna se nimellä CFScript.txt työpöydälle

Sitten raahaa CFScript ComboFix.exeen kuten alla.

combofix työstää tulee sininen taulu paina numeroa 1 ja enter

Laita tuleva loki tänne.

Sammutat ja käynnistät koneen

Helppu · 12.02.2009

Tässä, luulen että tein sen nyt oikein:

ComboFix 09-02-10.01 - Eemeli 2009-02-11 20:14:21.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1035.18.2047.1557 [GMT 2:00]
Sijainti: c:\documents and settings\Eemeli\Työpöytä\ComboFix.exe
Käytetyt komentorivivalitsimet :: c:\documents and settings\Eemeli\Työpöytä\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated)
* Uusi palautuspiste luotu

VAROITUS - PALAUTUSKONSOLIA EI OLE ASENNETTU !!

FILE ::
c:\windows\tasks\At1.job
c:\windows\tasks\At10.job
c:\windows\tasks\At11.job
c:\windows\tasks\At12.job
c:\windows\tasks\At13.job
c:\windows\tasks\At14.job
c:\windows\tasks\At15.job
c:\windows\tasks\At16.job
c:\windows\tasks\At17.job
c:\windows\tasks\At18.job
c:\windows\tasks\At19.job
c:\windows\tasks\At2.job
c:\windows\tasks\At20.job
c:\windows\tasks\At21.job
c:\windows\tasks\At22.job
c:\windows\tasks\At23.job
c:\windows\tasks\At24.job
c:\windows\tasks\At25.job
c:\windows\tasks\At26.job
c:\windows\tasks\At27.job
c:\windows\tasks\At28.job
c:\windows\tasks\At29.job
c:\windows\tasks\At3.job
c:\windows\tasks\At30.job
c:\windows\tasks\At31.job
c:\windows\tasks\At32.job
c:\windows\tasks\At33.job
c:\windows\tasks\At34.job
c:\windows\tasks\At35.job
c:\windows\tasks\At36.job
c:\windows\tasks\At37.job
c:\windows\tasks\At38.job
c:\windows\tasks\At39.job
c:\windows\tasks\At4.job
c:\windows\tasks\At40.job
c:\windows\tasks\At41.job
c:\windows\tasks\At42.job
c:\windows\tasks\At43.job
c:\windows\tasks\At44.job
c:\windows\tasks\At45.job
c:\windows\tasks\At46.job
c:\windows\tasks\At47.job
c:\windows\tasks\At48.job
c:\windows\tasks\At49.job
c:\windows\tasks\At5.job
c:\windows\tasks\At50.job
c:\windows\tasks\At52.job
c:\windows\tasks\At53.job
c:\windows\tasks\At54.job
c:\windows\tasks\At55.job
c:\windows\tasks\At56.job
c:\windows\tasks\At57.job
c:\windows\tasks\At58.job
c:\windows\tasks\At59.job
c:\windows\tasks\At6.job
c:\windows\tasks\At60.job
c:\windows\tasks\At61.job
c:\windows\tasks\At62.job
c:\windows\tasks\At63.job
c:\windows\tasks\At64.job
c:\windows\tasks\At65.job
c:\windows\tasks\At66.job
c:\windows\tasks\At67.job
c:\windows\tasks\At68.job
c:\windows\tasks\At69.job
c:\windows\tasks\At7.job
c:\windows\tasks\At70.job
c:\windows\tasks\At71.job
c:\windows\tasks\At72.job
c:\windows\tasks\At8.job
c:\windows\tasks\At9.job
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\tasks\At1.job
c:\windows\tasks\At10.job
c:\windows\tasks\At11.job
c:\windows\tasks\At12.job
c:\windows\tasks\At13.job
c:\windows\tasks\At14.job
c:\windows\tasks\At15.job
c:\windows\tasks\At16.job
c:\windows\tasks\At17.job
c:\windows\tasks\At18.job
c:\windows\tasks\At19.job
c:\windows\tasks\At2.job
c:\windows\tasks\At20.job
c:\windows\tasks\At21.job
c:\windows\tasks\At22.job
c:\windows\tasks\At23.job
c:\windows\tasks\At24.job
c:\windows\tasks\At25.job
c:\windows\tasks\At26.job
c:\windows\tasks\At27.job
c:\windows\tasks\At28.job
c:\windows\tasks\At29.job
c:\windows\tasks\At3.job
c:\windows\tasks\At30.job
c:\windows\tasks\At31.job
c:\windows\tasks\At32.job
c:\windows\tasks\At33.job
c:\windows\tasks\At34.job
c:\windows\tasks\At35.job
c:\windows\tasks\At36.job
c:\windows\tasks\At37.job
c:\windows\tasks\At38.job
c:\windows\tasks\At39.job
c:\windows\tasks\At4.job
c:\windows\tasks\At40.job
c:\windows\tasks\At41.job
c:\windows\tasks\At42.job
c:\windows\tasks\At43.job
c:\windows\tasks\At44.job
c:\windows\tasks\At45.job
c:\windows\tasks\At46.job
c:\windows\tasks\At47.job
c:\windows\tasks\At48.job
c:\windows\tasks\At49.job
c:\windows\tasks\At5.job
c:\windows\tasks\At50.job
c:\windows\tasks\At52.job
c:\windows\tasks\At53.job
c:\windows\tasks\At54.job
c:\windows\tasks\At55.job
c:\windows\tasks\At56.job
c:\windows\tasks\At57.job
c:\windows\tasks\At58.job
c:\windows\tasks\At59.job
c:\windows\tasks\At6.job
c:\windows\tasks\At60.job
c:\windows\tasks\At61.job
c:\windows\tasks\At62.job
c:\windows\tasks\At63.job
c:\windows\tasks\At64.job
c:\windows\tasks\At65.job
c:\windows\tasks\At66.job
c:\windows\tasks\At67.job
c:\windows\tasks\At68.job
c:\windows\tasks\At69.job
c:\windows\tasks\At7.job
c:\windows\tasks\At70.job
c:\windows\tasks\At71.job
c:\windows\tasks\At72.job
c:\windows\tasks\At8.job
c:\windows\tasks\At9.job
D:\install.exe

.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-11 to 2009-02-11 )))))))))))))))))
.

2009-02-10 16:58 . 2005-11-09 00:26 38,400 --a------ c:\windows\system32\moveex.exe
2009-02-08 14:56 . 2009-02-08 14:56 <KANSIO> d-------- c:\documents and settings\Eemeli\Application Data\Apple Computer
2009-02-02 23:23 . 2009-01-15 08:19 206,793 --a------ c:\windows\system32\nvapps.nvb
2009-02-02 20:18 . 2009-02-02 20:18 <KANSIO> d-------- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-02-02 20:17 . 2009-02-02 20:17 <KANSIO> d-------- c:\windows\A7E07C2B2220441587E3784D5814BC93.TMP
2009-02-02 20:16 . 2009-02-03 18:34 <KANSIO> d-------- c:\windows\nview
2009-02-02 20:16 . 2009-02-11 15:16 201,144 --a------ c:\windows\system32\nvapps.xml
2009-02-02 19:57 . 2009-02-02 20:15 <KANSIO> d-------- c:\windows\NV36041060.TMP
2009-02-02 19:36 . 2009-02-02 19:36 <KANSIO> d-------- c:\windows\system32\AGEIA
2009-02-02 19:36 . 2009-02-02 19:36 <KANSIO> d-------- c:\program files\AGEIA Technologies
2009-02-02 19:35 . 2009-02-02 19:37 <KANSIO> d-------- c:\windows\NV40724076.TMP
2009-02-02 19:34 . 2009-02-02 20:13 <KANSIO> d-------- C:\NVIDIA
2009-02-01 13:22 . 2009-02-01 13:22 <KANSIO> d-------- c:\program files\DVDVideoSoft
2009-02-01 13:22 . 2009-02-01 13:22 <KANSIO> d-------- c:\program files\Common Files\DVDVideoSoft
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\program files\Common Files\AVSMedia
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\program files\AVS4YOU
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\documents and settings\Eemeli\Application Data\AVS4YOU
2009-01-18 17:42 . 2009-01-18 17:42 <KANSIO> d-------- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-01-18 17:42 . 2008-08-13 10:22 974,848 --a------ c:\windows\system32\mfc70.dll
2009-01-18 17:42 . 2008-08-13 10:22 487,424 --a------ c:\windows\system32\msvcp70.dll
2009-01-18 17:42 . 2008-08-13 10:22 24,576 --a------ c:\windows\system32\msxml3a.dll
2009-01-15 08:19 . 2009-01-15 08:19 1,253,376 --a------ c:\windows\system32\NvPVEnc.ax

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-11 16:35 34 ----a-w c:\documents and settings\Eemeli\jagex_runescape_preferences.dat
2009-02-11 13:16 --------- d-----w c:\documents and settings\Eemeli\Application Data\WTablet
2009-02-10 14:24 --------- d-----w c:\documents and settings\LocalService\Application Data\WTablet
2009-02-09 10:31 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-08 11:19 --------- d-----w c:\program files\StepMania
2009-02-04 15:14 --------- d-----w c:\program files\Peggle Nights Deluxe
2009-02-02 21:24 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-01 11:21 --------- d-----w c:\documents and settings\Eemeli\Application Data\LimeWire
2009-01-31 11:21 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-21 21:39 --------- d-----w c:\documents and settings\Eemeli\Application Data\Azureus
2009-01-14 14:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 14:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-01-13 16:12 --------- d-----w c:\program files\LimeWire
2009-01-07 09:28 453,152 ----a-w c:\windows\system32\NVUNINST.EXE
2009-01-03 12:09 --------- d-----w c:\program files\Cheat Engine
2009-01-01 11:24 --------- d-----w c:\documents and settings\All Users\Application Data\TrackMania
2008-12-24 10:05 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-12-24 10:05 --------- d-----w c:\program files\Java
2008-12-22 19:05 --------- d-----w c:\documents and settings\Eemeli\Application Data\Skype
2008-12-22 19:04 --------- d-----w c:\documents and settings\Eemeli\Application Data\skypePM
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-10 07:45 70,936 ----a-w c:\windows\system32\PhysXLoader.dll
2008-12-04 07:28 24,344 ----a-w c:\windows\system32\PhysXDevice.dll
2008-11-26 06:55 288,024 ----a-w c:\windows\system32\PhysXCplUI.exe
2008-11-25 06:38 288,024 ----a-w c:\windows\system32\PhysXCompatCplUI.exe
2008-08-23 12:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\MSHist012008082320080824\index.dat
.

((((((((((((((((((((((((((((( snapshot@2008-05-30_23.07.30,39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-10-04 14:04:52 72,704 ----a-w c:\windows\$hf_mig$\KB925720\SP2QFE\magnify.exe
+ 2006-10-04 14:04:49 54,272 ----a-w c:\windows\$hf_mig$\KB925720\SP2QFE\narrator.exe
+ 2006-10-04 14:04:51 216,064 ----a-w c:\windows\$hf_mig$\KB925720\SP2QFE\osk.exe
+ 2006-10-04 14:10:23 36,352 ----a-w c:\windows\$hf_mig$\KB925720\SP2QFE\umandlg.dll
+ 2006-10-04 14:04:53 50,176 ----a-w c:\windows\$hf_mig$\KB925720\SP2QFE\utilman.exe
+ 2005-10-12 23:18:02 14,048 ----a-w c:\windows\$hf_mig$\KB925720\spmsg.dll
+ 2005-10-12 23:18:03 214,752 ----a-w c:\windows\$hf_mig$\KB925720\spuninst.exe
+ 2005-10-12 23:18:02 22,752 ----a-w c:\windows\$hf_mig$\KB925720\update\spcustom.dll
+ 2005-10-12 23:18:05 717,536 ----a-w c:\windows\$hf_mig$\KB925720\update\update.exe
+ 2005-10-12 23:18:08 380,640 ----a-w c:\windows\$hf_mig$\KB925720\update\updspapi.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB938464\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB938464\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB938464\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB938464\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB938464\update\updspapi.dll
+ 2008-05-02 13:31:44 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:55 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:44:42 83,968 ----a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-04-23 04:21:08 124,928 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 04:21:08 347,136 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 04:21:08 214,528 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 04:21:08 132,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 04:21:08 63,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:19 70,656 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 04:21:08 153,088 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 04:21:08 230,400 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38 161,792 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 04:21:08 383,488 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 04:21:08 388,608 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 04:21:08 6,068,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 04:21:08 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 04:21:08 267,776 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:19 13,824 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46 625,664 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 04:21:09 27,648 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 04:21:09 459,264 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 04:21:09 52,224 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 04:21:09 3,593,728 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 04:21:09 478,208 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 04:21:09 193,024 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 04:21:09 671,232 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 04:21:09 102,912 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 04:21:09 44,544 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 04:21:09 105,984 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 04:21:10 1,162,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 04:21:10 233,472 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 04:21:10 827,392 ----a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:31:09 14,048 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w c:\windows\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 ----a-w c:\windows\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 ----a-w c:\windows\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:18:29 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:28:49 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:25:27 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:25 757,112 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:25 392,056 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 18:40:58 683,520 ----a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
+ 2008-04-11 19:05:25 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
+ 2008-04-11 21:23:30 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:38 757,112 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-14 18:05:39 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:34:47 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:40:21 272,128 ----a-w c:\windows\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:19:03 392,056 ----a-w c:\windows\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 16:17:07 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 15:59:41 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 16:22:36 272,128 ----a-w c:\windows\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:19:03 392,056 ----a-w c:\windows\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:33 1,288,704 ----a-w c:\windows\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:01 1,288,704 ----a-w c:\windows\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:48 1,288,704 ----a-w c:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:14:20 100,352 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:37:17 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:37:17 246,784 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:47:56 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:47:56 246,784 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:44:04 147,968 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:44:04 246,784 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:25 757,112 ----a-w c:\windows\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:25 392,056 ----a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-05-01 15:04:51 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:35:56 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:39:32 331,776 ----a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:19:03 392,056 ----a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:30:41 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:44:24 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:55 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-06-23 15:40:37 124,928 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll
+ 2008-06-23 15:40:37 347,136 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll
+ 2008-06-23 15:40:37 214,528 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll
+ 2008-06-23 15:40:37 132,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll
+ 2008-06-23 15:40:37 63,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll
+ 2008-06-23 08:23:18 70,656 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
+ 2008-06-23 15:40:38 153,088 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll
+ 2008-06-23 15:40:38 230,400 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll
+ 2008-06-21 05:23:53 161,792 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat
+ 2008-06-23 15:40:38 383,488 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll
+ 2008-06-23 15:40:38 388,608 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll
+ 2008-06-23 15:40:40 6,068,736 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
+ 2008-06-23 15:40:40 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll
+ 2008-06-23 15:40:40 267,776 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
+ 2008-06-23 08:23:18 13,824 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
+ 2008-06-23 08:23:52 625,664 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
+ 2008-06-23 15:40:40 27,648 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll
+ 2008-06-23 15:40:41 459,264 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll
+ 2008-06-23 15:40:41 52,224 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll
+ 2008-06-23 15:40:42 3,594,240 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
+ 2008-06-23 15:40:43 477,696 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll
+ 2008-06-23 15:40:43 193,024 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll
+ 2008-06-23 15:40:43 671,232 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll
+ 2008-06-23 15:40:43 102,912 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll
+ 2008-06-23 15:40:43 44,544 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll
+ 2008-06-23 15:40:43 105,984 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\url.dll
+ 2008-06-23 15:40:44 1,162,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll
+ 2008-06-23 15:40:44 233,472 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll
+ 2008-06-23 15:40:44 827,904 ----a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:31:09 14,048 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w c:\windows\$hf_mig$\KB953838-IE7\update\updspapi.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll
+ 2008-09-15 15:15:32 1,847,168 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys
+ 2008-09-15 15:27:14 1,846,656 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys
+ 2008-09-15 15:21:09 1,847,168 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:39:53 757,112 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-10-03 10:01:04 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP2QFE\strmdll.dll
+ 2008-10-03 10:03:58 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP3GDR\strmdll.dll
+ 2008-10-03 09:50:35 247,326 ----a-w c:\windows\$hf_mig$\KB954600\SP3QFE\strmdll.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB954600\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB954600\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB954600\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB954600\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB954600\update\updspapi.dll
+ 2008-09-04 16:35:00 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP2QFE\msxml3.dll
+ 2008-09-04 17:16:38 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3GDR\msxml3.dll
+ 2008-09-04 17:13:07 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3QFE\msxml3.dll
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB955069\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB955069\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB955069\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB955069\update\update.exe
+ 2008-07-09 11:10:04 392,056 ----a-w c:\windows\$hf_mig$\KB955069\update\updspapi.dll
+ 2008-10-22 09:47:25 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP2QFE\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3GDR\tzchange.exe
+ 2008-10-23 10:17:49 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB955839\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB955839\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB955839\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB955839\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB955839\update\updspapi.dll
+ 2008-08-26 09:10:52 124,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll
+ 2008-08-26 09:10:52 347,136 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll
+ 2008-08-26 09:10:52 214,528 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll
+ 2008-08-26 09:10:52 132,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll
+ 2008-08-26 09:10:52 63,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll
+ 2008-08-25 08:43:21 70,656 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
+ 2008-08-26 09:10:52 153,088 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll
+ 2008-08-26 09:10:52 230,400 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll
+ 2008-08-23 05:54:50 161,792 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat
+ 2008-08-26 09:10:53 380,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll
+ 2008-08-26 09:10:53 388,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-03 16:23:28 6,068,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
+ 2008-08-26 09:10:54 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll
+ 2008-08-26 09:10:54 267,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
+ 2008-08-25 08:43:21 13,824 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
+ 2008-08-23 05:56:16 635,848 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
+ 2008-08-26 09:10:55 27,648 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll
+ 2008-08-26 09:10:55 459,264 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll
+ 2008-08-26 09:10:55 52,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll
+ 2008-08-26 09:10:56 3,594,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
+ 2008-08-26 09:10:56 477,696 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll
+ 2008-08-26 09:10:56 193,024 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll
+ 2008-08-26 09:10:56 671,232 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll
+ 2008-08-26 09:10:56 102,912 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll
+ 2008-08-26 09:10:56 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll
+ 2008-08-26 09:10:56 105,984 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\url.dll
+ 2008-08-26 09:10:56 1,162,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll
+ 2008-08-26 09:10:56 233,472 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll
+ 2008-08-26 09:10:56 827,904 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:31:09 14,048 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\updspapi.dll
+ 2007-11-30 12:39:27 17,272 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:27 232,824 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:27 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:28 392,056 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-10-23 12:52:09 284,160 ----a-w c:\windows\$hf_mig$\KB956802\SP2QFE\gdi32.dll
+ 2008-10-23 12:38:22 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3GDR\gdi32.dll
+ 2008-10-23 12:44:16 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll
+ 2008-07-08 13:03:23 17,272 ----a-w c:\windows\$hf_mig$\KB956802\spmsg.dll
+ 2008-07-08 13:03:24 232,824 ----a-w c:\windows\$hf_mig$\KB956802\spuninst.exe
+ 2008-07-08 13:03:23 26,488 ----a-w c:\windows\$hf_mig$\KB956802\update\spcustom.dll
+ 2008-07-09 07:39:53 757,112 ----a-w c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2008-07-09 07:40:02 392,056 ----a-w c:\windows\$hf_mig$\KB956802\update\updspapi.dll
+ 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys
+ 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:19:03 392,056 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 13:39:20 2,145,280 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlmp.exe
+ 2008-08-14 13:39:24 2,065,280 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
+ 2008-08-14 13:39:18 2,023,424 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrpamp.exe
+ 2008-08-14 13:39:21 2,188,288 ----a-w c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
+ 2008-08-14 13:25:40 2,147,840 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe
+ 2008-08-14 13:25:43 2,068,352 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
+ 2008-08-14 13:24:57 2,026,496 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe
+ 2008-08-14 13:25:41 2,191,488 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
+ 2008-08-14 13:56:32 2,147,840 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 16:26:36 2,068,352 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 13:56:31 2,026,496 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 16:26:38 2,191,488 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 12:39:27 757,112 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:40:02 392,056 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys
+ 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys
+ 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:19:03 392,056 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
+ 2008-10-24 11:25:29 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP2QFE\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ----a-w c:\windows\$hf_mig$\KB957097\SP3GDR\mrxsmb.sys
+ 2008-10-24 11:41:11 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys
+ 2008-07-08 13:03:23 17,272 ----a-w c:\windows\$hf_mig$\KB957097\spmsg.dll
+ 2008-07-08 13:03:24 232,824 ----a-w c:\windows\$hf_mig$\KB957097\spuninst.exe
+ 2008-07-08 13:03:23 26,488 ----a-w c:\windows\$hf_mig$\KB957097\update\spcustom.dll
+ 2008-07-08 13:03:27 757,112 ----a-w c:\windows\$hf_mig$\KB957097\update\update.exe
+ 2008-07-08 13:03:34 392,056 ----a-w c:\windows\$hf_mig$\KB957097\update\updspapi.dll
+ 2008-10-16 19:33:31 124,928 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\advpack.dll
+ 2008-10-16 19:33:32 347,136 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtmsft.dll
+ 2008-10-16 19:33:32 214,528 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtrans.dll
+ 2008-10-16 19:33:32 132,608 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\extmgr.dll
+ 2008-10-16 19:33:32 63,488 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\icardie.dll
+ 2008-10-16 12:46:08 70,656 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ie4uinit.exe
+ 2008-10-16 19:33:32 153,088 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakeng.dll
+ 2008-10-16 19:33:32 230,400 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieaksie.dll
+ 2008-10-15 06:33:26 161,792 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dat
+ 2008-10-16 19:33:33 380,928 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dll
+ 2008-10-16 19:33:33 388,608 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-16 19:33:36 6,068,224 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieframe.dll
+ 2008-10-16 19:33:36 44,544 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iernonce.dll
+ 2008-10-16 19:33:36 267,776 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iertutil.dll
+ 2008-10-16 12:46:08 13,824 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieudinit.exe
+ 2008-10-15 06:34:58 633,632 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
+ 2008-10-16 19:33:37 27,648 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\jsproxy.dll
+ 2008-10-16 19:33:37 459,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeeds.dll
+ 2008-10-16 19:33:37 52,224 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeedsbs.dll
+ 2008-10-16 19:33:40 3,595,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
+ 2008-10-16 19:33:40 477,696 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtmled.dll
+ 2008-10-16 19:33:40 193,024 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msrating.dll
+ 2008-10-16 19:33:41 671,232 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mstime.dll
+ 2008-10-16 19:33:41 102,912 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\occache.dll
+ 2008-10-16 19:33:41 44,544 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\pngfilt.dll
+ 2008-10-16 19:33:41 105,984 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\url.dll
+ 2008-10-16 19:33:42 1,163,264 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\urlmon.dll
+ 2008-10-16 19:33:42 233,472 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\webcheck.dll
+ 2008-10-16 19:33:43 827,904 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:31:09 14,048 ----a-w c:\windows\$hf_mig$\KB958215-IE7\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w c:\windows\$hf_mig$\KB958215-IE7\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w c:\windows\$hf_mig$\KB958215-IE7\update\updspapi.dll
+ 2008-10-15 16:55:14 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP2QFE\netapi32.dll
+ 2008-10-15 16:37:15 337,408 ----a-w c:\windows\$hf_mig$\KB958644\SP3GDR\netapi32.dll
+ 2008-10-15 16:31:34 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP3QFE\netapi32.dll
+ 2007-11-30 11:19:02 17,272 ----a-w c:\windows\$hf_mig$\KB958644\spmsg.dll
+ 2007-11-30 11:19:02 232,824 ----a-w c:\windows\$hf_mig$\KB958644\spuninst.exe
+ 2007-11-30 11:19:02 26,488 ----a-w c:\windows\$hf_mig$\KB958644\update\spcustom.dll
+ 2007-11-30 11:19:03 757,112 ----a-w c:\windows\$hf_mig$\KB958644\update\update.exe
+ 2007-11-30 11:19:03 392,056 ----a-w c:\windows\$hf_mig$\KB958644\update\updspapi.dll
+ 2008-12-13 06:28:12 3,594,752 ----a-w c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
+ 2007-03-06 01:31:09 14,048 ----a-w c:\windows\$hf_mig$\KB960714-IE7\spmsg.dll
+ 2007-03-06 01:31:14 214,752 ----a-w c:\windows\$hf_mig$\KB960714-IE7\spuninst.exe
+ 2007-03-06 01:31:07 22,752 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\spcustom.dll
+ 2007-03-06 01:31:32 717,536 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\update.exe
+ 2007-03-06 01:32:23 380,640 ----a-w c:\windows\$hf_mig$\KB960714-IE7\update\updspapi.dll
+ 2004-09-15 12:00:00 72,704 -c----w c:\windows\$NtUninstallKB925720$\magnify.exe
+ 2004-09-15 12:00:00 54,272 -c----w c:\windows\$NtUninstallKB925720$\narrator.exe
+ 2004-09-15 12:00:00 216,064 -c----w c:\windows\$NtUninstallKB925720$\osk.exe
+ 2005-10-12 23:18:03 214,752 -c----w c:\windows\$NtUninstallKB925720$\spuninst\spuninst.exe
+ 2005-10-12 23:18:08 380,640 -c----w c:\windows\$NtUninstallKB925720$\spuninst\updspapi.dll
+ 2004-09-15 12:00:00 36,352 -c----w c:\windows\$NtUninstallKB925720$\umandlg.dll
+ 2004-09-15 12:00:00 50,176 -c----w c:\windows\$NtUninstallKB925720$\utilman.exe
+ 2005-10-12 23:12:26 213,216 -c----w c:\windows\$NtUninstallKB926239$\spuninst\spuninst.exe
+ 2005-10-12 23:12:33 371,424 -c----w c:\windows\$NtUninstallKB926239$\spuninst\updspapi.dll
+ 2006-10-18 19:47:16 414,208 -c----w c:\windows\$NtUninstallKB929399$\msscp.dll
+ 2005-06-28 08:23:26 213,216 -c----w c:\windows\$NtUninstallKB929399$\spuninst\spuninst.exe
+ 2005-06-28 08:23:54 371,424 -c----w c:\windows\$NtUninstallKB929399$\spuninst\updspapi.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB938464$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB938464$\spuninst\updspapi.dll
+ 2004-09-14 14:20:50 82,944 -c----w c:\windows\$NtUninstallKB946648$\msgsc.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB946648$\spuninst\updspapi.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB950760$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB950760$\spuninst\updspapi.dll
+ 2006-07-13 08:48:58 202,240 -c----w c:\windows\$NtUninstallKB950762$\rmcast.sys
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB950762$\spuninst\updspapi.dll
+ 2005-07-26 04:40:30 243,200 -c----w c:\windows\$NtUninstallKB950974$\es.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB950974$\spuninst\spuninst.exe
+ 2007-11-30 12:39:25 392,056 -c----w c:\windows\$NtUninstallKB950974$\spuninst\updspapi.dll
+ 2007-08-21 06:17:25 683,520 -c----w c:\windows\$NtUninstallKB951066$\inetcomm.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB951066$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB951066$\spuninst\updspapi.dll
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB951072-v2$\spuninst\updspapi.dll
+ 2007-11-13 11:31:11 60,416 -c----w c:\windows\$NtUninstallKB951072-v2$\tzchange.exe
+ 2008-04-14 15:52:59 272,128 -c----w c:\windows\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:19:03 392,056 -c----w c:\windows\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2004-09-14 13:06:48 274,304 -c----w c:\windows\$NtUninstallKB951376$\bthport.sys
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB951376$\spuninst\spuninst.exe
+ 2007-11-30 11:19:03 392,056 -c----w c:\windows\$NtUninstallKB951376$\spuninst\updspapi.dll
+ 2007-10-29 22:43:51 1,288,192 -c----w c:\windows\$NtUninstallKB951698$\quartz.dll
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB951698$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB951698$\spuninst\updspapi.dll
+ 2004-09-15 12:00:00 138,496 -c----w c:\windows\$NtUninstallKB951748$\afd.sys
+ 2008-02-20 05:38:03 148,992 -c----w c:\windows\$NtUninstallKB951748$\dnsapi.dll
+ 2004-09-15 12:00:00 246,784 -c----w c:\windows\$NtUninstallKB951748$\mswsock.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB951748$\spuninst\spuninst.exe
+ 2007-11-30 12:39:25 392,056 -c----w c:\windows\$NtUninstallKB951748$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w c:\windows\$NtUninstallKB951748$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w c:\windows\$NtUninstallKB951748$\tcpip6.sys
+ 2006-10-18 18:03:58 100,864 -c----w c:\windows\$NtUninstallKB952069_WM9$\logagent.exe
+ 2007-07-27 05:28:28 232,824 -c----w c:\windows\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe
+ 2007-07-27 07:41:48 382,840 -c----w c:\windows\$NtUninstallKB952069_WM9$\spuninst\updspapi.dll
+ 2006-10-18 19:47:20 937,984 -c----w c:\windows\$NtUninstallKB952069_WM9$\wmnetmgr.dll
+ 2006-10-18 19:47:22 2,450,944 -c----w c:\windows\$NtUninstallKB952069_WM9$\wmvcore.dll
+ 2004-09-15 12:00:00 331,776 -c----w c:\windows\$NtUninstallKB952287$\msadce.dll
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB952287$\spuninst\spuninst.exe
+ 2007-11-30 11:19:03 392,056 -c----w c:\windows\$NtUninstallKB952287$\spuninst\updspapi.dll
+ 2005-06-29 01:49:52 74,240 -c----w c:\windows\$NtUninstallKB952954$\mscms.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB952954$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB952954$\spuninst\updspapi.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB953839$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB953839$\spuninst\updspapi.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB954211$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB954211$\spuninst\updspapi.dll
+ 2008-03-20 08:09:41 1,845,504 -c----w c:\windows\$NtUninstallKB954211$\win32k.sys
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB954600$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB954600$\spuninst\updspapi.dll
+ 2006-08-24 11:19:40 246,814 -c----w c:\windows\$NtUninstallKB954600$\strmdll.dll
+ 2007-06-26 06:09:33 1,104,896 -c----w c:\windows\$NtUninstallKB955069$\msxml3.dll
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe
+ 2008-07-09 11:10:04 392,056 -c----w c:\windows\$NtUninstallKB955069$\spuninst\updspapi.dll
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB955839$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB955839$\spuninst\updspapi.dll
+ 2008-07-14 11:09:18 62,976 -c----w c:\windows\$NtUninstallKB955839$\tzchange.exe
+ 2007-11-30 12:39:27 232,824 -c----w c:\windows\$NtUninstallKB956391$\spuninst\spuninst.exe
+ 2007-11-30 12:39:28 392,056 -c----w c:\windows\$NtUninstallKB956391$\spuninst\updspapi.dll
+ 2008-02-20 06:51:32 282,624 -c----w c:\windows\$NtUninstallKB956802$\gdi32.dll
+ 2008-07-08 13:03:24 232,824 -c----w c:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe
+ 2008-07-09 07:40:02 392,056 -c----w c:\windows\$NtUninstallKB956802$\spuninst\updspapi.dll
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803$\afd.sys
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe
+ 2007-11-30 11:19:03 392,056 -c----w c:\windows\$NtUninstallKB956803$\spuninst\updspapi.dll
+ 2007-02-28 16:02:38 2,138,624 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlmp.exe
+ 2007-02-28 16:02:38 2,018,304 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
+ 2007-02-28 16:02:38 2,018,304 -c----w c:\windows\$NtUninstallKB956841$\ntkrpamp.exe
+ 2007-02-28 16:02:38 2,138,624 -c----w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB956841$\spuninst\spuninst.exe
+ 2008-07-09 07:40:02 392,056 -c----w c:\windows\$NtUninstallKB956841$\spuninst\updspapi.dll
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB957095$\spuninst\spuninst.exe
+ 2007-11-30 11:19:03 392,056 -c----w c:\windows\$NtUninstallKB957095$\spuninst\updspapi.dll
+ 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtUninstallKB957095$\srv.sys
+ 2006-05-05 09:41:45 453,120 -c----w c:\windows\$NtUninstallKB957097$\mrxsmb.sys
+ 2008-07-08 13:03:24 232,824 -c----w c:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe
+ 2008-07-08 13:03:34 392,056 -c----w c:\windows\$NtUninstallKB957097$\spuninst\updspapi.dll
+ 2006-08-17 12:28:30 332,288 -c----w c:\windows\$NtUninstallKB958644$\netapi32.dll
+ 2007-11-30 11:19:02 232,824 -c----w c:\windows\$NtUninstallKB958644$\spuninst\spuninst.exe
+ 2007-11-30 11:19:03 392,056 -c----w c:\windows\$NtUninstallKB958644$\spuninst\updspapi.dll
+ 2006-10-16 14:10:58 221,488 -c----w c:\windows\$NtUninstallWIC$\spuninst\spuninst.exe
+ 2006-10-16 14:10:58 379,184 -c----w c:\windows\$NtUninstallWIC$\spuninst\updspapi.dll
+ 2005-01-28 11:44:28 294,912 -c----w c:\windows\$NtUninstallWMFDist11$\blackbox.dll
+ 2005-01-28 11:44:28 164,864 -c----w c:\windows\$NtUninstallWMFDist11$\cewmdm.dll
+ 2005-01-28 11:44:28 502,272 -c----w c:\windows\$NtUninstallWMFDist11$\drmv2clt.dll
+ 2005-01-28 11:44:28 6,656 -c----w c:\windows\$NtUninstallWMFDist11$\laprxy.dll
+ 2005-01-28 11:44:28 96,768 -c----w c:\windows\$NtUninstallWMFDist11$\logagent.exe
+ 2004-09-15 12:00:00 310,272 -c----w c:\windows\$NtUninstallWMFDist11$\mp43dmod.dll
+ 2004-09-15 12:00:00 384,512 -c----w c:\windows\$NtUninstallWMFDist11$\mp4sdmod.dll
+ 2004-09-15 12:00:00 240,640 -c----w c:\windows\$NtUninstallWMFDist11$\mpg4dmod.dll
+ 2005-01-28 11:44:28 142,336 -c----w c:\windows\$NtUninstallWMFDist11$\msnetobj.dll
+ 2005-01-28 11:44:28 25,088 -c----w c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
+ 2005-01-28 11:44:28 173,568 -c----w c:\windows\$NtUninstallWMFDist11$\mspmsp.dll
+ 2005-01-28 11:44:28 364,784 -c----w c:\windows\$NtUninstallWMFDist11$\msscp.dll
+ 2005-01-28 11:44:28 315,904 -c----w c:\windows\$NtUninstallWMFDist11$\mswmdm.dll
+ 2005-01-28 11:44:28 221,184 -c----w c:\windows\$NtUninstallWMFDist11$\qasf.dll
+ 2006-05-16 16:11:54 213,216 -c----w c:\windows\$NtUninstallWMFDist11$\spuninst\spuninst.exe
+ 2006-05-16 16:11:54 371,424 -c----w c:\windows\$NtUninstallWMFDist11$\spuninst\updspapi.dll
+ 2006-11-02 09:46:52 13,312 -c----w c:\windows\$NtUninstallWMFDist11$\spuninst\wpdinstallutil.dll
+ 2005-01-28 11:44:28 47,104 -c----w c:\windows\$NtUninstallWMFDist11$\uwdf.exe
+ 2005-01-28 11:44:28 15,872 -c----w c:\windows\$NtUninstallWMFDist11$\wdfapi.dll
+ 2005-01-28 11:44:28 38,912 -c----w c:\windows\$NtUninstallWMFDist11$\wdfmgr.exe
+ 2005-01-28 11:44:28 396,528 -c----w c:\windows\$NtUninstallWMFDist11$\wmadmod.dll
+ 2005-01-28 11:44:28 716,288 -c----w c:\windows\$NtUninstallWMFDist11$\wmadmoe.dll
+ 2007-10-20 04:01:32 227,328 -c----w c:\windows\$NtUninstallWMFDist11$\wmasf.dll
+ 2005-01-28 11:44:28 28,160 -c----w c:\windows\$NtUninstallWMFDist11$\wmdmlog.dll
+ 2005-01-28 11:44:28 33,792 -c----w c:\windows\$NtUninstallWMFDist11$\wmdmps.dll
+ 2005-01-28 11:44:28 335,872 -c----w c:\windows\$NtUninstallWMFDist11$\wmdrmdev.dll
+ 2005-01-28 11:44:28 290,816 -c----w c:\windows\$NtUninstallWMFDist11$\wmdrmnet.dll
+ 2005-01-28 11:44:28 150,016 -c----w c:\windows\$NtUninstallWMFDist11$\wmidx.dll
+ 2005-01-28 11:44:28 1,027,072 -c----w c:\windows\$NtUninstallWMFDist11$\wmnetmgr.dll
+ 2005-01-28 11:44:28 774,904 -c----w c:\windows\$NtUninstallWMFDist11$\wmsdmod.dll
+ 2005-01-28 11:44:28 1,119,744 -c----w c:\windows\$NtUninstallWMFDist11$\wmsdmoe2.dll
+ 2005-01-28 11:44:28 819,200 -c----w c:\windows\$NtUninstallWMFDist11$\wmsetsdk.exe
+ 2005-01-28 11:44:28 413,944 -c----w c:\windows\$NtUninstallWMFDist11$\wmspdmod.dll
+ 2005-01-28 11:44:28 940,544 -c----w c:\windows\$NtUninstallWMFDist11$\wmspdmoe.dll
+ 2005-01-28 11:44:28 1,218,808 -c----w c:\windows\$NtUninstallWMFDist11$\wmvadvd.dll
+ 2005-01-28 11:44:28 1,512,448 -c----w c:\windows\$NtUninstallWMFDist11$\wmvadve.dll
+ 2006-12-07 05:29:34 2,374,472 -c----w c:\windows\$NtUninstallWMFDist11$\wmvcore.dll
+ 2005-01-28 11:44:28 895,736 -c----w c:\windows\$NtUninstallWMFDist11$\wmvdmod.dll
+ 2005-01-28 11:44:28 1,003,008 -c----w c:\windows\$NtUninstallWMFDist11$\wmvdmoe2.dll
+ 2005-01-28 11:44:28 38,912 -c----w c:\windows\$NtUninstallWMFDist11$\wpd_ci.dll
+ 2005-01-28 11:44:28 61,952 -c----w c:\windows\$NtUninstallWMFDist11$\wpdconns.dll
+ 2005-01-28 11:44:28 114,176 -c----w c:\windows\$NtUninstallWMFDist11$\wpdmtp.dll
+ 2005-01-28 11:44:28 66,560 -c----w c:\windows\$NtUninstallWMFDist11$\wpdmtpus.dll
+ 2005-01-28 11:44:28 331,264 -c----w c:\windows\$NtUninstallWMFDist11$\wpdsp.dll
+ 2005-01-28 11:44:28 18,944 -c----w c:\windows\$NtUninstallWMFDist11$\wpdusb.sys
+ 2006-09-15 23:05:22 221,488 -c----w c:\windows\$NtUninstallWudf01000$\spuninst\spuninst.exe
+ 2006-09-15 23:05:22 379,184 -c----w c:\windows\$NtUninstallWudf01000$\spuninst\updspapi.dll
+ 2006-09-28 17:01:52 58,368 -c----w c:\windows\$NtUninstallWudf01000$\spuninst\WudfCustom.dll
+ 2008-09-03 13:15:23 100,888 ----a-w c:\windows\.jagex_cache_32\loginapplet\cache--1999123318.dat
+ 2009-02-06 15:17:46 101,991 ----a-w c:\windows\.jagex_cache_32\loginapplet\cache-1272026540.dat
+ 2008-07-15 11:44:10 315,392 ----a-w c:\windows\.jagex_cache_32\runescape\browsercontrol.dll
+ 2008-11-11 14:56:39 19,767 ----a-w c:\windows\.jagex_cache_32\runescape\game_unpacker.dat
+ 2009-02-11 16:02:44 315,392 ----a-w c:\windows\.jagex_cache_32\runescape\jogl.dll
+ 2009-02-11 16:02:44 20,480 ----a-w c:\windows\.jagex_cache_32\runescape\jogl_awt.dll
+ 2009-02-02 18:17:09 155,648 ----a-w c:\windows\A7E07C2B2220441587E3784D5814BC93.TMP\WiseCustomCalla.dll
+ 2006-10-04 14:05:26 39,424 ------w c:\windows\AppPatch\acadproc.dll
- 2008-05-03 19:36:30 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2008-06-16 16:26:39 53,248 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2008-05-03 19:36:30 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2008-06-16 16:26:39 12,800 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2008-05-03 19:36:30 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2008-06-16 16:26:39 473,600 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2008-03-14 19:17:01 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:35 2,676,224 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:01 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:35 2,846,720 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:02 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:36 563,712 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:02 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:36 567,296 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:02 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:36 576,000 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-05-03 19:36:30 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:37 577,024 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:02 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:37 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:02 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:37 577,536 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:02 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:38 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-03-14 19:17:03 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-06-16 16:26:39 578,560 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2008-05-03 19:36:31 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2008-06-16 16:26:40 145,920 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2008-05-03 19:36:31 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2008-06-16 16:26:40 159,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2008-05-03 19:36:31 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2008-06-16 16:26:40 364,544 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2008-05-03 19:36:31 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2008-06-16 16:26:41 178,176 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2008-05-03 19:36:29 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-06-16 16:26:38 223,232 ----a-w c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2008-11-12 19:17:13 151,552 ----a-w c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-11-12 19:17:30 3,915,776 ----a-w c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2008-12-06 16:48:14 10,088 ----a-w c:\windows\assembly\GAC_32\StorePluginInterface\1.0.0.0__7010de4470b07f04\StorePluginInterface.dll
+ 2008-11-12 19:17:32 344,064 ----a-w c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2008-11-12 19:17:13 352,256 ----a-w c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2008-11-12 19:17:30 593,920 ----a-w c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2008-11-12 19:17:30 32,768 ----a-w c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2008-11-12 19:17:31 184,320 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2008-11-12 19:17:31 126,976 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2008-11-12 19:17:31 376,832 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2008-11-12 19:17:31 151,552 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2008-11-12 19:17:31 4,972,544 ----a-w c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2008-11-12 19:17:31 897,024 ----a-w c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2008-11-12 19:17:32 528,384 ----a-w c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2008-11-12 19:17:13 94,208 ----a-w c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2008-11-12 19:17:14 126,976 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2008-11-12 19:17:14 401,408 ----a-w c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2008-11-12 19:17:14 131,072 ----a-w c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2008-11-12 19:17:14 884,736 ----a-w c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2008-11-12 19:17:15 159,744 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
+ 2008-11-12 19:17:15 16,384 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2008-11-12 19:17:14 5,623,808 ----a-w c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2008-11-12 19:17:32 688,128 ----a-w c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2008-11-12 19:18:29 1,108,784 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2008-11-12 19:18:29 1,641,272 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2008-11-12 19:18:29 588,592 ----a-w c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2008-11-12 19:17:31 163,840 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2008-11-12 19:17:31 372,736 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2008-11-12 19:17:31 32,768 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2008-11-12 19:17:31 86,016 ----a-w c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2008-11-12 19:17:30 1,167,360 ----a-w c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2008-11-12 19:17:32 81,920 ----a-w c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2008-12-06 16:49:48 7,110,656 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\AppCommon\12ff929fe009a9d7039780582a183975\AppCommon.ni.dll
+ 2008-12-06 16:49:55 77,824 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.QTOContro#\5d887d10219b2a4d2c864ef8e6f988e9\AxInterop.QTOControlLib.ni.dll
+ 2008-12-06 16:49:51 143,360 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.SHDocVw\c19e31dd0da528ca4e4395b8d5f27ef3\AxInterop.SHDocVw.ni.dll
+ 2008-12-06 16:49:54 184,320 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\AxInterop.WMPLib\48bf4c78d862d8b29683ead8006efe07\AxInterop.WMPLib.ni.dll
+ 2008-11-12 20:23:45 503,808 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\373d5acced35e392e1f413a69042340d\ComSvcConfig.ni.exe
+ 2008-12-06 16:49:53 221,184 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\GCPlayer\79e3541497adc0c2d48a96893c8ae014\GCPlayer.ni.dll
+ 2008-12-06 16:49:53 32,768 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interfaces\34b666aa7c154d9e721663299d3730ef\Interfaces.ni.dll
+ 2008-12-06 16:49:54 389,120 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.CDDBCONTROL#\881866bcbbf90b71169abc356f865b3c\Interop.CDDBCONTROLLibSMS.ni.dll
+ 2008-12-06 16:50:07 86,016 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.CDDBLINKLib#\bdba10f7daecebb3dad5884a3bd74bf5\Interop.CDDBLINKLibSMS.ni.dll
+ 2008-12-06 16:50:08 35,840 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.CDDBUICONTR#\6c8a75ff0fe8a9ec2372a772253e56a5\Interop.CDDBUICONTROLLibSMS.ni.dll
+ 2008-12-06 16:49:52 118,784 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\ba3883931b1eff189f4936b08b87e28f\Interop.IWshRuntimeLibrary.ni.dll
+ 2008-12-06 16:49:53 90,112 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.PortableDev#\34fdb7051aac23225665a0c3f79bd975\Interop.PortableDeviceApiLib.ni.dll
+ 2008-12-06 16:50:08 90,112 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.PortableDev#\60d9ec8484aa884a1eafca8c57edcbc9\Interop.PortableDeviceTypesLib.ni.dll
+ 2008-12-06 16:49:55 81,920 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.QTOControlL#\edcab57315e43101a797e10d788e7090\Interop.QTOControlLib.ni.dll
+ 2008-12-06 16:49:56 221,184 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.QTOLibrary\1770e571f589b16c915c09492c401dd8\Interop.QTOLibrary.ni.dll
+ 2008-12-06 16:49:51 344,064 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.SHDocVw\a5edaaee6e06ab2c84416250d46e640f\Interop.SHDocVw.ni.dll
+ 2008-12-06 16:49:55 847,872 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WMPLib\8cf76f61eec9d71e780e33f497b7052f\Interop.WMPLib.ni.dll
+ 2008-12-06 16:49:51 712,704 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\log4net\c214dffd2c15fedb78004903ebe143ef\log4net.ni.dll
+ 2008-12-06 16:49:54 884,736 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Lucene.Net\b367e4694dcafc89ec4a3560cc007306\Lucene.Net.ni.dll
+ 2008-12-06 16:49:49 966,656 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.GUI\a99c19aa2962b7844090b1f15c5b70c6\MediaManager.GUI.ni.dll
+ 2008-12-06 16:50:08 380,928 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.Splash#\d55a5c2a9883fbfc2471edb3a08e5db1\MediaManager.SplashScreen.ni.dll
+ 2008-12-06 16:49:52 282,624 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager.Utils\9378f68909dcb5d9eea5558e963ea35b\MediaManager.Utils.ni.dll
+ 2008-12-06 16:49:43 1,921,024 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\MediaManager\fb733f6cd398a5992ebf609f410a2d80\MediaManager.ni.exe
+ 2008-12-06 16:50:11 2,441,216 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\b3b62fe820b416515420a6ec17b247c3\Microsoft.JScript.ni.dll
+ 2008-11-12 20:23:47 1,114,112 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\019a85babfbe02cecdbb63a65d391aba\Microsoft.Transactions.Bridge.ni.dll
+ 2008-11-12 20:23:47 401,408 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\cb8d7b6cc6827e9f2d66c4d7ef9b5d54\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2008-11-12 19:17:45 17,920 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\cd0730694ba5927a6efd32129783e1b4\Microsoft.VisualC.ni.dll
+ 2008-12-06 16:50:11 77,824 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\e674ba75a514e00b26329e212da938e0\Microsoft.Vsa.ni.dll
+ 2008-12-06 16:49:53 679,936 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PerstNET\22ad0fc085ad21da8cf60962a5ce1829\PerstNET.ni.dll
+ 2008-12-06 16:50:08 49,664 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PluginSystem\d1764d7969525889f7413d707b86ebde\PluginSystem.ni.dll
+ 2008-11-12 20:23:53 1,564,672 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\41bd82648d480ec304ea0c04034787bc\PresentationBuildTasks.ni.dll
+ 2008-11-12 19:18:00 40,448 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\9385f2c37b2e00e06ec3f57153f63a2d\PresentationCFFRasterizer.ni.dll
+ 2008-11-12 19:17:59 11,980,800 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7e413273e9d6710be8a39dcce2e45c2c\PresentationCore.ni.dll
+ 2008-11-12 19:18:25 48,640 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\599806acdd6dc0aeed19ebf9d622dcad\PresentationFontCache.ni.exe
+ 2008-11-12 19:18:22 552,960 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0766df362854f0330a4a45179773657e\PresentationFramework.Luna.ni.dll
+ 2008-11-12 19:18:23 274,432 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8aaa2b56f733902cc1ba9d8300d2a0e3\PresentationFramework.Royale.ni.dll
+ 2008-11-12 19:18:21 241,664 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d87c2740add3b0f86833159ce57c71ec\PresentationFramework.Classic.ni.dll
+ 2008-11-12 19:18:14 14,659,584 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\de20226274a5739a4b42d8e26b546180\PresentationFramework.ni.dll
+ 2008-11-12 19:18:23 393,216 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e389aa7f3dd4eb1ee585724f130a79cb\PresentationFramework.Aero.ni.dll
+ 2008-11-12 19:18:16 1,986,560 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\f97ac4e9c402e98d2b5b7114e4fbbd2a\PresentationUI.ni.dll
+ 2008-11-12 19:18:19 2,416,640 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\1fe0f79dd0d47e4d1eb474f98a1949fb\ReachFramework.ni.dll
+ 2008-11-12 20:23:48 139,264 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\0bcc4abbe0c5c3feeda7f711304ac4a0\ServiceModelReg.ni.exe
+ 2008-12-06 16:50:07 30,720 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\SFMARKETLib\9eb969e20b8c21551b1d86ad18d6839c\SFMARKETLib.ni.dll
+ 2008-11-12 20:23:48 286,720 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\5e3765ee346151c26a3793ddf3a8d6d7\SMDiagnostics.ni.dll
+ 2008-11-12 20:23:48 323,584 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\c6f33f28f5bb403981ac148da447e3c5\SMSvcHost.ni.exe
+ 2008-12-06 16:49:50 1,036,288 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\Sony.MediaSoftware.#\206a1dd4d1979264215c9934851409cb\Sony.MediaSoftware.clrshared.ni.dll
+ 2008-12-06 16:49:56 44,544 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\5eef2f32e44870fde9f65d34d523ef3e\stdole.ni.dll
+ 2008-12-06 16:50:08 15,360 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\StorePluginInterface\e401d20d70f1315bb945d8a0ac665fb6\StorePluginInterface.ni.dll
+ 2008-11-12 20:23:58 262,144 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\6a075eb8e0f13de87d1278aa8562d51e\sysglobl.ni.dll
+ 2008-11-12 19:17:48 163,840 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\c46625ea87db53ccf6194fe17ee05c19\System.Configuration.Install.ni.dll
+ 2008-11-12 19:17:48 1,183,744 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\1abdb47765d0696a2fc0a1095bac0249\System.Data.OracleClient.ni.dll
+ 2008-11-12 19:17:45 2,756,608 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\e59504af41afab5e04681af951d9b302\System.Data.SqlXml.ni.dll
+ 2008-11-12 20:23:25 241,664 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\dd8f551c39409fa95b0c22cf2ee48b65\System.IdentityModel.Selectors.ni.dll
+ 2008-11-12 20:23:25 978,944 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\581d8571e61ebe24154ae912624c3c9d\System.IdentityModel.ni.dll
+ 2008-11-12 20:23:26 417,792 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\86cd41998dc72b213d9464b56fe245b9\System.IO.Log.ni.dll
+ 2008-12-06 16:50:09 1,064,960 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\29c7192327cf3999961560bf3a3995c6\System.Management.ni.dll
+ 2008-11-12 19:18:39 655,360 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\00e3750e478bac4913ee7a6c3b7cd392\System.Messaging.ni.dll
+ 2008-11-12 19:18:20 1,118,208 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\690a965457e274ad13f6b1f9ac2bad4e\System.Printing.ni.dll
+ 2008-11-12 19:17:46 815,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0898f6c1de8cb89413d206e3d6a3ce1d\System.Runtime.Remoting.ni.dll
+ 2008-11-12 19:17:46 339,968 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1f5cf8178029f5b959a9af75cb8cfedb\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2008-11-12 20:23:28 2,351,104 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c4838d300f677f34c9d44ead84b8603b\System.Runtime.Serialization.ni.dll
+ 2008-11-12 20:23:44 17,354,752 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\7a2bc3302a133e235ec99193c56a0571\System.ServiceModel.ni.dll
+ 2008-11-12 20:23:57 2,039,808 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\d38908d5c6a11dd7dceaf9bd34adb437\System.Speech.ni.dll
+ 2008-11-12 19:18:33 2,994,176 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\5e0df5685ce40f838eea52a5f1454b68\System.Workflow.Activities.ni.dll
+ 2008-11-12 19:18:36 4,587,520 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\2689e361e42d0bb9e3d19f1ecd30c26a\System.Workflow.ComponentModel.ni.dll
+ 2008-11-12 19:18:38 2,093,056 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\41b6c3a0c115c43c53697efa1607fe49\System.Workflow.Runtime.ni.dll
+ 2008-11-12 20:24:00 483,328 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\f61803ded1c123ed9ed5849e7dcebf25\UIAutomationClient.ni.dll
+ 2008-11-12 20:24:01 1,118,208 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\679889309b57024e8abbe80c6c7d48bc\UIAutomationClientsideProviders.ni.dll
+ 2008-11-12 19:17:59 50,688 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\9865738a916ad3664dd374582b9ea873\UIAutomationProvider.ni.dll
+ 2008-11-12 19:17:59 196,608 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\71605ce631809dcbfba38842fdf59acf\UIAutomationTypes.ni.dll
+ 2008-11-12 19:17:42 3,260,416 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\50652bfd061ead84841e6c9bfffacfb1\WindowsBase.ni.dll
+ 2008-11-12 20:24:02 270,336 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\2c96738a6ba8ff9e88889f331590e181\WindowsFormsIntegration.ni.dll
+ 2008-11-12 20:23:49 380,928 ----a-w c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\02436080d129210828823210ce879fd8\WsatConfig.ni.exe
+ 2004-10-22 02:15:00 86,016 ----a-r c:\windows\CtDrvIns.exe
+ 1999-10-11 01:00:00 41,984 ------w c:\windows\Ctregrun.exe
+ 2008-11-02 20:00:54 4,096 ----a-w c:\windows\d3dx.dat
+ 2006-03-20 14:34:42 24,576 ----a-w c:\windows\Downloaded Program Files\dwusplay.dll
+ 2006-03-20 14:34:42 196,608 ----a-w c:\windows\Downloaded Program Files\dwusplay.exe
+ 2006-03-20 14:34:52 484,272 ----a-w c:\windows\Downloaded Program Files\isusweb.dll
+ 2008-01-15 19:12:48 296,336 ----a-w c:\windows\Downloaded Program Files\rufsi.dll
+ 2008-06-14 17:59:49 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys
- 2006-05-05 09:41:45 453,120 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2007-02-28 16:02:38 2,138,624 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:46:12 2,138,624 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 16:02:46 2,059,904 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:46:15 2,060,032 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 16:02:38 2,018,304 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:46:10 2,018,304 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 16:02:46 2,182,656 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 13:46:14 2,182,656 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2005-10-20 17:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2008-08-07 13:27:04 163,328 ----a-w c:\windows\erunt\sdfix\ERDNT.EXE
+ 2009-02-09 13:35:17 9,527,296 ----a-w c:\windows\erunt\sdfix\Users\00000001\NTUSER.DAT
+ 2009-02-09 13:35:17 204,800 ----a-w c:\windows\erunt\sdfix\Users\00000002\UsrClass.dat
+ 2008-08-07 13:27:04 163,328 ----a-w c:\windows\erunt\sdfix_first_run\ERDNT.EXE
+ 2008-08-23 12:44:34 6,701,056 ----a-w c:\windows\erunt\sdfix_first_run\Users\00000001\NTUSER.DAT
+ 2008-08-23 12:44:34 176,128 ----a-w c:\windows\erunt\sdfix_first_run\Users\00000002\UsrClass.dat
+ 2008-03-01 13:01:50 124,928 -c----w c:\windows\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 13:01:50 347,136 -c----w c:\windows\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 13:01:50 214,528 -c----w c:\windows\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 13:01:50 133,120 -c----w c:\windows\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 13:01:50 63,488 -c----w c:\windows\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:55:56 70,656 -c----w c:\windows\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 13:01:50 153,088 -c----w c:\windows\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 13:01:50 230,400 -c----w c:\windows\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w c:\windows\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 13:01:51 383,488 -c----w c:\windows\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 13:01:51 384,512 -c----w c:\windows\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 13:01:51 6,066,176 -c----w c:\windows\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 13:01:51 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 13:01:51 267,776 -c----w c:\windows\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w c:\windows\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:56:25 625,664 -c----w c:\windows\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 13:01:51 27,648 -c----w c:\windows\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 13:01:52 459,264 -c----w c:\windows\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 13:01:52 52,224 -c----w c:\windows\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 15:31:54 3,591,680 -c----w c:\windows\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 13:01:53 478,208 -c----w c:\windows\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 13:01:53 193,024 -c----w c:\windows\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 13:01:53 671,232 -c----w c:\windows\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 13:01:53 102,912 -c----w c:\windows\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 13:01:53 44,544 -c----w c:\windows\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:31:14 214,752 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w c:\windows\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 13:01:53 105,984 -c----w c:\windows\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 13:01:53 1,159,680 -c----w c:\windows\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 13:01:53 233,472 -c----w c:\windows\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 13:01:53 826,368 -c----w c:\windows\ie7updates\KB950759-IE7\wininet.dll
+ 2008-04-23 04:16:41 124,928 -c----w c:\windows\ie7updates\KB953838-IE7\advpack.dll
+ 2008-04-23 04:16:42 347,136 -c----w c:\windows\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2008-04-23 04:16:42 214,528 -c----w c:\windows\ie7updates\KB953838-IE7\dxtrans.dll
+ 2008-04-23 04:16:42 133,120 -c----w c:\windows\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-04-23 04:16:42 63,488 -c----w c:\windows\ie7updates\KB953838-IE7\icardie.dll
+ 2008-04-22 07:41:08 70,656 -c----w c:\windows\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2008-04-23 04:16:42 153,088 -c----w c:\windows\ie7updates\KB953838-IE7\ieakeng.dll
+ 2008-04-23 04:16:42 230,400 -c----w c:\windows\ie7updates\KB953838-IE7\ieaksie.dll
+ 2008-04-20 05:07:51 161,792 -c----w c:\windows\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-04-23 04:16:42 383,488 -c----w c:\windows\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2008-04-23 04:16:42 384,512 -c----w c:\windows\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-04-23 04:16:42 6,066,176 -c----w c:\windows\ie7updates\KB953838-IE7\ieframe.dll
+ 2008-04-23 04:16:42 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-04-23 04:16:42 267,776 -c----w c:\windows\ie7updates\KB953838-IE7\iertutil.dll
+ 2008-04-22 07:39:58 13,824 -c----w c:\windows\ie7updates\KB953838-IE7\ieudinit.exe
+ 2008-04-22 07:41:30 625,664 -c----w c:\windows\ie7updates\KB953838-IE7\iexplore.exe
+ 2008-04-23 04:16:42 27,648 -c----w c:\windows\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-04-23 04:16:42 459,264 -c----w c:\windows\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-04-23 04:16:42 52,224 -c----w c:\windows\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2008-04-23 19:16:44 3,591,680 -c----w c:\windows\ie7updates\KB953838-IE7\mshtml.dll
+ 2008-04-23 04:16:42 478,208 -c----w c:\windows\ie7updates\KB953838-IE7\mshtmled.dll
+ 2008-04-23 04:16:42 193,024 -c----w c:\windows\ie7updates\KB953838-IE7\msrating.dll
+ 2008-04-23 04:16:42 671,232 -c----w c:\windows\ie7updates\KB953838-IE7\mstime.dll
+ 2008-04-23 04:16:42 102,912 -c----w c:\windows\ie7updates\KB953838-IE7\occache.dll
+ 2008-04-23 04:16:42 44,544 -c----w c:\windows\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:31:14 214,752 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w c:\windows\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2008-04-23 04:16:42 105,984 -c----w c:\windows\ie7updates\KB953838-IE7\url.dll
+ 2008-04-23 04:16:43 1,159,680 -c----w c:\windows\ie7updates\KB953838-IE7\urlmon.dll
+ 2008-04-23 04:16:43 233,472 -c----w c:\windows\ie7updates\KB953838-IE7\webcheck.dll
+ 2008-04-23 04:16:43 826,368 -c----w c:\windows\ie7updates\KB953838-IE7\wininet.dll
+ 2008-06-23 16:29:13 124,928 -c----w c:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2008-06-23 16:29:13 347,136 -c----w c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2008-06-23 16:29:13 214,528 -c----w c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2008-06-23 16:29:13 133,120 -c----w c:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2008-06-23 16:29:13 63,488 -c----w c:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2008-06-23 09:21:15 70,656 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2008-06-23 16:29:13 153,088 -c----w c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2008-06-23 16:29:13 230,400 -c----w c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2008-06-21 05:23:54 161,792 -c----w c:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2008-06-23 16:29:13 383,488 -c----w c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2008-06-23 16:29:13 384,512 -c----w c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2008-06-23 16:29:14 6,066,176 -c----w c:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2008-06-23 16:29:14 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2008-06-23 16:29:14 267,776 -c----w c:\windows\ie7updates\KB956390-IE7\iertutil.dll
+ 2008-06-23 09:20:26 13,824 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2008-06-23 09:21:31 625,664 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2008-06-23 16:29:15 27,648 -c----w c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2008-06-23 16:29:15 459,264 -c----w c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2008-06-23 16:29:15 52,224 -c----w c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2008-06-24 07:29:16 3,592,192 -c----w c:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2008-06-23 16:29:15 477,696 -c----w c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2008-06-23 16:29:15 193,024 -c----w c:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2008-06-23 16:29:15 671,232 -c----w c:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2008-06-23 16:29:15 102,912 -c----w c:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2008-06-23 16:29:15 44,544 -c----w c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 01:31:14 214,752 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w c:\windows\ie7updates\KB956390-IE7\spuninst\updspapi.dll
+ 2008-06-23 16:29:16 105,984 -c----w c:\windows\ie7updates\KB956390-IE7\url.dll
+ 2008-06-23 16:29:16 1,159,680 -c----w c:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2008-06-23 16:29:16 233,472 -c----w c:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2008-06-23 16:29:16 826,368 -c----w c:\windows\ie7updates\KB956390-IE7\wininet.dll
+ 2008-08-26 08:12:24 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll
+ 2008-08-26 08:12:24 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll
+ 2008-08-26 08:12:24 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll
+ 2008-08-26 08:12:24 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll
+ 2008-08-26 08:12:24 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll
+ 2008-08-25 08:38:49 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2008-08-26 08:12:24 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll
+ 2008-08-26 08:12:24 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll
+ 2008-08-26 08:12:24 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll
+ 2008-08-26 08:12:24 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll
+ 2008-10-03 17:12:24 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll
+ 2008-08-26 08:12:25 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll
+ 2008-08-26 08:12:25 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe
+ 2008-08-26 08:12:25 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll
+ 2008-08-26 08:12:25 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll
+ 2008-08-26 08:12:25 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll
+ 2008-08-26 08:12:26 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll
+ 2008-08-26 08:12:26 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll
+ 2008-08-26 08:12:26 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll
+ 2008-08-26 08:12:26 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll
+ 2008-08-26 08:12:26 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll
+ 2007-03-06 01:31:14 214,752 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll
+ 2008-08-26 08:12:26 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll
+ 2008-08-26 08:12:26 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll
+ 2008-08-26 08:12:26 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll
+ 2008-08-26 08:12:26 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll
+ 2008-08-27 09:12:28 3,593,216 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll
+ 2007-03-06 01:31:14 214,752 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:32:23 380,640 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll
+ 2007-05-31 11:35:22 6,420,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\B040110900063D11C8EF10054038389C\11.0.8173\POWERPNT.EXE
+ 2008-07-18 18:45:16 27,136 ----a-r c:\windows\Installer\{02DFF6B1-1654-411C-8D7B-FD6052EF016F}\AppleSoftwareUpdateIco.exe
+ 2008-06-03 18:58:36 422,598 ----a-r c:\windows\Installer\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\ARPPRODUCTICON.exe
+ 2008-06-03 18:58:36 65,536 ----a-r c:\windows\Installer\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
+ 2008-07-18 18:45:48 86,016 ----a-r c:\windows\Installer\{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}\PrntWzrdIco.exe
+ 2008-11-12 21:09:01 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2008-07-18 12:36:30 15,086 ----a-r c:\windows\Installer\{8C1AD831-A7F8-4E8C-A2CB-DD3091AF9AB8}\controlPanelIcon.exe
+ 2008-07-18 12:36:30 15,086 ----a-r c:\windows\Installer\{8C1AD831-A7F8-4E8C-A2CB-DD3091AF9AB8}\ext.exe
+ 2008-07-18 12:36:30 15,086 ----a-r c:\windows\Installer\{8C1AD831-A7F8-4E8C-A2CB-DD3091AF9AB8}\ext_1.exe
+ 2008-07-18 12:36:30 10,134 ----a-r c:\windows\Installer\{8C1AD831-A7F8-4E8C-A2CB-DD3091AF9AB8}\SystemFolder_msiexec.exe
- 2008-05-14 20:05:30 593,920 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-01-14 22:08:08 593,920 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-05-14 20:05:30 12,288 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2009-01-14 22:08:08 12,288 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-05-14 20:05:30 86,016 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-01-14 22:08:08 86,016 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-05-14 20:05:30 135,168 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-01-14 22:08:08 135,168 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-05-14 20:05:30 11,264 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-01-14 22:08:08 11,264 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-05-14 20:05:30 27,136 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-01-14 22:08:08 27,136 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-05-14 20:05:30 4,096 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-01-14 22:08:08 4,096 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-05-14 20:05:30 794,624 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-01-14 22:08:08 794,624 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-05-14 20:05:30 249,856 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-01-14 22:08:08 249,856 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-05-14 20:05:30 61,440 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-01-14 22:08:08 61,440 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-05-14 20:05:30 23,040 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-01-14 22:08:08 23,040 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-05-14 20:05:30 286,720 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-01-14 22:08:08 286,720 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-05-14 20:05:30 409,600 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-01-14 22:08:08 409,600 ----a-r c:\windows\Installer\{9011040B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-07-07 19:31:29 295,606 ----a-r c:\windows\Installer\{AC76BA86-7AD7-1035-7B44-A81200000003}\SC_Reader.exe
+ 2008-12-06 16:48:09 10,134 ----a-r c:\windows\Installer\{BC4CA8FA-41D2-4B81-8680-E9B7573D6500}\ARPPRODUCTICON.exe
+ 1997-08-26 09:06:34 315,904 ----a-w c:\windows\IsUninst.exe
+ 2006-10-30 02:06:24 74,012 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\baseline.dat
+ 2006-10-30 01:25:56 99,600 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\DeleteTemp.exe
+ 2006-10-29 21:15:06 220,672 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\dlmgr.dll
+ 2006-10-29 21:17:56 1,054,720 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\gencomp.dll
+ 2006-10-29 21:14:26 163,328 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\HtmlLite.dll
+ 2006-10-30 01:25:54 194,320 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\RebootStub.exe
+ 2006-10-30 01:25:56 167,176 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\runmsi.exe
+ 2006-10-30 01:25:56 365,320 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
+ 2006-10-30 01:17:12 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1025.dll
+ 2006-10-30 01:17:30 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1028.dll
+ 2006-10-30 01:17:36 86,016 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1029.dll
+ 2006-10-30 01:17:44 87,040 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1030.dll
+ 2006-10-30 01:17:50 89,600 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1031.dll
+ 2006-10-30 01:17:56 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1032.dll
+ 2006-10-30 01:18:10 82,944 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1035.dll
+ 2006-10-30 01:18:16 91,648 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1036.dll
+ 2006-10-30 01:18:22 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1037.dll
+ 2006-10-30 01:18:30 89,600 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1038.dll
+ 2006-10-30 01:18:36 88,064 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1040.dll
+ 2006-10-30 01:18:42 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1041.dll
+ 2006-10-30 01:18:48 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1042.dll
+ 2006-10-30 01:18:56 87,040 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1043.dll
+ 2006-10-30 01:19:02 83,968 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1044.dll
+ 2006-10-30 01:19:08 86,528 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1045.dll
+ 2006-10-30 01:19:14 84,480 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1046.dll
+ 2006-10-30 01:19:28 82,944 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1049.dll
+ 2006-10-30 01:19:34 83,968 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1053.dll
+ 2006-10-30 01:19:42 82,432 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.1055.dll
+ 2006-10-30 01:17:24 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.2052.dll
+ 2006-10-30 01:19:22 90,624 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.2070.dll
+ 2006-10-30 01:18:02 90,112 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.3082.dll
+ 2006-10-29 21:15:20 80,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setupres.dll
+ 2006-10-29 21:15:22 1,621,504 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\SITSetup.dll
+ 2006-10-30 01:17:14 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1025.dll
+ 2006-10-30 01:17:30 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1028.dll
+ 2006-10-30 01:17:38 99,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1029.dll
+ 2006-10-30 01:17:44 99,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1030.dll
+ 2006-10-30 01:17:50 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1031.dll
+ 2006-10-30 01:17:58 104,448 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1032.dll
+ 2006-10-30 01:18:10 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1035.dll
+ 2006-10-30 01:18:16 103,424 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1036.dll
+ 2006-10-30 01:18:24 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1037.dll
+ 2006-10-30 01:18:30 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1038.dll
+ 2006-10-30 01:18:36 101,376 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1040.dll
+ 2006-10-30 01:18:42 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1041.dll
+ 2006-10-30 01:18:50 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1042.dll
+ 2006-10-30 01:18:56 99,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1043.dll
+ 2006-10-30 01:19:02 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1044.dll
+ 2006-10-30 01:19:08 99,840 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1045.dll
+ 2006-10-30 01:19:16 99,328 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1046.dll
+ 2006-10-30 01:19:28 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1049.dll
+ 2006-10-30 01:19:36 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1053.dll
+ 2006-10-30 01:19:42 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.1055.dll
+ 2006-10-30 01:17:24 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.2052.dll
+ 2006-10-30 01:19:22 101,376 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.2070.dll
+ 2006-10-30 01:18:04 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.3082.dll
+ 2006-10-29 21:18:36 98,816 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapRes.dll
+ 2006-10-29 21:19:30 1,103,872 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\WapUI.dll
+ 2006-10-29 21:16:52 1,139,712 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\vs_setup.dll
+ 2006-10-29 21:18:26 590,848 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\vs70uimgr.dll
+ 2006-10-29 21:20:20 541,184 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\vsbasereqs.dll
+ 2006-10-29 21:18:12 816,128 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\vsscenario.dll
+ 2006-10-30 01:34:02 159,744 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2006-10-30 01:33:58 741,376 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-11-12 19:17:11 626,440 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\install.exe
+ 2008-11-12 19:17:11 80,896 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\install.res.1033.dll
+ 2006-10-30 01:34:00 352,256 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2006-10-30 01:34:00 151,552 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2006-10-30 01:34:02 2,560 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2006-10-30 01:34:02 61,440 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2006-10-30 01:34:02 11,264 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2006-10-30 01:34:00 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMDiagnostics.dll
+ 2006-10-30 01:34:02 122,880 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2006-10-30 01:34:02 884,736 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2006-10-30 01:34:02 5,623,808 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2006-10-30 01:34:00 159,744 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2006-10-30 01:34:00 16,384 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2006-10-30 01:34:02 143,360 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2006-07-25 19:32:00 14,648 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2006-10-20 14:08:52 797,696 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2006-10-20 14:09:02 4,874,240 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2006-10-20 12:03:40 2,628,608 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2006-10-20 19:29:46 72,992 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2006-10-20 19:21:24 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2006-10-20 19:21:24 36,864 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2006-10-20 19:29:52 106,272 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2006-10-20 19:21:26 897,024 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2006-10-20 19:21:26 14,848 ----a-w c:\windows\Microsoft.NET\Framework\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe
- 2000-08-31 05:00:00 28,160 ----a-w c:\windows\Nircmd.exe
+ 2000-08-31 06:00:00 29,696 ----a-w c:\windows\NIRCMD.exe
- 2000-08-31 05:00:00 161,792 ----a-w c:\windows\swreg.exe
+ 2000-08-31 06:00:00 161,792 ----a-w c:\windows\swreg.exe
- 2008-03-01 13:01:50 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-10-16 20:18:32 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelFrench.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelGerman.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelJapanese.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelKorean.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelPortugese.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelSimplifiedChinese.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelSpanish.dll
+ 2008-10-07 07:13:20 58,648 ----a-w c:\windows\system32\AgCPanelSwedish.dll
+ 2008-10-07 07:13:22 58,648 ----a-w c:\windows\system32\AgCPanelTraditionalChinese.dll
+ 2008-10-07 07:13:18 199,885 ----a-w c:\windows\system32\AGEIA\AG1011\app.bin
+ 2008-10-07 07:13:20 119,473 ----a-w c:\windows\system32\AGEIA\AG1011\diag.bin
+ 2008-10-07 07:13:20 214,629 ----a-w c:\windows\system32\AGEIA\AG1021\app.bin
+ 2008-10-07 07:13:20 116,977 ----a-w c:\windows\system32\AGEIA\AG1021\diag.bin
+ 2006-10-18 19:47:08 276,992 ------w c:\windows\system32\audiodev.dll
+ 2008-07-07 08:47:37 10,520 ----a-w c:\windows\system32\avgrsstx.dll
+ 2008-09-27 19:05:33 30,720 ----a-w c:\windows\system32\bbcap.dll
+ 2008-09-27 19:05:33 4,608 ----a-w c:\windows\system32\bbchlp.dll
- 2005-01-28 11:44:28 294,912 ----a-w c:\windows\system32\blackbox.dll
+ 2006-10-18 19:47:10 542,720 ----a-w c:\windows\system32\blackbox.dll
- 2007-07-30 17:19:20 92,504 ----a-w c:\windows\system32\cdm.dll
+ 2008-10-16 12:09:44 92,696 ----a-w c:\windows\system32\cdm.dll
- 2005-01-28 11:44:28 164,864 ----a-w c:\windows\system32\cewmdm.dll
+ 2006-10-18 19:47:10 229,376 ----a-w c:\windows\system32\cewmdm.dll
- 2008-03-14 17:32:26 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-08-23 12:39:08 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2008-03-14 17:32:26 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\index.dat
+ 2008-08-23 12:39:08 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\index.dat
+ 2008-08-22 23:55:33 78,924 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat
+ 2005-03-31 01:06:00 36,864 ----a-r c:\windows\system32\CtCamMgr.dll
+ 2004-11-16 01:05:00 36,864 ----a-r c:\windows\system32\CtRegApp.dll
+ 2007-03-12 14:42:30 1,123,696 ----a-w c:\windows\system32\D3DCompiler_33.dll
+ 2007-05-16 14:45:16 1,124,720 ----a-w c:\windows\system32\D3DCompiler_34.dll
+ 2007-07-19 16:14:42 1,358,192 ----a-w c:\windows\system32\D3DCompiler_35.dll
+ 2007-10-12 13:14:00 1,374,232 ----a-w c:\windows\system32\D3DCompiler_36.dll
+ 2008-03-05 13:56:58 1,420,824 ----a-w c:\windows\system32\D3DCompiler_37.dll
+ 2008-05-30 12:11:46 1,491,992 ----a-w c:\windows\system32\D3DCompiler_38.dll
+ 2008-07-10 09:00:58 1,493,528 ----a-w c:\windows\system32\D3DCompiler_39.dll
+ 2008-10-10 02:52:38 2,036,576 ----a-w c:\windows\system32\D3DCompiler_40.dll
+ 2007-03-15 14:57:58 443,752 ----a-w c:\windows\system32\d3dx10_33.dll
+ 2007-05-16 14:45:16 443,752 ----a-w c:\windows\system32\d3dx10_34.dll
+ 2007-07-19 16:14:42 444,776 ----a-w c:\windows\system32\d3dx10_35.dll
+ 2007-10-02 07:56:34 444,776 ----a-w c:\windows\system32\d3dx10_36.dll
+ 2008-02-05 21:07:36 462,864 ----a-w c:\windows\system32\d3dx10_37.dll
+ 2008-05-30 12:11:46 467,984 ----a-w c:\windows\system32\d3dx10_38.dll
+ 2008-07-10 09:01:00 467,984 ----a-w c:\windows\system32\d3dx10_39.dll
+ 2008-10-10 02:52:38 452,440 ----a-w c:\windows\system32\d3dx10_40.dll
+ 2007-12-26 14:30:00 679,936 ----a-w c:\windows\system32\D3DX81ab.dll
+ 2007-12-26 14:30:00 1,970,176 ----a-w c:\windows\system32\d3dx9.dll
+ 2006-10-30 17:25:00 2,414,360 ----a-w c:\windows\system32\d3dx9_31.dll
+ 2006-11-29 11:06:18 3,426,072 ----a-w c:\windows\system32\d3dx9_32.dll
+ 2007-03-12 14:42:30 3,495,784 ----a-w c:\windows\system32\d3dx9_33.dll
+ 2007-05-16 14:45:16 3,497,832 ----a-w c:\windows\system32\d3dx9_34.dll
+ 2007-07-19 16:14:42 3,727,720 ----a-w c:\windows\system32\d3dx9_35.dll
+ 2007-10-12 13:14:00 3,734,536 ----a-w c:\windows\system32\d3dx9_36.dll
+ 2008-03-05 13:56:58 3,786,760 ----a-w c:\windows\system32\D3DX9_37.dll
+ 2008-05-30 12:11:46 3,850,760 ----a-w c:\windows\system32\D3DX9_38.dll
+ 2008-07-10 09:00:58 3,851,784 ----a-w c:\windows\system32\D3DX9_39.dll
+ 2008-10-10 02:52:38 4,379,984 ----a-w c:\windows\system32\D3DX9_40.dll
- 2008-03-01 13:01:50 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
+ 2008-10-16 20:18:32 124,928 -c----w c:\windows\system32\dllcache\advpack.dll
- 2004-09-15 12:00:00 138,496 -c--a-w c:\windows\system32\dllcache\afd.sys
+ 2008-08-14 09:51:43 138,368 -c--a-w c:\windows\system32\dllcache\afd.sys
- 2005-01-28 11:44:28 294,912 -c--a-w c:\windows\system32\dllcache\blackbox.dll
+ 2006-10-18 19:47:10 542,720 -c--a-w c:\windows\system32\dllcache\blackbox.dll
- 2004-09-14 13:06:48 274,304 -c--a-w c:\windows\system32\dllcache\bthport.sys
+ 2008-06-14 17:59:49 272,128 -c--a-w c:\windows\system32\dllcache\bthport.sys
- 2007-07-30 17:19:20 92,504 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 12:09:44 92,696 -c--a-w c:\windows\system32\dllcache\cdm.dll
- 2005-01-28 11:44:28 164,864 -c--a-w c:\windows\system32\dllcache\cewmdm.dll
+ 2006-10-18 19:47:10 229,376 -c--a-w c:\windows\system32\dllcache\cewmdm.dll
- 2008-02-20 05:38:03 148,992 -c--a-w c:\windows\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:41:09 148,992 -c--a-w c:\windows\system32\dllcache\dnsapi.dll
- 2005-01-28 11:44:28 502,272 -c--a-w c:\windows\system32\dllcache\drmv2clt.dll
+ 2006-10-18 19:47:10 991,744 -c--a-w c:\windows\system32\dllcache\drmv2clt.dll
- 2008-03-01 13:01:50 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 20:18:32 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-03-01 13:01:50 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 20:18:32 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll
- 2005-07-26 04:40:30 243,200 -c--a-w c:\windows\system32\dllcache\es.dll
+ 2008-07-07 20:31:56 253,952 -c--a-w c:\windows\system32\dllcache\es.dll
- 2008-03-01 13:01:50 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 20:18:32 133,120 -c----w c:\windows\system32\dllcache\extmgr.dll
+ 2006-10-14 14:43:18 27,648 -c----w c:\windows\system32\dllcache\FilterPipelinePrintProc.dll
- 2008-02-20 06:51:32 282,624 -c--a-w c:\windows\system32\dllcache\gdi32.dll
+ 2008-10-23 13:00:00 283,648 -c--a-w c:\windows\system32\dllcache\gdi32.dll
- 2008-03-01 13:01:50 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2008-10-16 20:18:32 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
- 2008-02-29 08:55:56 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-10-16 13:12:19 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-03-01 13:01:50 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-10-16 20:18:33 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll
- 2008-03-01 13:01:50 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-10-16 20:18:33 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll
- 2008-02-15 05:44:25 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
+ 2008-10-15 07:04:53 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
- 2008-03-01 13:01:51 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-10-16 20:18:33 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-03-01 13:01:51 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-10-16 20:18:33 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-03-01 13:01:51 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-16 20:18:37 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
- 2008-03-01 13:01:51 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
+ 2008-10-16 20:18:37 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll
- 2008-03-01 13:01:51 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2008-10-16 20:18:37 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
- 2008-02-22 10:00:51 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
- 2008-02-29 08:56:25 625,664 -c----w c:\windows\system32\dllcache\iexplore.exe
+ 2008-10-15 07:06:26 633,632 -c----w c:\windows\system32\dllcache\iexplore.exe
- 2007-08-21 06:17:25 683,520 -c--a-w c:\windows\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:51:34 683,520 -c--a-w c:\windows\system32\dllcache\inetcomm.dll
- 2008-03-01 13:01:51 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 20:18:38 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll
- 2005-01-28 11:44:28 6,656 -c--a-w c:\windows\system32\dllcache\laprxy.dll
+ 2006-10-18 19:47:14 11,264 -c--a-w c:\windows\system32\dllcache\LAPRXY.dll
- 2005-01-28 11:44:28 96,768 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-17 23:09:22 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
- 2004-09-15 12:00:00 72,704 -c--a-w c:\windows\system32\dllcache\magnify.exe
+ 2006-10-04 13:33:17 72,704 -c--a-w c:\windows\system32\dllcache\magnify.exe
+ 2004-09-14 14:06:10 23,040 -c--a-w c:\windows\system32\dllcache\mouclass.sys
+ 2001-10-05 13:59:32 12,160 -c--a-w c:\windows\system32\dllcache\mouhid.sys
- 2004-09-15 12:00:00 310,272 -c--a-w c:\windows\system32\dllcache\mp43dmod.dll
+ 2006-10-18 19:47:14 4,096 -c--a-w c:\windows\system32\dllcache\MP43DMOD.dll
- 2004-09-15 12:00:00 384,512 -c--a-w c:\windows\system32\dllcache\mp4sdmod.dll
+ 2006-10-18 19:47:14 4,096 -c--a-w c:\windows\system32\dllcache\MP4SDMOD.dll
- 2004-09-15 12:00:00 240,640 -c--a-w c:\windows\system32\dllcache\mpg4dmod.dll
+ 2006-10-18 19:47:14 4,096 -c--a-w c:\windows\system32\dllcache\MPG4DMOD.dll
- 2006-05-05 09:41:45 453,120 -c----w c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 -c----w c:\windows\system32\dllcache\mrxsmb.sys
- 2004-09-15 12:00:00 331,776 -c--a-w c:\windows\system32\dllcache\msadce.dll
+ 2008-05-01 14:32:24 331,776 -c--a-w c:\windows\system32\dllcache\msadce.dll
- 2005-06-29 01:49:52 74,240 -c--a-w c:\windows\system32\dllcache\mscms.dll
+ 2008-06-24 16:23:58 74,240 -c--a-w c:\windows\system32\dllcache\mscms.dll
- 2008-03-01 13:01:52 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-10-16 20:18:38 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
- 2008-03-01 13:01:52 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-10-16 20:18:38 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-03-01 15:31:54 3,591,680 -c----w c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-13 06:37:58 3,593,216 -c----w c:\windows\system32\dllcache\mshtml.dll
- 2008-03-01 13:01:53 478,208 -c----w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 20:18:41 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll
- 2005-01-28 11:44:28 142,336 -c--a-w c:\windows\system32\dllcache\msnetobj.dll
+ 2006-10-18 19:47:16 179,712 -c--a-w c:\windows\system32\dllcache\msnetobj.dll
- 2005-01-28 11:44:28 25,088 -c--a-w c:\windows\system32\dllcache\mspmsnsv.dll
+ 2006-10-18 19:47:16 27,136 -c--a-w c:\windows\system32\dllcache\mspmsnsv.dll
- 2005-01-28 11:44:28 173,568 -c--a-w c:\windows\system32\dllcache\mspmsp.dll
+ 2006-10-18 19:47:16 175,616 -c--a-w c:\windows\system32\dllcache\mspmsp.dll
- 2008-03-01 13:01:53 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 20:18:41 193,024 -c----w c:\windows\system32\dllcache\msrating.dll
- 2005-01-28 11:44:28 364,784 -c--a-w c:\windows\system32\dllcache\msscp.dll
+ 2006-12-04 14:21:50 414,720 -c--a-w c:\windows\system32\dllcache\msscp.dll
- 2008-03-01 13:01:53 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 20:18:42 671,232 -c----w c:\windows\system32\dllcache\mstime.dll
- 2005-01-28 11:44:28 315,904 -c--a-w c:\windows\system32\dllcache\mswmdm.dll
+ 2006-10-18 19:47:16 321,536 -c--a-w c:\windows\system32\dllcache\mswmdm.dll
- 2004-09-15 12:00:00 246,784 -c--a-w c:\windows\system32\dllcache\mswsock.dll
+ 2008-06-20 17:41:09 246,784 -c--a-w c:\windows\system32\dllcache\mswsock.dll
- 2007-06-26 06:09:33 1,104,896 -c--a-w c:\windows\system32\dllcache\msxml3.dll
+ 2008-09-04 16:45:24 1,106,944 -c--a-w c:\windows\system32\dllcache\msxml3.dll
- 2004-09-15 12:00:00 54,272 -c--a-w c:\windows\system32\dllcache\narrator.exe
+ 2006-10-04 13:33:16 54,272 -c--a-w c:\windows\system32\dllcache\narrator.exe
- 2006-08-17 12:28:30 332,288 -c--a-w c:\windows\system32\dllcache\netapi32.dll
+ 2008-10-15 17:00:03 332,800 -c--a-w c:\windows\system32\dllcache\netapi32.dll
- 2007-02-28 16:02:38 2,138,624 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-14 13:46:12 2,138,624 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
- 2007-02-28 16:02:46 2,059,904 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-08-14 13:46:15 2,060,032 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
- 2007-02-28 16:02:38 2,018,304 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-08-14 13:46:10 2,018,304 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
- 2007-02-28 16:02:46 2,182,656 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-08-14 13:46:14 2,182,656 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
- 2007-11-06 23:00:00 5,770,880 -c--a-w c:\windows\system32\dllcache\nv4_disp.dll
+ 2008-10-07 11:33:00 6,058,112 -c--a-w c:\windows\system32\dllcache\nv4_disp.dll
- 2007-11-06 23:00:00 7,429,088 -c--a-w c:\windows\system32\dllcache\nv4_mini.sys
+ 2009-01-15 06:19:00 6,301,248 -c--a-w c:\windows\system32\dllcache\nv4_mini.sys
- 2008-03-01 13:01:53 102,912 -c----w c:\windows\system32\dllcache\occache.dll
+ 2008-10-16 20:18:42 102,912 -c----w c:\windows\system32\dllcache\occache.dll
- 2004-09-15 12:00:00 216,064 -c--a-w c:\windows\system32\dllcache\osk.exe
+ 2006-10-04 13:33:17 216,064 -c--a-w c:\windows\system32\dllcache\osk.exe
- 2008-03-01 13:01:53 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 20:18:42 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll
+ 2006-10-14 14:44:44 671,744 -c----w c:\windows\system32\dllcache\PrintFilterPipelineSvc.exe
- 2005-01-28 11:44:28 221,184 -c--a-w c:\windows\system32\dllcache\qasf.dll
+ 2006-10-18 19:47:18 211,456 -c--a-w c:\windows\system32\dllcache\qasf.dll
- 2007-10-29 22:43:51 1,288,192 -c--a-w c:\windows\system32\dllcache\quartz.dll
+ 2008-05-07 05:15:43 1,288,192 -c--a-w c:\windows\system32\dllcache\quartz.dll
- 2006-07-13 08:48:58 202,240 -c--a-w c:\windows\system32\dllcache\rmcast.sys
+ 2008-05-08 12:28:49 202,752 -c--a-w c:\windows\system32\dllcache\rmcast.sys
- 2006-08-14 10:34:41 332,928 -c--a-w c:\windows\system32\dllcache\srv.sys
+ 2008-12-11 11:57:21 333,184 -c--a-w c:\windows\system32\dllcache\srv.sys
- 2006-08-24 11:19:40 246,814 -c--a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:17:02 247,326 -c--a-w c:\windows\system32\dllcache\strmdll.dll
- 2007-10-30 17:20:55 360,064 -c--a-w c:\windows\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w c:\windows\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c--a-w c:\windows\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w c:\windows\system32\dllcache\tcpip6.sys
- 2004-09-15 12:00:00 36,352 -c--a-w c:\windows\system32\dllcache\umandlg.dll
+ 2006-10-04 13:38:23 36,352 -c--a-w c:\windows\system32\dllcache\umandlg.dll
- 2008-03-01 13:01:53 105,984 -c----w c:\windows\system32\dllcache\url.dll
+ 2008-10-16 20:18:42 105,984 -c----w c:\windows\system32\dllcache\url.dll
- 2008-03-01 13:01:53 1,159,680 -c----w c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 20:18:43 1,160,192 -c----w c:\windows\system32\dllcache\urlmon.dll
- 2004-09-15 12:00:00 50,176 -c--a-w c:\windows\system32\dllcache\utilman.exe
+ 2006-10-04 13:33:16 50,176 -c--a-w c:\windows\system32\dllcache\utilman.exe
- 2008-03-01 13:01:53 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
+ 2008-10-16 20:18:43 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll
+ 2004-09-14 13:12:00 53,760 -c--a-w c:\windows\system32\dllcache\vfwwdm32.dll
- 2008-03-20 08:09:41 1,845,504 -c--a-w c:\windows\system32\dllcache\win32k.sys
+ 2008-09-15 15:40:30 1,846,272 -c--a-w c:\windows\system32\dllcache\win32k.sys
- 2008-03-01 13:01:53 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 20:18:43 826,368 -c----w c:\windows\system32\dllcache\wininet.dll
- 2005-01-28 11:44:28 396,528 -c--a-w c:\windows\system32\dllcache\wmadmod.dll
+ 2006-10-18 19:47:18 757,248 -c--a-w c:\windows\system32\dllcache\WMADMOD.dll
- 2005-01-28 11:44:28 716,288 -c--a-w c:\windows\system32\dllcache\wmadmoe.dll
+ 2006-10-18 19:47:18 1,117,696 -c--a-w c:\windows\system32\dllcache\WMADMOE.dll
- 2007-10-20 04:01:32 227,328 -c--a-w c:\windows\system32\dllcache\wmasf.dll
+ 2007-10-25 07:28:30 222,720 -c--a-w c:\windows\system32\dllcache\wmasf.dll
- 2005-01-28 11:44:28 28,160 -c--a-w c:\windows\system32\dllcache\wmdmlog.dll
+ 2006-10-18 19:47:18 33,792 -c--a-w c:\windows\system32\dllcache\wmdmlog.dll
- 2005-01-28 11:44:28 33,792 -c--a-w c:\windows\system32\dllcache\wmdmps.dll
+ 2006-10-18 19:47:18 37,376 -c--a-w c:\windows\system32\dllcache\wmdmps.dll
- 2005-01-28 11:44:28 150,016 -c--a-w c:\windows\system32\dllcache\wmidx.dll
+ 2006-10-18 19:47:20 157,184 -c--a-w c:\windows\system32\dllcache\wmidx.dll
- 2005-01-28 11:44:28 1,027,072 -c--a-w c:\windows\system32\dllcache\wmnetmgr.dll
+ 2008-06-18 03:03:08 938,496 -c--a-w c:\windows\system32\dllcache\WMNetmgr.dll
- 2005-01-28 11:44:28 774,904 -c--a-w c:\windows\system32\dllcache\wmsdmod.dll
+ 2006-10-18 19:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmsdmod.dll
- 2005-01-28 11:44:28 1,119,744 -c--a-w c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2006-10-18 19:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmsdmoe2.dll
- 2005-01-28 11:44:28 413,944 -c--a-w c:\windows\system32\dllcache\wmspdmod.dll
+ 2006-10-18 19:47:22 603,648 -c--a-w c:\windows\system32\dllcache\WMSPDMOD.dll
- 2005-01-28 11:44:28 940,544 -c--a-w c:\windows\system32\dllcache\wmspdmoe.dll
+ 2006-10-18 19:47:22 1,329,152 -c--a-w c:\windows\system32\dllcache\WMSPDMOE.dll
- 2006-12-07 05:29:34 2,374,472 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 03:03:14 2,458,112 -c--a-w c:\windows\system32\dllcache\WMVCore.dll
- 2005-01-28 11:44:28 895,736 -c--a-w c:\windows\system32\dllcache\wmvdmod.dll
+ 2006-10-18 19:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmvdmod.dll
- 2005-01-28 11:44:28 1,003,008 -c--a-w c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2006-10-18 19:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmvdmoe2.dll
- 2007-07-30 17:19:36 549,720 -c--a-w c:\windows\system32\dllcache\wuapi.dll
+ 2008-10-16 12:12:20 561,688 -c--a-w c:\windows\system32\dllcache\wuapi.dll
- 2007-07-30 17:19:16 53,080 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 12:09:44 51,224 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
- 2007-07-30 17:19:42 1,712,984 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 12:13:40 1,809,944 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
- 2007-07-30 17:19:32 325,976 -c--a-w c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 12:12:22 323,608 -c--a-w c:\windows\system32\dllcache\wucltui.dll
- 2007-07-30 17:18:40 33,624 -c--a-w c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 12:08:58 34,328 -c--a-w c:\windows\system32\dllcache\wups.dll
- 2007-07-30 17:19:46 203,096 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2008-10-16 12:13:40 202,776 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2006-10-14 18:21:58 580,352 -c----w c:\windows\system32\dllcache\XPSSHHDR.dll
+ 2006-10-14 18:22:00 1,698,048 -c----w c:\windows\system32\dllcache\XpsSvcs.dll
+ 2007-07-24 12:17:08 81,920 ----a-w c:\windows\system32\dns-sd.exe
- 2008-02-20 05:38:03 148,992 ----a-w c:\windows\system32\dnsapi.dll
+ 2008-06-20 17:41:09 148,992 ----a-w c:\windows\system32\dnsapi.dll
+ 2007-07-24 12:17:08 61,440 ----a-w c:\windows\system32\dnssd.dll
- 2004-09-15 12:00:00 138,496 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-07-07 08:47:36 96,520 ----a-w c:\windows\system32\drivers\avgldx86.sys
- 2008-03-14 19:02:37 26,952 ----a-w c:\windows\system32\drivers\avgmfx86.sys
+ 2008-07-07 08:47:36 26,824 ----a-w c:\windows\system32\drivers\avgmfx86.sys
+ 2008-04-29 08:19:50 12,960 ----a-w c:\windows\system32\drivers\Awrtpd.sys
+ 2008-04-29 08:19:54 15,648 ----a-w c:\windows\system32\drivers\Awrtrd.sys
+ 2008-09-27 19:05:33 4,096 ----a-w c:\windows\system32\drivers\bbcap.sys
- 2004-09-14 13:06:48 274,304 ----a-w c:\windows\system32\drivers\bthport.sys
+ 2008-06-14 17:59:49 272,128 ----a-w c:\windows\system32\drivers\bthport.sys
+ 2006-06-01 15:47:40 334,976 ----a-w c:\windows\system32\drivers\dumant.sys
- 2004-09-15 12:00:00 23,040 ----a-w c:\windows\system32\drivers\mouclass.sys
+ 2004-09-14 14:06:10 23,040 ----a-w c:\windows\system32\drivers\mouclass.sys
- 2004-09-15 12:00:00 12,160 ----a-w c:\windows\system32\drivers\mouhid.sys
+ 2001-10-05 13:59:32 12,160 ----a-w c:\windows\system32\drivers\mouhid.sys
- 2006-05-05 09:41:45 453,120 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-04-29 08:20:00 15,648 ----a-w c:\windows\system32\drivers\NSDriver.sys
- 2007-11-06 23:00:00 7,429,088 ----a-w c:\windows\system32\drivers\nv4_mini.sys
+ 2009-01-15 06:19:00 6,301,248 ----a-w c:\windows\system32\drivers\nv4_mini.sys
- 2006-07-13 08:48:58 202,240 ----a-w c:\windows\system32\drivers\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w c:\windows\system32\drivers\rmcast.sys
+ 2005-04-04 10:43:22 48,640 ----a-w c:\windows\system32\drivers\sfdrv01.sys
+ 2005-02-23 15:59:54 6,656 ----a-w c:\windows\system32\drivers\sfhlp02.sys
+ 2005-04-14 12:12:32 19,968 ----a-w c:\windows\system32\drivers\sfsync02.sys
- 2007-10-30 17:20:55 360,064 ----a-w c:\windows\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w c:\windows\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30 225,664 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2006-10-18 19:47:22 671,232 ------w c:\windows\system32\drivers\UMDF\wpdmtpdr.dll
+ 2005-04-14 01:00:00 138,112 ----a-r c:\windows\system32\drivers\V0090Vid.sys
+ 2008-10-06 09:53:24 15,656 ----a-w c:\windows\system32\drivers\wacmoumonitor.sys
+ 2007-02-16 09:12:36 11,312 ----a-w c:\windows\system32\drivers\wacommousefilter.sys
+ 2008-07-11 09:16:50 13,352 ----a-w c:\windows\system32\drivers\wacomvhid.sys
+ 2007-02-15 14:11:28 11,440 ----a-w c:\windows\system32\drivers\WacomVKHid.sys
- 2005-01-28 11:44:28 18,944 ----a-w c:\windows\system32\drivers\wpdusb.sys
+ 2006-10-18 18:00:00 38,528 ----a-w c:\windows\system32\drivers\wpdusb.sys
+ 2006-09-28 16:55:50 77,568 ------w c:\windows\system32\drivers\WudfPf.sys
+ 2006-09-28 17:00:34 82,944 ------w c:\windows\system32\drivers\WudfRd.sys
+ 2006-10-18 18:00:46 249,856 ------w c:\windows\system32\drmupgds.exe
- 2005-01-28 11:44:28 502,272 ----a-w c:\windows\system32\drmv2clt.dll
+ 2006-10-18 19:47:10 991,744 ----a-w c:\windows\system32\drmv2clt.dll
+ 2008-07-10 06:35:22 32,000 -c--a-w c:\windows\system32\DRVSTORE\usbaapl_97B931EF204A3188AFFD15A9A5337268E8B6F312\usbaapl.sys
- 2008-03-01 13:01:50 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-10-16 20:18:32 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-03-01 13:01:50 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-10-16 20:18:32 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2006-10-20 19:29:46 69,408 ----a-w c:\windows\system32\dxva2.dll
- 2005-07-26 04:40:30 243,200 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:31:56 253,952 ----a-w c:\windows\system32\es.dll
+ 2006-10-20 19:30:00 478,496 ----a-w c:\windows\system32\evr.dll
- 2008-03-01 13:01:50 133,120 ------w c:\windows\system32\extmgr.dll
+ 2008-10-16 20:18:32 133,120 ------w c:\windows\system32\extmgr.dll
- 2008-05-23 13:17:31 169,896 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-11-13 14:54:11 185,016 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2008-02-20 06:51:32 282,624 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 13:00:00 283,648 ----a-w c:\windows\system32\gdi32.dll
- 2004-08-17 12:00:00 1,700,352 ----a-r c:\windows\system32\GdiPlus.dll
+ 2008-06-11 11:49:44 1,645,320 ----a-r c:\windows\system32\gdiplus.dll
+ 2006-10-30 01:33:58 556,296 ----a-w c:\windows\system32\icardagt.exe
- 2008-03-01 13:01:50 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-10-16 20:18:32 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2006-10-30 01:33:58 9,480 ----a-w c:\windows\system32\icardres.dll
- 2008-02-29 08:55:56 70,656 ------w c:\windows\system32\ie4uinit.exe
+ 2008-10-16 13:12:19 70,656 ------w c:\windows\system32\ie4uinit.exe
- 2008-03-01 13:01:50 153,088 ------w c:\windows\system32\ieakeng.dll
+ 2008-10-16 20:18:33 153,088 ------w c:\windows\system32\ieakeng.dll
- 2008-03-01 13:01:50 230,400 ------w c:\windows\system32\ieaksie.dll
+ 2008-10-16 20:18:33 230,400 ------w c:\windows\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ------w c:\windows\system32\ieakui.dll
+ 2008-10-15 07:04:53 161,792 ------w c:\windows\system32\ieakui.dll
- 2008-03-01 13:01:51 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-10-16 20:18:33 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-03-01 13:01:51 384,512 ------w c:\windows\system32\iedkcs32.dll
+ 2008-10-16 20:18:33 384,512 ------w c:\windows\system32\iedkcs32.dll
- 2008-03-01 13:01:51 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-10-16 20:18:37 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2008-03-01 13:01:51 44,544 ------w c:\windows\system32\iernonce.dll
+ 2008-10-16 20:18:37 44,544 ------w c:\windows\system32\iernonce.dll
- 2008-03-01 13:01:51 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-10-16 20:18:37 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2007-08-21 06:17:25 683,520 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 18:51:34 683,520 ----a-w c:\windows\system32\inetcomm.dll
+ 2006-10-30 01:33:58 83,968 ----a-w c:\windows\system32\infocardapi.dll
- 2008-02-21 23:23:35 135,168 ----a-w c:\windows\system32\java.exe
+ 2008-12-24 10:05:52 144,792 ----a-w c:\windows\system32\java.exe
- 2008-02-21 23:23:39 135,168 ----a-w c:\windows\system32\javaw.exe
+ 2008-12-24 10:05:52 144,792 ----a-w c:\windows\system32\javaw.exe
- 2008-02-22 00:33:32 139,264 ----a-w c:\windows\system32\javaws.exe
+ 2008-12-24 10:05:52 148,888 ----a-w c:\windows\system32\javaws.exe
- 2008-03-01 13:01:51 27,648 ------w c:\windows\system32\jsproxy.dll
+ 2008-10-16 20:18:38 27,648 ------w c:\windows\system32\jsproxy.dll
+ 2008-08-04 20:06:09 34,304 ----a-w c:\windows\system32\june05FHMcom dir\saver1.dll
+ 2008-08-04 20:06:09 18,192 ----a-w c:\windows\system32\june05FHMcom dir\saver2.dll
+ 2008-08-04 20:06:08 197,120 ----a-w c:\windows\system32\june05FHMcom.scr
- 2007-11-06 23:00:00 425,984 ----a-w c:\windows\system32\keystone.exe
+ 2009-01-15 06:19:00 436,768 ----a-w c:\windows\system32\keystone.exe
+ 2008-07-16 13:36:13 47,104 ----a-w c:\windows\system32\KMVIDC32.DLL
- 2005-01-28 11:44:28 6,656 ----a-w c:\windows\system32\laprxy.dll
+ 2006-10-18 19:47:14 11,264 ----a-w c:\windows\system32\LAPRXY.dll
- 2005-01-28 11:44:28 96,768 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-17 23:09:22 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2008-05-16 08:58:04 12,632 ----a-w c:\windows\system32\lsdelete.exe
- 2007-11-21 00:52:38 2,884,992 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2008-10-05 03:24:02 3,695,008 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2007-11-21 00:52:40 218,496 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-10-05 03:24:04 235,936 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2008-04-15 15:20:43 74,137 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-12-06 16:46:26 74,137 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
- 2008-03-14 20:38:34 70,264 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-11-08 22:27:49 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2004-09-15 12:00:00 72,704 ----a-w c:\windows\system32\magnify.exe
+ 2006-10-04 13:33:17 72,704 ----a-w c:\windows\system32\magnify.exe
+ 2006-10-18 19:47:14 212,992 ------w c:\windows\system32\MFPLAT.dll
+ 2006-10-20 19:30:06 1,980,704 ----a-w c:\windows\system32\milcore.dll
+ 2006-10-18 19:47:14 259,072 ------w c:\windows\system32\MP43DECD.dll
- 2004-09-15 12:00:00 310,272 ----a-w c:\windows\system32\mp43dmod.dll
+ 2006-10-18 19:47:14 4,096 ----a-w c:\windows\system32\MP43DMOD.dll
+ 2006-10-18 19:47:14 317,440 ------w c:\windows\system32\MP4SDECD.dll
- 2004-09-15 12:00:00 384,512 ----a-w c:\windows\system32\mp4sdmod.dll
+ 2006-10-18 19:47:14 4,096 ----a-w c:\windows\system32\MP4SDMOD.dll
+ 2006-10-18 19:47:14 259,072 ------w c:\windows\system32\MPG4DECD.dll
- 2004-09-15 12:00:00 240,640 ----a-w c:\windows\system32\mpg4dmod.dll
+ 2006-10-18 19:47:14 4,096 ----a-w c:\windows\system32\MPG4DMOD.dll
- 2008-05-09 21:35:04 16,863,864 ----a-w c:\windows\system32\MRT.exe
+ 2008-05-29 23:35:11 17,486,968 ----a-w c:\windows\system32\MRT.exe
- 2005-06-29 01:49:52 74,240 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:23:58 74,240 ----a-w c:\windows\system32\mscms.dll
- 2008-03-01 13:01:52 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-10-16 20:18:38 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-03-01 13:01:52 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-10-16 20:18:38 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-03-01 15:31:54 3,591,680 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-13 06:37:58 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-03-01 13:01:53 478,208 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-10-16 20:18:41 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2007-04-30 14:50:50 903,072 ----a-w c:\windows\system32\msidcrl40.dll
- 2005-01-28 11:44:28 142,336 ----a-w c:\windows\system32\msnetobj.dll
+ 2006-10-18 19:47:16 179,712 ----a-w c:\windows\system32\msnetobj.dll
- 2005-01-28 11:44:28 25,088 ----a-w c:\windows\system32\MsPMSNSv.dll
+ 2006-10-18 19:47:16 27,136 ----a-w c:\windows\system32\mspmsnsv.dll
- 2005-01-28 11:44:28 173,568 ----a-w c:\windows\system32\MsPMSP.dll
+ 2006-10-18 19:47:16 175,616 ----a-w c:\windows\system32\mspmsp.dll
- 2008-03-01 13:01:53 193,024 ------w c:\windows\system32\msrating.dll
+ 2008-10-16 20:18:41 193,024 ------w c:\windows\system32\msrating.dll
- 2005-01-28 11:44:28 364,784 ----a-w c:\windows\system32\MSSCP.dll
+ 2006-12-04 14:21:50 414,720 ----a-w c:\windows\system32\msscp.dll
- 2008-03-01 13:01:53 671,232 ------w c:\windows\system32\mstime.dll
+ 2008-10-16 20:18:42 671,232 ------w c:\windows\system32\mstime.dll
+ 2008-07-29 10:57:20 344,064 ----a-w c:\windows\system32\msvcr70.dll
- 2005-01-28 11:44:28 315,904 ----a-w c:\windows\system32\MSWMDM.dll
+ 2006-10-18 19:47:16 321,536 ----a-w c:\windows\system32\mswmdm.dll
- 2004-09-15 12:00:00 246,784 ----a-w c:\windows\system32\mswsock.dll
+ 2008-06-20 17:41:09 246,784 ----a-w c:\windows\system32\mswsock.dll
- 2007-06-26 06:09:33 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 16:45:24 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2007-05-08 13:03:04 1,275,392 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 14:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
+ 2008-08-29 18:06:44 1,350,664 ----a-w c:\windows\system32\msxml6.dll
+ 2006-07-19 08:55:18 86,728 ----a-w c:\windows\system32\msxml6r.dll
- 2007-07-30 17:19:10 271,224 ----a-w c:\windows\system32\mucltui.dll
+ 2008-10-16 12:06:48 268,648 ----a-w c:\windows\system32\mucltui.dll
- 2007-07-30 17:19:04 207,736 ----a-w c:\windows\system32\muweb.dll
+ 2008-10-16 12:06:48 208,744 ----a-w c:\windows\system32\muweb.dll
- 2004-09-15 12:00:00 54,272 ----a-w c:\windows\system32\narrator.exe
+ 2006-10-04 13:33:16 54,272 ----a-w c:\windows\system32\narrator.exe
- 2006-08-17 12:28:30 332,288 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 17:00:03 332,800 ----a-w c:\windows\system32\netapi32.dll
+ 2007-02-20 14:04:02 2,463,976 ----a-w c:\windows\system32\NPSWF32.dll
+ 2007-02-20 14:04:04 190,696 ----a-w c:\windows\system32\NPSWF32_FlashUtil.exe
- 2007-02-28 16:02:38 2,018,304 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 13:46:10 2,018,304 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2007-02-28 16:02:38 2,138,624 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 13:46:12 2,138,624 ----a-w c:\windows\system32\ntoskrnl.exe
- 2007-11-06 23:00:00 5,770,880 ----a-w c:\windows\system32\nv4_disp.dll
+ 2009-01-15 06:19:00 6,168,960 ----a-w c:\windows\system32\nv4_disp.dll
- 2007-11-06 23:00:00 385,024 ----a-w c:\windows\system32\nvapi.dll
+ 2009-01-15 06:19:00 663,552 ----a-w c:\windows\system32\nvapi.dll
- 2007-11-06 23:00:00 442,368 ----a-w c:\windows\system32\nvappbar.exe
+ 2009-01-15 06:19:00 449,056 ----a-w c:\windows\system32\nvappbar.exe
- 2007-11-06 23:00:00 35,328 ----a-w c:\windows\system32\nvcod.dll
+ 2009-01-15 06:19:00 135,168 ----a-w c:\windows\system32\nvcod.dll
- 2007-11-06 23:00:00 35,328 ----a-w c:\windows\system32\nvcodins.dll
+ 2009-01-15 06:19:00 135,168 ----a-w c:\windows\system32\nvcodins.dll
- 2007-11-06 23:00:00 147,456 ----a-w c:\windows\system32\nvcolor.exe
+ 2009-01-15 06:19:00 143,360 ----a-w c:\windows\system32\nvcolor.exe
- 2007-11-06 23:00:00 8,523,776 ----a-w c:\windows\system32\nvcpl.dll
+ 2009-01-15 06:19:00 13,680,640 ----a-w c:\windows\system32\nvcpl.dll
- 2007-11-06 23:00:00 757,760 ----a-w c:\windows\system32\nvcplui.exe
+ 2009-01-15 06:19:00 801,312 ----a-w c:\windows\system32\nvcplui.exe
+ 2009-01-15 06:19:00 1,560,576 ----a-w c:\windows\system32\nvcuda.dll
- 2007-11-06 23:00:00 6,541,312 ----a-w c:\windows\system32\nvdisps.dll
+ 2009-01-15 06:19:00 4,710,400 ----a-w c:\windows\system32\nvdisps.dll
- 2007-11-06 23:00:00 1,339,392 ----a-w c:\windows\system32\nvdspsch.exe
+ 2009-01-15 06:19:00 1,346,080 ----a-w c:\windows\system32\nvdspsch.exe
- 2007-11-06 23:00:00 3,407,872 ----a-w c:\windows\system32\nvgames.dll
+ 2009-01-15 06:19:00 3,489,792 ----a-w c:\windows\system32\nvgames.dll
- 2007-11-06 23:00:00 1,474,560 ----a-w c:\windows\system32\nview.dll
+ 2009-01-15 06:19:00 1,507,328 ----a-w c:\windows\system32\nview.dll
+ 2006-06-01 15:47:40 368,640 ----a-w c:\windows\system32\nvimage.dll
- 2007-11-06 23:00:00 1,626,112 ----a-w c:\windows\system32\nwiz.exe
+ 2009-01-15 06:19:00 1,657,376 ----a-w c:\windows\system32\nwiz.exe
- 2007-11-06 23:00:00 229,376 ----a-w c:\windows\system32\nvmccs.dll
+ 2009-01-15 06:19:00 229,376 ----a-w c:\windows\system32\nvmccs.dll
- 2007-11-06 23:00:00 45,056 ----a-w c:\windows\system32\nvmccsrs.dll
+ 2009-01-15 06:19:00 45,056 ----a-w c:\windows\system32\nvmccsrs.dll
- 2007-11-06 23:00:00 188,416 ----a-w c:\windows\system32\nvmccss.dll
+ 2009-01-15 06:19:00 188,416 ----a-w c:\windows\system32\nvmccss.dll
- 2007-11-06 23:00:00 81,920 ----a-w c:\windows\system32\nvmctray.dll
+ 2009-01-15 06:19:00 86,016 ----a-w c:\windows\system32\nvmctray.dll
- 2007-11-06 23:00:00 1,212,416 ----a-w c:\windows\system32\nvmobls.dll
+ 2009-01-15 06:19:00 1,286,144 ----a-w c:\windows\system32\nvmobls.dll
- 2007-11-06 23:00:00 286,720 ----a-w c:\windows\system32\nvnt4cpl.dll
+ 2008-10-07 11:33:00 286,720 ----a-w c:\windows\system32\nvnt4cpl.dll
- 2007-11-06 23:00:00 6,901,760 ----a-w c:\windows\system32\nvoglnt.dll
+ 2009-01-15 06:19:00 9,412,608 ----a-w c:\windows\system32\nvoglnt.dll
- 2007-11-06 23:00:00 466,944 ----a-w c:\windows\system32\nvshell.dll
+ 2009-01-15 06:19:00 466,944 ----a-w c:\windows\system32\nvshell.dll
+ 2006-06-01 15:47:40 4,759,552 ----a-w c:\windows\system32\nvstercp.dll
+ 2006-06-01 15:47:40 159,744 ----a-w c:\windows\system32\nvStInst.exe
+ 2006-06-01 15:47:40 90,112 ----a-w c:\windows\system32\nvstreg.exe
+ 2006-06-01 15:47:40 2,560,000 ----a-w c:\windows\system32\nvstres.dll
+ 2006-06-01 15:47:40 1,482,752 ----a-w c:\windows\system32\nvsttest.exe
+ 2006-06-01 15:47:40 249,856 ----a-w c:\windows\system32\nvstview.exe
- 2007-11-06 23:00:00 155,716 ----a-w c:\windows\system32\nvsvc32.exe
+ 2009-01-15 06:19:00 163,908 ----a-w c:\windows\system32\nvsvc32.exe
- 2007-11-06 23:00:00 356,352 ----a-w c:\windows\system32\nvudisp.exe
+ 2009-01-15 06:19:00 453,152 ----a-w c:\windows\system32\nvudisp.exe
- 2007-11-06 23:00:00 81,920 ----a-w c:\windows\system32\nvwddi.dll
+ 2009-01-15 06:19:00 81,920 ----a-w c:\windows\system32\nvwddi.dll
- 2007-11-06 23:00:00 1,703,936 ----a-w c:\windows\system32\nvwdmcpl.dll
+ 2009-01-15 06:19:00 1,724,416 ----a-w c:\windows\system32\nvwdmcpl.dll
- 2007-11-06 23:00:00 1,019,904 ----a-w c:\windows\system32\nvwimg.dll
+ 2009-01-15 06:19:00 1,101,824 ----a-w c:\windows\system32\nvwimg.dll
- 2007-11-06 23:00:00 3,698,688 ----a-w c:\windows\system32\nvvitvs.dll
+ 2009-01-15 06:19:00 3,796,992 ----a-w c:\windows\system32\nvvitvs.dll
- 2007-11-06 23:00:00 2,486,272 ----a-w c:\windows\system32\nvwss.dll
+ 2009-01-15 06:19:00 2,744,320 ----a-w c:\windows\system32\nvwss.dll
- 2008-03-01 13:01:53 102,912 ------w c:\windows\system32\occache.dll
+ 2008-10-16 20:18:42 102,912 ------w c:\windows\system32\occache.dll
- 2004-09-15 12:00:00 216,064 ----a-w c:\windows\system32\osk.exe
+ 2006-10-04 13:33:17 216,064 ----a-w c:\windows\system32\osk.exe
- 2008-04-23 14:01:12 59,916 ----a-w c:\windows\system32\perfc009.dat
+ 2008-11-12 19:18:40 67,696 ----a-w c:\windows\system32\perfc009.dat
- 2008-04-23 14:01:12 73,026 ----a-w c:\windows\system32\perfc00B.dat
+ 2008-11-12 19:18:40 80,806 ----a-w c:\windows\system32\perfc00B.dat
- 2008-04-23 14:01:12 397,696 ----a-w c:\windows\system32\perfh009.dat
+ 2008-11-12 19:18:40 432,992 ----a-w c:\windows\system32\perfh009.dat
- 2008-04-23 14:01:12 372,470 ----a-w c:\windows\system32\perfh00B.dat
+ 2008-11-12 19:18:40 407,306 ----a-w c:\windows\system32\perfh00B.dat
+ 2006-10-24 10:30:20 412,160 ------w c:\windows\system32\photometadatahandler.dll
+ 2008-10-07 07:13:30 197,912 ----a-w c:\windows\system32\physxcudart_20.dll
- 2008-03-01 13:01:53 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 20:18:42 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2006-10-18 19:47:18 284,160 ------w c:\windows\system32\PortableDeviceApi.dll
+ 2006-10-18 19:47:18 101,888 ------w c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-10-18 19:47:18 166,912 ------w c:\windows\system32\PortableDeviceTypes.dll
+ 2006-10-18 19:47:18 132,096 ------w c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-10-18 19:47:18 199,168 ------w c:\windows\system32\PortableDeviceWMDRM.dll
+ 2006-10-20 19:29:52 104,224 ----a-w c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
+ 2006-10-20 19:29:58 344,352 ----a-w c:\windows\system32\PresentationHost.exe
+ 2006-10-20 19:29:46 20,768 ----a-w c:\windows\system32\PresentationHostProxy.dll
+ 2006-10-20 19:30:02 769,312 ----a-w c:\windows\system32\PresentationNative_v0300.dll
+ 2006-10-14 14:43:38 124,416 ------w c:\windows\system32\prntvpt.dll
- 2005-01-28 11:44:28 221,184 ----a-w c:\windows\system32\qasf.dll
+ 2006-10-18 19:47:18 211,456 ----a-w c:\windows\system32\qasf.dll
- 2007-10-29 22:43:51 1,288,192 ----a-w c:\windows\system32\quartz.dll
+ 2008-05-07 05:15:43 1,288,192 ----a-w c:\windows\system32\quartz.dll
+ 2004-09-15 12:00:00 23,040 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\mouclass.sys
+ 2004-09-15 12:00:00 12,160 ----a-w c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\mouhid.sys
+ 2009-01-15 06:19:00 6,168,960 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nv4_disp.dll
+ 2009-01-15 06:19:00 6,301,248 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nv4_mini.sys
+ 2009-01-15 06:19:00 663,552 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvapi.dll
+ 2009-01-15 06:19:00 135,168 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvcod.dll
+ 2009-01-15 06:19:00 13,680,640 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvcpl.dll
+ 2009-01-15 06:19:00 1,560,576 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvcuda.dll
+ 2009-01-15 06:19:00 4,710,400 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvdisps.dll
+ 2009-01-15 06:19:00 3,489,792 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvgames.dll
+ 2009-01-15 06:19:00 229,376 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvmccs.dll
+ 2009-01-15 06:19:00 45,056 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvmccsrs.dll
+ 2009-01-15 06:19:00 188,416 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvmccss.dll
+ 2009-01-15 06:19:00 86,016 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvmctray.dll
+ 2009-01-15 06:19:00 1,286,144 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvmobls.dll
+ 2009-01-15 06:19:00 9,412,608 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvoglnt.dll
+ 2009-01-15 06:19:00 163,908 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvsvc32.exe
+ 2009-01-15 06:19:00 81,920 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvwddi.dll
+ 2009-01-15 06:19:00 3,796,992 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvvitvs.dll
+ 2009-01-15 06:19:00 2,744,320 ----a-w c:\windows\system32\ReinstallBackups\0007\DriverFiles\nvwss.dll
+ 2008-10-07 11:33:00 6,058,112 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nv4_disp.dll
+ 2008-10-07 11:33:00 6,133,856 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nv4_mini.sys
+ 2008-10-07 11:33:00 475,136 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvapi.dll
+ 2008-10-07 11:33:00 122,880 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvcod.dll
+ 2008-10-07 11:33:00 13,574,144 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvcpl.dll
+ 2008-10-07 11:33:00 1,368,064 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvcuda.dll
+ 2008-10-07 11:33:00 3,989,504 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvdisps.dll
+ 2008-10-07 11:33:00 3,444,736 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvgames.dll
+ 2008-10-07 11:33:00 229,376 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvmccs.dll
+ 2008-10-07 11:33:00 188,416 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvmccss.dll
+ 2008-10-07 11:33:00 86,016 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvmctray.dll
+ 2008-10-07 11:33:00 1,257,472 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvmobls.dll
+ 2008-10-07 11:33:00 286,720 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvnt4cpl.dll
+ 2008-10-07 11:33:00 8,826,880 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvoglnt.dll
+ 2008-10-07 11:33:00 163,908 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvsvc32.exe
+ 2008-10-07 11:33:00 81,920 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvwddi.dll
+ 2008-10-07 11:33:00 3,764,224 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvvitvs.dll
+ 2008-10-07 11:33:00 2,686,976 ----a-w c:\windows\system32\ReinstallBackups\0008\DriverFiles\nvwss.dll
+ 2006-08-24 14:15:06 150,808 ----a-w c:\windows\system32\rgb9rast_2.dll
+ 2008-07-18 19:10:20 36,552 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784\wups.dll
+ 2008-10-16 12:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-07-18 19:10:40 45,768 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784\wups2.dll
+ 2008-10-16 12:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
- 2006-12-10 12:10:04 14,640 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 12:39:27 17,272 ------w c:\windows\system32\spmsg.dll
+ 2006-06-29 11:07:36 14,048 ------w c:\windows\system32\spmsg2.dll
+ 2006-10-14 14:43:18 751,104 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
+ 2006-10-14 14:42:40 131,584 ----a-w c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
+ 2006-10-14 14:42:18 376,320 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
+ 2006-10-14 14:42:28 510,464 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
+ 2006-10-14 14:40:36 619,008 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unires.dll
+ 2006-10-14 18:22:00 1,698,048 ----a-w c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
+ 2006-10-14 14:43:18 27,648 ----a-w c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2006-10-14 14:44:44 671,744 ------w c:\windows\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe
+ 2006-10-14 15:13:02 34,304 ----a-w c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
+ 2006-10-14 15:12:14 737,792 ----a-w c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2006-10-14 18:09:04 2,946,304 ----a-w c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
+ 2006-10-14 15:12:14 737,792 ----a-w c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
+ 2006-10-14 18:09:04 2,946,304 ----a-w c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
+ 2006-10-14 14:43:18 751,104 ----a-w c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
+ 2006-10-14 18:22:00 1,698,048 ----a-w c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
+ 2006-10-14 14:43:18 751,104 ----a-w c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
+ 2006-10-14 18:22:00 1,698,048 ----a-w c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
- 2006-09-06 15:43:26 22,752 ----a-w c:\windows\system32\spupdsvc.exe
+ 2006-10-16 14:10:58 23,856 ----a-w c:\windows\system32\spupdsvc.exe
+ 2006-06-01 15:47:40 40,960 ----a-w c:\windows\system32\stereoi.dll
- 2006-08-24 11:19:40 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:17:02 247,326 ----a-w c:\windows\system32\strmdll.dll
+ 2006-11-29 15:21:29 370,688 ----a-w c:\windows\system32\swsc.exe
- 2007-11-13 11:31:11 60,416 ------w c:\windows\system32\tzchange.exe
+ 2008-10-22 09:47:07 62,976 ------w c:\windows\system32\tzchange.exe
+ 2006-10-20 19:29:54 159,008 ----a-w c:\windows\system32\UIAutomationCore.dll
- 2004-09-15 12:00:00 36,352 ----a-w c:\windows\system32\umandlg.dll
+ 2006-10-04 13:38:23 36,352 ----a-w c:\windows\system32\umandlg.dll
- 2008-03-01 13:01:53 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-10-16 20:18:42 105,984 ----a-w c:\windows\system32\url.dll
- 2008-03-01 13:01:53 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 20:18:43 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2004-09-15 12:00:00 50,176 ----a-w c:\windows\system32\utilman.exe
+ 2006-10-04 13:33:16 50,176 ----a-w c:\windows\system32\utilman.exe
- 2005-01-28 11:44:28 47,104 ----a-w c:\windows\system32\uwdf.exe
+ 2006-10-18 19:58:00 8,704 ----a-w c:\windows\system32\uwdf.exe
+ 2004-10-19 01:01:00 49,152 ----a-r c:\windows\system32\V0090Hwx.dll
+ 2004-10-18 01:01:00 36,864 ----a-r c:\windows\system32\V0090Pin.dll
+ 2004-07-08 01:00:00 20,480 ----a-r c:\windows\system32\V0090Srv.exe
+ 2004-07-12 01:00:00 10,240 ----a-r c:\windows\system32\V0090Sti.dll
+ 2004-10-18 01:01:00 126,976 ----a-r c:\windows\system32\V0090Vfw.dll
+ 2008-10-10 10:00:26 182,056 ----a-w c:\windows\system32\Wacom_Tablet.dll
+ 2008-10-10 10:13:08 2,749,224 ----a-w c:\windows\system32\Wacom_Tablet.exe
- 2005-01-28 11:44:28 15,872 ----a-w c:\windows\system32\wdfapi.dll
+ 2006-10-18 19:47:18 4,096 ----a-w c:\windows\system32\wdfapi.dll
- 2005-01-28 11:44:28 38,912 ----a-w c:\windows\system32\wdfmgr.exe
+ 2006-10-18 19:58:00 8,704 ----a-w c:\windows\system32\wdfmgr.exe
- 2008-03-01 13:01:53 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-10-16 20:18:43 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2004-09-14 13:12:00 53,760 ----a-w c:\windows\system32\vfwwdm32.dll
- 2008-03-20 08:09:41 1,845,504 ----a-w c:\windows\system32\win32k.sys
+ 2008-09-15 15:40:30 1,846,272 ----a-w c:\windows\system32\win32k.sys
+ 2006-10-24 10:30:06 716,288 ------w c:\windows\system32\WindowsCodecs.dll
+ 2006-10-24 10:29:50 352,256 ------w c:\windows\system32\WindowsCodecsExt.dll
- 2008-03-01 13:01:53 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-16 20:18:43 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-10 09:50:10 172,840 ----a-w c:\windows\system32\Wintab32.dll
- 2005-01-28 11:44:28 396,528 ----a-w c:\windows\system32\wmadmod.dll
+ 2006-10-18 19:47:18 757,248 ----a-w c:\windows\system32\wmadmod.dll
- 2005-01-28 11:44:28 716,288 ----a-w c:\windows\system32\wmadmoe.dll
+ 2006-10-18 19:47:18 1,117,696 ----a-w c:\windows\system32\WMADMOE.dll
- 2007-10-20 04:01:32 227,328 ----a-w c:\windows\system32\wmasf.dll
+ 2007-10-25 07:28:30 222,720 ----a-w c:\windows\system32\wmasf.dll
- 2005-01-28 11:44:28 28,160 ----a-w c:\windows\system32\WMDMLOG.dll
+ 2006-10-18 19:47:18 33,792 ----a-w c:\windows\system32\wmdmlog.dll
- 2005-01-28 11:44:28 33,792 ----a-w c:\windows\system32\WMDMPS.dll
+ 2006-10-18 19:47:18 37,376 ----a-w c:\windows\system32\wmdmps.dll
- 2005-01-28 11:44:28 335,872 ----a-w c:\windows\system32\WMDRMdev.dll
+ 2006-10-18 19:47:18 429,056 ----a-w c:\windows\system32\wmdrmdev.dll
- 2005-01-28 11:44:28 290,816 ----a-w c:\windows\system32\WMDRMNet.dll
+ 2006-10-18 19:47:20 348,672 ----a-w c:\windows\system32\wmdrmnet.dll
+ 2006-10-18 19:47:20 535,040 ------w c:\windows\system32\wmdrmsdk.dll
- 2005-01-28 11:44:28 150,016 ----a-w c:\windows\system32\wmidx.dll
+ 2006-10-18 19:47:20 157,184 ----a-w c:\windows\system32\wmidx.dll
- 2005-01-28 11:44:28 1,027,072 ----a-w c:\windows\system32\wmnetmgr.dll
+ 2008-06-18 03:03:08 938,496 ----a-w c:\windows\system32\WMNetmgr.dll
+ 2006-10-24 10:30:00 276,992 ------w c:\windows\system32\WMPhoto.dll
+ 2004-09-15 12:00:00 221,184 ----a-w c:\windows\system32\wmpns.dll
- 2005-01-28 11:44:28 774,904 ----a-w c:\windows\system32\wmsdmod.dll
+ 2006-10-18 19:47:22 4,096 ----a-w c:\windows\system32\wmsdmod.dll
- 2005-01-28 11:44:28 1,119,744 ----a-w c:\windows\system32\wmsdmoe2.dll
+ 2006-10-18 19:47:22 4,096 ----a-w c:\windows\system32\wmsdmoe2.dll
- 2005-01-28 11:44:28 413,944 ----a-w c:\windows\system32\wmspdmod.dll
+ 2006-10-18 19:47:22 603,648 ----a-w c:\windows\system32\WMSPDMOD.dll
- 2005-01-28 11:44:28 940,544 ----a-w c:\windows\system32\wmspdmoe.dll
+ 2006-10-18 19:47:22 1,329,152 ----a-w c:\windows\system32\WMSPDMOE.dll
- 2005-01-28 11:44:28 1,218,808 ----a-w c:\windows\system32\wmvadvd.dll
+ 2006-10-18 19:47:22 4,096 ----a-w c:\windows\system32\WMVADVD.dll
- 2005-01-28 11:44:28 1,512,448 ----a-w c:\windows\system32\WMVADVE.DLL
+ 2006-10-18 19:47:22 4,096 ----a-w c:\windows\system32\WMVADVE.DLL
- 2006-12-07 05:29:34 2,374,472 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-18 03:03:14 2,458,112 ----a-w c:\windows\system32\WMVCore.dll
+ 2006-10-18 19:47:22 1,543,680 ------w c:\windows\system32\WMVDECOD.dll
- 2005-01-28 11:44:28 895,736 ----a-w c:\windows\system32\wmvdmod.dll
+ 2006-10-18 19:47:22 4,096 ----a-w c:\windows\system32\wmvdmod.dll
- 2005-01-28 11:44:28 1,003,008 ----a-w c:\windows\system32\wmvdmoe2.dll
+ 2006-10-18 19:47:22 4,096 ----a-w c:\windows\system32\wmvdmoe2.dll
+ 2006-10-18 19:47:22 1,574,912 ------w c:\windows\system32\WMVENCOD.dll
+ 2006-10-18 19:47:22 1,382,912 ------w c:\windows\system32\WMVSDECD.dll
+ 2006-10-18 19:47:22 767,488 ------w c:\windows\system32\WMVSENCD.dll
+ 2006-10-18 19:47:22 656,896 ------w c:\windows\system32\WMVXENCD.dll
- 2005-01-28 11:44:28 38,912 ----a-w c:\windows\system32\wpd_ci.dll
+ 2006-10-18 19:47:22 629,760 ----a-w c:\windows\system32\wpd_ci.dll
- 2005-01-28 11:44:28 61,952 ----a-w c:\windows\system32\wpdconns.dll
+ 2006-10-18 19:47:22 35,840 ----a-w c:\windows\system32\wpdconns.dll
- 2005-01-28 11:44:28 114,176 ----a-w c:\windows\system32\wpdmtp.dll
+ 2006-10-18 19:47:22 154,624 ----a-w c:\windows\system32\wpdmtp.dll
- 2005-01-28 11:44:28 66,560 ----a-w c:\windows\system32\wpdmtpus.dll
+ 2006-10-18 19:47:22 63,488 ----a-w c:\windows\system32\wpdmtpus.dll
+ 2006-10-18 19:47:22 2,603,008 ------w c:\windows\system32\WpdShext.dll
+ 2006-10-18 18:00:14 17,408 ------w c:\windows\system32\wpdshextautoplay.exe
+ 2006-11-02 09:52:06 39,936 ------w c:\windows\system32\wpdshextres.dll
+ 2006-10-18 19:47:22 133,632 ------w c:\windows\system32\WPDShServiceObj.dll
- 2005-01-28 11:44:28 331,264 ----a-w c:\windows\system32\wpdsp.dll
+ 2006-10-18 19:47:22 356,352 ----a-w c:\windows\system32\wpdsp.dll
+ 2008-10-10 10:13:40 159,528 ----a-w c:\windows\system32\WTablet\Wacom_TabletUser.exe
- 2007-07-30 17:19:36 549,720 ----a-w c:\windows\system32\wuapi.dll
+ 2008-10-16 12:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll
- 2007-07-30 17:19:16 53,080 ----a-w c:\windows\system32\wuauclt.exe
+ 2008-10-16 12:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe
- 2007-07-30 17:19:42 1,712,984 ----a-w c:\windows\system32\wuaueng.dll
+ 2008-10-16 12:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
- 2007-07-30 17:19:32 325,976 ----a-w c:\windows\system32\wucltui.dll
+ 2008-10-16 12:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll
+ 2006-09-28 18:13:26 95,344 ------w c:\windows\system32\WUDFCoinstaller.dll
+ 2006-09-28 16:56:38 146,432 ------w c:\windows\system32\WudfHost.exe
+ 2006-09-28 16:56:16 165,376 ------w c:\windows\system32\WudfPlatform.dll
+ 2006-09-28 16:56:14 55,808 ------w c:\windows\system32\WudfSvc.dll
+ 2006-09-28 16:56:38 316,416 ------w c:\windows\system32\WUDFx.dll
- 2007-07-30 17:18:40 33,624 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 12:08:58 34,328 ----a-w c:\windows\system32\wups.dll
- 2007-07-30 17:19:12 43,352 ----a-w c:\windows\system32\wups2.dll
+ 2008-10-16 12:09:44 43,544 ----a-w c:\windows\system32\wups2.dll
- 2007-07-30 17:19:46 203,096 ----a-w c:\windows\system32\wuweb.dll
+ 2008-10-16 12:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
+ 2007-03-05 10:42:18 15,128 ----a-w c:\windows\system32\x3daudio1_1.dll
+ 2007-10-22 01:37:16 17,928 ----a-w c:\windows\system32\X3DAudio1_2.dll
+ 2008-03-05 14:00:06 25,608 ----a-w c:\windows\system32\X3DAudio1_3.dll
+ 2008-05-30 12:17:00 25,608 ----a-w c:\windows\system32\X3DAudio1_4.dll
+ 2008-10-27 08:04:16 23,376 ----a-w c:\windows\system32\X3DAudio1_5.dll
+ 2007-10-22 01:39:54 267,272 ----a-w c:\windows\system32\xactengine2_10.dll
+ 2006-07-28 07:30:32 236,824 ----a-w c:\windows\system32\xactengine2_3.dll
+ 2006-09-28 14:05:56 237,848 ----a-w c:\windows\system32\xactengine2_4.dll
+ 2006-12-08 10:02:00 251,672 ----a-w c:\windows\system32\xactengine2_5.dll
+ 2007-01-24 13:27:30 255,848 ----a-w c:\windows\system32\xactengine2_6.dll
+ 2007-04-04 16:55:00 261,480 ----a-w c:\windows\system32\xactengine2_7.dll
+ 2007-06-20 18:46:04 266,088 ----a-w c:\windows\system32\xactengine2_8.dll
+ 2007-07-19 22:57:12 267,112 ----a-w c:\windows\system32\xactengine2_9.dll
+ 2008-03-05 14:03:20 238,088 ----a-w c:\windows\system32\xactengine3_0.dll
+ 2008-05-30 12:18:52 238,088 ----a-w c:\windows\system32\xactengine3_1.dll
+ 2008-07-30 04:20:54 238,088 ----a-w c:\windows\system32\xactengine3_2.dll
+ 2008-10-27 08:04:16 235,856 ----a-w c:\windows\system32\xactengine3_3.dll
+ 2008-05-30 12:17:30 65,032 ----a-w c:\windows\system32\XAPOFX1_0.dll
+ 2008-07-30 04:20:56 68,616 ----a-w c:\windows\system32\XAPOFX1_1.dll
+ 2008-10-27 08:04:14 70,992 ----a-w c:\windows\system32\XAPOFX1_2.dll
+ 2008-03-05 14:03:54 479,752 ----a-w c:\windows\system32\XAudio2_0.dll
+ 2008-05-30 12:19:18 507,400 ----a-w c:\windows\system32\XAudio2_1.dll
+ 2008-07-30 04:20:56 509,448 ----a-w c:\windows\system32\XAudio2_2.dll
+ 2008-10-27 08:04:18 514,384 ----a-w c:\windows\system32\XAudio2_3.dll
+ 2006-07-28 07:30:14 62,744 ----a-w c:\windows\system32\xinput1_2.dll
+ 2007-04-04 16:53:42 81,768 ----a-w c:\windows\system32\xinput1_3.dll
+ 2007-11-26 19:56:20 10,155,840 ----a-w c:\windows\system32\xlive.dll
+ 2007-09-18 13:01:02 134,144 ----a-w c:\windows\system32\xlive\sqmapi.dll
+ 2007-11-26 19:56:20 13,653,824 ----a-w c:\windows\system32\xlivefnt.dll
+ 2006-10-14 18:21:58 580,352 ------w c:\windows\system32\XPSSHHDR.dll
+ 2006-10-14 18:22:00 1,698,048 ------w c:\windows\system32\XpsSvcs.dll
+ 2006-10-20 19:29:54 304,928 ----a-w c:\windows\system32\XPSViewer\XPSViewer.exe
+ 2009-02-11 13:16:23 16,384 ----atw c:\windows\TEMP\Perflib_Perfdata_1d0.dat
+ 2004-08-02 01:02:00 98,304 ----a-r c:\windows\twain_32\Creative\VF0090\CtTwain.dll
+ 2001-08-23 05:01:00 1,706,800 ----a-r c:\windows\twain_32\Creative\VF0090\Gdiplus.dll
+ 2004-12-07 01:00:00 86,016 ----a-r c:\windows\twain_32\Creative\VF0090\HookWnd.dll
+ 2004-10-18 01:01:00 20,480 ----a-r c:\windows\V0090Cfg.exe
+ 2008-09-30 14:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 14:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2008-07-29 10:55:02 95,744 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2006-12-01 19:56:00 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2006-12-01 19:54:32 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2006-12-01 19:54:34 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-01 19:54:32 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2006-12-01 21:25:52 1,101,824 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2006-12-01 21:25:56 1,093,120 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-01 21:25:58 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-01 21:26:00 57,856 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-01 21:08:00 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-01 21:08:00 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-01 21:08:00 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-01 21:08:00 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-01 21:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-01 21:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-01 21:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-01 21:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-01 21:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-01 21:46:44 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2007-11-06 23:19:32 161,784 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll
+ 2007-11-06 18:23:58 224,768 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2007-11-06 23:19:34 568,832 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-06 23:19:34 655,872 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-06 23:19:38 1,156,600 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll
+ 2007-11-06 23:19:38 1,162,744 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll
+ 2007-11-06 20:51:08 59,904 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll
+ 2007-11-06 20:51:08 59,904 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll
+ 2007-11-06 23:19:16 41,472 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll
+ 2007-11-06 23:19:16 41,984 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll
+ 2007-11-06 23:19:28 60,928 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll
+ 2007-11-06 23:19:22 54,272 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll
+ 2007-11-06 23:19:22 59,392 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll
+ 2007-11-06 23:19:22 59,392 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll
+ 2007-11-06 23:19:28 60,416 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll
+ 2007-11-06 23:19:28 59,392 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll
+ 2007-11-06 23:19:16 47,104 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll
+ 2007-11-06 23:19:16 46,592 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll
+ 2007-11-06 23:19:22 54,272 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-04-15 18:01:18 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
.
-- Snapshot nollattu tähän hetkeen --
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-09-15 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"Steam"="c:\program files\valve\steam\steam.exe" [2008-10-08 1410296]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-01-16 37376]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-07-07 1232152]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-09-15 c:\windows\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-09-15 15360]

c:\documents and settings\Eemeli\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

c:\documents and settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2008-04-23 1044480]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 18:24 1694208 c:\program files\Messenger\msmsgs.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\raqoo\\team fortress 2\\hl2.exe"=

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-06-15 96520]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-06-15 231192]
R2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2008-11-15 2749224]
R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [2008-09-27 4096]
R3 c65013264;C-Media CM6501 Like Sound UDAX Interface;c:\windows\system32\drivers\c6501.sys [2008-03-14 1310720]
S3 V0090VID;Creative WebCam Vista Plus;c:\windows\system32\drivers\V0090Vid.sys [2008-07-27 138112]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2008-11-15 15656]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8e-5f12-11dd-9516-001966572726}]
\Shell\AutoRun\command - H:\EasySuite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ea10d8f-5f12-11dd-9516-001966572726}]
\Shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b860725e-f1fa-11dc-a82f-806d6172696f}]
\Shell\AutoRun\command - e:\bin\assetup.exe
.
'Ajoitetut tehtävät'-kansion sisältö

2009-02-08 c:\windows\Tasks\At51.job
- c:\windows\system32\b72TkovW.exe []
.
- - - - POISTETUT JÄMÄRIVIT - - - -

HKLM-Run-C6501Sound - c6501.cpl

.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://www.google.fi/
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Vie Microsoft E&xceliin - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Eemeli\Application Data\Mozilla\Firefox\Profiles\j7jf3joj.default\
FF - prefs.js: browser.search.selectedEngine - Zybez Item Database
FF - prefs.js: browser.startup.homepage - hxxp://www.blackle.com/
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-11 20:16:37
Windows 5.1.2600 Service Pack 2 NTFS

tarkistaa piilotettuja prosesseja ...

tarkistaa piilotettuja käynnistysarvoja ...

tarkistaa piilotettuja tiedostoja ...

tarkistus on valmis
piilotetut tiedostot: 0

**************************************************************************
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------

[HKEY_USERS\S-1-5-21-682003330-746137067-839522115-1003\Software\Sony Creative Software\M*e*d*i*a* *M*a*n*a*g*e*r* *f*o*r* *P*S*P*"!\3.0]
"FRT"="V4PAPBqwS75qkh8rqofRAA5cBW+ntWAdVl7vD7obsfSu+HDZuhIo3w=="
"PLCK"="hpuAVHqKsGJ/5mNT7UgwU9JMMwVU+bb8"
"Percents"="0 0.0958 0.2056 0.4338 0.8155 0.8831 0.8873 "
"Increment"=".005988"
"PHSH"=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\�•€|ÿÿÿÿ"•€|þ»Ów*]
"b049C053C7D38EE4AB9A00CB3B5D2472"="C?\\Program Files\\Common Files\\Microsoft Shared\\Web Folders\\PUBPLACE.HTT"
.
Valmistumisajankohta: 2009-02-11 20:17:55
ComboFix-quarantined-files.txt 2009-02-11 18:17:53
ComboFix2.txt 2009-02-10 20:36:54

Ennen ajoa: 28,257,906,688 tavua vapaana
Ajon jälkeen: 28,243,173,376 tavua vapaana

2035 --- E O F --- 2009-01-14 22:08:09

Hujo · 12.02.2009

Escan
Ohjeet tuolla sivulla.
http://koti.mbnet.fi/pattaya1/escanmwav.htm
lataa tuosta
http://www.spywareinfo.dk/download/mwav.exe
päivitä tuosta
http://koti.mbnet.fi/pattaya1/lataus/Mwav.bat
laita täpit merkkauksien mukaan
http://koti.mbnet.fi/pattaya1/eScan6.jpg

scannaa

jos ala luukkuun tulee jotain niin kopioi se näin:
Käytä komentoa Ctrl+A.
Kopioi rivit komennolla Ctrl+C.
Liitä rivit komennolla Ctrl+V.

Laita virus log tänne.

Helppu · 16.02.2009

Tuo päivityslinkki on rikkinäinen.

Hujo · 17.02.2009

Nyt tuon alla olevan lainauksen sisällön Kopioit / liität Tyhjään muistioon
käynnistä nappi >apuohjelmat > muistio

File::
c:\windows\system32\b72TkovW.exe
c:\windows\Tasks\At51.job

Laajenna...

Tallenna se nimellä CFScript.txt työpöydälle

tallennusmuto kaikki teidostot

Sitten raahaa CFScript ComboFix.exeen kuten alla.

combofix työstää tulee sininen taulu paina numeroa 1 ja enter

Laita tuleva loki tänne.

Sammutat ja käynnistät koneen

Kirjaudu tai liity jäseneksi

Kone ruvennu kaatuilemaan hjt logi

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Jaa tämä sivu

Kirjaudu tai liity jäseneksi

Kone ruvennu kaatuilemaan hjt logi

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Helppu Member

Hujo Guest

Jaa tämä sivu

Hyödyllisiä hakuja